www.ewg.org Open in urlscan Pro
2606:4700:10::ac43:6f2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ewg.org/skindeep/
Submission: On October 07 via api (October 7th 2023, 1:53:44 am UTC) from US — Scanned from DE

Summary HTTP 146 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 26 domains to perform 146 HTTP transactions. The main IP is 2606:4700:10::ac43:6f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ewg.org. The Cisco Umbrella rank of the primary domain is 255654.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 2nd 2023. Valid for: a year.

This is the only time www.ewg.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 48	2606:4700:10:... 2606:4700:10::ac43:6f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:225... 2600:9000:2251:f400:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:310... 2a02:26f0:3100::1735:29f9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	172.67.72.38 172.67.72.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
4	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
1	143.204.98.103 143.204.98.103	16509 (AMAZON-02) (AMAZON-02)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.26.5.251 104.26.5.251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	52.84.186.88 52.84.186.88	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	52.57.67.90 52.57.67.90	16509 (AMAZON-02) (AMAZON-02)
1 5	2606:4700:e6:... 2606:4700:e6::ac40:c514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:e6:... 2606:4700:e6::ac40:c414	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:5c00:10:fb15:b700:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f14:50b... 2600:1f14:50b:9a02:2b8:e236:39c9:797c	16509 (AMAZON-02) (AMAZON-02)
13	2600:9000:225... 2600:9000:2251:a00:b:8c20:bf40:21	16509 (AMAZON-02) (AMAZON-02)
146	34

48 2606:4700:10::ac43:6f2 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.ewg.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ewg.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
phorcys-static.ewg.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:f400:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:29f9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.72.38 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
actions.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-103.fra50.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

fndrsp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.26.5.251 (None, )

ASN13335 (CLOUDFLARENET, US)

static.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.186.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-186-88.cdg50.r.cloudfront.net

d1aqhv4sn5kxtx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.57.67.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-67-90.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e6::ac40:c514 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

ewg.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:c414 (United States)

ASN13335 (CLOUDFLARENET, US)

display.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5c00:10:fb15:b700:21 (United States)

ASN16509 (AMAZON-02, US)

d362h7pxdteoyk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:50b:9a02:2b8:e236:39c9:797c (Boardman, United States)

ASN16509 (AMAZON-02, US)

tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2251:a00:b:8c20:bf40:21 (United States)

ASN16509 (AMAZON-02, US)

d3lopmpcew67el.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	ewg.org 2 redirects www.ewg.org — Cisco Umbrella Rank: 255654 static.ewg.org — Cisco Umbrella Rank: 438215 phorcys-static.ewg.org — Cisco Umbrella Rank: 452358	1 MB
18	fundraiseup.com cdn.fundraiseup.com — Cisco Umbrella Rank: 36096 static.fundraiseup.com — Cisco Umbrella Rank: 33636	849 KB
18	cloudfront.net d3rse9xjbp8270.cloudfront.net d1aqhv4sn5kxtx.cloudfront.net d362h7pxdteoyk.cloudfront.net d3lopmpcew67el.cloudfront.net	1 MB
6	popt.in 1 redirects cdn.popt.in — Cisco Umbrella Rank: 32237 display.popt.in — Cisco Umbrella Rank: 32055 fonts.popt.in — Cisco Umbrella Rank: 78757	68 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	22 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	20 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 560 p.typekit.net — Cisco Umbrella Rank: 722	109 KB
5	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3369	9 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	278 B
4	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2397 ekr.zdassets.com — Cisco Umbrella Rank: 2723	277 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	110 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	122 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 427	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	288 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6147	563 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	fndrsp.net fndrsp.net — Cisco Umbrella Rank: 32575	739 B
2	everyaction.com actions.everyaction.com — Cisco Umbrella Rank: 185897	5 KB
2	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 76744	2 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	19 KB
1	on.aws tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws — Cisco Umbrella Rank: 75165	1 KB
1	zendesk.com ewg.zendesk.com — Cisco Umbrella Rank: 469073	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153	2 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1361	50 KB
1	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 40730	44 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	7 KB
146	26

	Domain	Requested by
32	static.ewg.org	www.ewg.org
17	static.fundraiseup.com	cdn.fundraiseup.com
14	www.ewg.org	2 redirects www.ewg.org static.cloudflareinsights.com
13	d3lopmpcew67el.cloudfront.net	cdnjs.cloudflare.com
5	tags.srv.stackadapt.com	www.ewg.org tags.srv.stackadapt.com
5	use.typekit.net	www.ewg.org use.typekit.net
4	www.facebook.com
4	cdn.popt.in	www.googletagmanager.com cdnjs.cloudflare.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	stats.g.doubleclick.net	www.ewg.org www.google-analytics.com
3	cdnjs.cloudflare.com	cdn.popt.in cdnjs.cloudflare.com
3	connect.facebook.net	www.ewg.org connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	www.googletagmanager.com	www.ewg.org www.googletagmanager.com
3	static.zdassets.com	www.ewg.org static.zdassets.com
3	d3rse9xjbp8270.cloudfront.net	www.ewg.org d3rse9xjbp8270.cloudfront.net
2	www.google.de
2	www.google.com	1 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	fndrsp.net	cdn.fundraiseup.com
2	actions.everyaction.com	d3rse9xjbp8270.cloudfront.net
2	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net
2	phorcys-static.ewg.org	www.ewg.org
2	cdn.jsdelivr.net	www.ewg.org
1	tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws
1	fonts.popt.in	1 redirects
1	d362h7pxdteoyk.cloudfront.net	cdnjs.cloudflare.com
1	display.popt.in	cdnjs.cloudflare.com
1	ewg.zendesk.com	static.zdassets.com
1	d1aqhv4sn5kxtx.cloudfront.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	js.verygoodvault.com	d3rse9xjbp8270.cloudfront.net
1	ekr.zdassets.com	static.zdassets.com
1	cdn.fundraiseup.com	www.ewg.org
1	p.typekit.net	use.typekit.net
1	static.cloudflareinsights.com	www.ewg.org
146	38

This site contains links to these domains. Also see Links.

Domain
act.ewg.org
www.youtube.com
play.google.com
apps.apple.com
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
static.ewg.org Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-02`	a year	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
fundraiseup.com Cloudflare Inc ECC CA-3	`2023-05-22` - `2024-05-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.ngpvan.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-12-09` - `2023-12-08`	a year	crt.sh
*.verygoodvault.com Amazon RSA 2048 M02	`2023-02-28` - `2024-02-16`	a year	crt.sh
*.everyaction.com RapidSSL TLS ECC CA G1	`2023-03-17` - `2024-04-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-15` - `2023-10-13`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
popt.in E1	`2023-09-12` - `2023-12-11`	3 months	crt.sh
ewg.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.ewg.org/skindeep/
Frame ID: 91414CDA214ADD3961EECF959475001E
Requests: 145 HTTP requests in this frame

Frame: https://www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: A2671B39391042BD3953F8DD624937FB
Requests: 4 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Frame ID: 9346A995C95A33F689DEF2EE9F67D381
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EWG Skin Deep® Cosmetics Database

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

146
Requests

97 %
HTTPS

70 %
IPv6

26
Domains

38
Subdomains

34
IPs

5
Countries

4680 kB
Transfer

11072 kB
Size

57
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://act.ewg.org/onlineactions/hiU4DG2LikWIylNrpCTlBw2?sourceid=1016803
Title: DONATE

Search URL Search Domain Scan URL

URL: https://act.ewg.org/onlineactions/qRKdI-XRb0-5uhcms39oQg2?sourceid=1012020&ms=WEB_SkinDeep_9998_NAV
Title: GET UPDATES

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/Yzkzb7coAEE?autoplay=1

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.skindeep.mobile&hl=en&utm_campaign=SkinDeepHPCTA
Title: Android

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id703155791?pt=213981&ct=Skin%20Deep%20HP%20CTA&mt=8
Title: Apple

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ewg.org

Search URL Search Domain Scan URL

URL: https://twitter.com/ewg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/environmentalworkinggroup

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/EnvironmentalWG

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://www.ewg.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 58

https://www.ewg.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 105

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071783566/?random=510658773&cv=11&fst=1696643616889&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=0&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&value=0&auid=1083048024.1696643617&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=IbogZfPZIYKS7_UPx-CymAo&sscte=1&crd=&eitems=ChEI8OD-qAYQ34yopoSCrOOPARIdAHkFAjOA5rDjnYqwArWiUjZVni_zGZzmpvTScCY&pscrd=Ek5DaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVlBdE1TZkoxaGt2M2VmcGk1TC1TUW9PQUpGdDZwSWEwVVo2ZHlqS1hDWFdvaGNUTlItNEEaWkNoRUk4T0QtcUFZUW1vWDJsZGJ4cFpfN0FSSXVBTmxNaHZCd3dtMkk2Q1kwNHJQQXFMMEJ4MHJLUWlYMnBJZm43bXJNMW54QUM4TFJPZWlHYXRIWkdwZ3AzZyITCLPuiYHq4oEDFQLJuwgdR7AMow HTTP 302
https://www.google.com/pagead/1p-conversion/1071783566/?random=510658773&cv=11&fst=1696643616889&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=0&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&value=0&auid=1083048024.1696643617&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVlBdE1TZkoxaGt2M2VmcGk1TC1TUW9PQUpGdDZwSWEwVVo2ZHlqS1hDWFdvaGNUTlItNEEaWkNoRUk4T0QtcUFZUW1vWDJsZGJ4cFpfN0FSSXVBTmxNaHZCd3dtMkk2Q1kwNHJQQXFMMEJ4MHJLUWlYMnBJZm43bXJNMW54QUM4TFJPZWlHYXRIWkdwZ3AzZyITCLPuiYHq4oEDFQLJuwgdR7AMow&is_vtc=1&ocp_id=IbogZfPZIYKS7_UPx-CymAo&cid=CAQSKQDICaaNhDl0wvFH-yRPLZyf6gl7vRnvu6dHhOQHz1mnoG6ygYY_d76E&eitems=ChEI8OD-qAYQ34yopoSCrOOPARIdAHkFAjMv-hmLf8DnV0qXwUxQ-Vkv4QoFCVTcPQY&random=3810402535 HTTP 302
https://www.google.de/pagead/1p-conversion/1071783566/?random=510658773&cv=11&fst=1696643616889&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=0&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&value=0&auid=1083048024.1696643617&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVlBdE1TZkoxaGt2M2VmcGk1TC1TUW9PQUpGdDZwSWEwVVo2ZHlqS1hDWFdvaGNUTlItNEEaWkNoRUk4T0QtcUFZUW1vWDJsZGJ4cFpfN0FSSXVBTmxNaHZCd3dtMkk2Q1kwNHJQQXFMMEJ4MHJLUWlYMnBJZm43bXJNMW54QUM4TFJPZWlHYXRIWkdwZ3AzZyITCLPuiYHq4oEDFQLJuwgdR7AMow&is_vtc=1&ocp_id=IbogZfPZIYKS7_UPx-CymAo&cid=CAQSKQDICaaNhDl0wvFH-yRPLZyf6gl7vRnvu6dHhOQHz1mnoG6ygYY_d76E&eitems=ChEI8OD-qAYQ34yopoSCrOOPARIdAHkFAjMv-hmLf8DnV0qXwUxQ-Vkv4QoFCVTcPQY&random=3810402535&ipr=y

Request Chain 127

https://fonts.popt.in/?family=Poppins&display=swap HTTP 302
https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/?family=Poppins&display=swap

146 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ewg.org/skindeep/ 64 KB
11 KB 471ms
353ms Document
text/html 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/skindeep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

092eb1cc8a065c048f13b6d256f2a1fcfbb6edd4d6862f8c45dbd22fb95d63e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=1800, must-revalidate
cf-cache-status: REVALIDATED
cf-ray: 812282e00fa5927d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 07 Oct 2023 01:53:35 GMT
link: </skindeep/assets/application-33d7786ddcb422f8a40394945b89bcc4c1faf1b466837a23ce919b74aee8ade5.css>; rel=preload; as=style; nopush,</skindeep/assets/application-4fbfd2124c9536eb9f5c87d5aff1d801ca50dd6248a40bd91d5eab80e269a8e0.js>; rel=preload; as=script; nopush
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 92cfd3aa-788e-4df5-bcf9-bc420bc9c07a
x-runtime: 0.105577
x-xss-protection: 1; mode=block

GET
H2 200 application-33d7786ddcb422f8a40394945b89bcc4c1faf1b466837a23ce919b74aee8ade5.css
www.ewg.org/skindeep/assets/ 234 KB
42 KB 62ms
61ms Stylesheet
text/css 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ewg.org/skindeep/assets/application-33d7786ddcb422f8a40394945b89bcc4c1faf1b466837a23ce919b74aee8ade5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f398f5e5f249fa9cf6c62078d0e3e620c099d818f6c8de062765e15023949b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-runtime: 0.001546
date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 84
etag: W/"33d7786ddcb422f8a40394945b89bcc4c1faf1b466837a23ce919b74aee8ade5"
cf-polished: origSize=242337
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-ray: 812282e248da927d-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 326c97dc-b0ac-443c-95aa-add329628506

GET
H2 200 application-4fbfd2124c9536eb9f5c87d5aff1d801ca50dd6248a40bd91d5eab80e269a8e0.js Show response
www.ewg.org/skindeep/assets/ 180 KB
56 KB 241ms
240ms Script
application/javascript 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ewg.org/skindeep/assets/application-4fbfd2124c9536eb9f5c87d5aff1d801ca50dd6248a40bd91d5eab80e269a8e0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36431667a50d408c0cdfdf90bd79b0a2c4b40efec6b0b0e6445905fed7fb6dd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-runtime: 0.001538
date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
server: cloudflare
etag: W/"4fbfd2124c9536eb9f5c87d5aff1d801ca50dd6248a40bd91d5eab80e269a8e0"
cf-polished: origSize=184823
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 812282e248db927d-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 62d853c9-de09-4be1-8e51-bad38021eb84

GET
H2 200 bLMY4IbeO5Zdzi60Vrh0H1RYRxE.js Show response
www.ewg.org/cdn-cgi/apps/head/ 4 KB
2 KB 58ms
57ms Script
application/javascript 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ewg.org/cdn-cgi/apps/head/bLMY4IbeO5Zdzi60Vrh0H1RYRxE.js
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46954197136ba6c46bc950e1bdc5f339be1718a510cb5b9508cb3a965d2a5d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
x-amz-version-id: Ee77d5bFTzlnaYLHr8.lFL5T5uvSa7nt
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Apr 2022 18:32:07 GMT
server: cloudflare
x-amz-request-id: QWCFF3W22YQ00HPY
age: 984483
etag: W/"98eaf1726317685cb6a43f5317a6ca2b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 812282e248dd927d-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KnkoIufpd6O+fLM6jpjUKapCr3+ZbDzS31sF+aC1q8NBywzob66LApN55UQC7l5SjHMfOi8DJMs=

GET
H2 200 hero-bg-home.png
static.ewg.org/skindeep/img/ 416 KB
416 KB 361ms
339ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/hero-bg-home.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a0440e98130b5a75a59f6e01af2ef189101302b0e48d11b43360e907ba3b7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "5c7b0b97145101c21ab081e7da51bf15"
cf-polished: origFmt=png, origSize=441531
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
content-disposition: inline; filename="hero-bg-home.webp"
accept-ranges: bytes
cf-ray: 812282e268f6927d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 425754

GET
H2 200 gjx0dil.css
use.typekit.net/ 8 KB
1 KB 160ms
42ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/gjx0dil.css

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

54ac646fb7f53b96352444aec92464b44ea2cccb6557f1f0aafa78011f4d09a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sat, 07 Oct 2023 01:53:35 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1062

GET
H2 200 glightbox.min.css
cdn.jsdelivr.net/npm/glightbox/dist/css/ 13 KB
3 KB 131ms
46ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/glightbox/dist/css/glightbox.min.css

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d3f62d4d17969f9c70e9438cf671004725019e868123f2ebc295a006f8d5d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2889
x-jsd-version: 3.2.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230105-FRA, cache-jnb7021-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"35b5-O1t5BPT0vPVZWcLs71CCG9kRACE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2Fh%2F%2BAlGub2HM95dYd2KYWwNU0LFEojrfCwGq9uBnD1fAiKyn%2B%2F75cVaA7o8Ta2GHe3uSdf5GXhfjuUycCKO%2Bbkl6vfiavxvdCVauZyf0pEUIE08YMqvUvO%2Bbjn62Z5qfHJmeEWwxqc5w6lLZ54%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 812282e2c9a04d82-FRA

GET
H2 200 icon-search.svg
static.ewg.org/skindeep/img/ 251 B
269 B 74ms
56ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/icon-search.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8972611117f010e304a392d3c14c5dd5f8ae6919c447b0eca916c858df3a07ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Apr 2023 14:50:25 GMT
server: cloudflare
age: 6996
etag: W/"f04df95cb09e69c2dab44457c96a258f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2073600
cf-ray: 812282e2e959927d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 hamburger.svg
static.ewg.org/skindeep/img/ 387 B
265 B 71ms
54ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/hamburger.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5b025ff904a91baaf324cd932fac5f80f1754b881f04f48bb3f0a5eb8fc9c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Apr 2023 14:50:25 GMT
server: cloudflare
age: 6995
etag: W/"2f743178fa2ffd506bddc558cb0a973a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2073600
cf-ray: 812282e2e95a927d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 close_x.svg
static.ewg.org/skindeep/img/ 274 B
290 B 69ms
54ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/close_x.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c50942ffdc3976344714610879e76021ac023d83cf5e2b3df62f0f42c3d6415

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Apr 2023 14:50:25 GMT
server: cloudflare
age: 6995
etag: W/"75118f8d194a6a0154e8daadb755da76"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2073600
cf-ray: 812282e2e95b927d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 caret-right.svg
static.ewg.org/skindeep/img/ 251 B
319 B 68ms
53ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/caret-right.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da4511b1a9061dbcdf74276a1cb279848ee0739b2f047eed7a16abb6155fe3d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Apr 2023 14:50:24 GMT
server: cloudflare
age: 6995
etag: W/"4d1c46159ee8eb09e2f5ccd55a73fc92"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2073600
cf-ray: 812282e2e95c927d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 caret-left.svg
static.ewg.org/skindeep/img/ 256 B
271 B 70ms
55ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/caret-left.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 268c0022ee889d1277e8bcf016f47b7d6e9297f11a6cbb4a2d0e4c89bebb463d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Apr 2023 14:50:24 GMT
server: cloudflare
age: 6995
etag: W/"e5b04c85d7d0f29f96200349c3b85cfa"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2073600
cf-ray: 812282e2e95d927d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ewg-header-logo-17b29948567b3da2c7289eff622f41341ed9928cfc1f079155d7af492b580a33.svg
www.ewg.org/skindeep/assets/ 983 B
692 B 244ms
239ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ewg.org/skindeep/assets/ewg-header-logo-17b29948567b3da2c7289eff622f41341ed9928cfc1f079155d7af492b580a33.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ef81c7a94d77d72ba76a5238c123ba2745523677642c2e01318f327fdd6dcac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-runtime: 0.001582
date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"17b29948567b3da2c7289eff622f41341ed9928cfc1f079155d7af492b580a33"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 812282e2ec75929f-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 4d68bca1-1b3e-49c0-a5b1-43a9917bf6f9

GET
H3 200 chevron-down.svg
static.ewg.org/skindeep/img/ 304 B
409 B 69ms
69ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/chevron-down.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e93be17b533bd2401f20952c1009ec6fb5d26c3312398c3ec44c47a1852b67d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Apr 2023 14:50:25 GMT
server: cloudflare
age: 6995
etag: W/"aedb4ff9de2df60a8ac5d580e5b79426"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2073600
cf-ray: 812282e34c96929f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 kids-and-bubbles-22a84699be231b4588641f1beb072cf3c89f491d043d4a3842b662dbea77fdca.png
www.ewg.org/skindeep/assets/ 198 KB
199 KB 279ms
274ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ewg.org/skindeep/assets/kids-and-bubbles-22a84699be231b4588641f1beb072cf3c89f491d043d4a3842b662dbea77fdca.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41cc847bf3a40dc050509ee4f267bc2e1343f7be5a3c5aff080f9248c885545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=290127
content-disposition: inline; filename="kids-and-bubbles-22a84699be231b4588641f1beb072cf3c89f491d043d4a3842b662dbea77fdca.webp"
alt-svc: h3=":443"; ma=86400
content-length: 202990
x-request-id: cd65506d-a32d-4915-b4b6-1fd9878d73c6
x-runtime: 0.001348
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "22a84699be231b4588641f1beb072cf3c89f491d043d4a3842b662dbea77fdca"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 812282e2ec76929f-FRA

GET
H3 200 815134.jpg
static.ewg.org/skindeep_images/8151/ 21 KB
22 KB 387ms
386ms Image
image/jpeg 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep_images/8151/815134.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d35c4f1697f12e2435631b97ec36ba6cf21873d9307df3079acec25af871b54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Apr 2023 14:52:18 GMT
server: cloudflare
etag: "567172fbb4d993511be119d900efdc08"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e34c98929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21866

GET
H2 200 original.jpg
phorcys-static.ewg.org/image/contents/612688/ 19 KB
20 KB 91ms
72ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/image/contents/612688/original.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a803699b66c0ec59ca0b0c4a0c0ca5d8770db033028d7c15ae82143ab914398d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: HIT
age: 5186
x-amz-request-id: VEVRHJPD8GM2CX1X
cf-polished: qual=85, origFmt=jpeg, origSize=44497
content-disposition: inline; filename="original.webp"
alt-svc: h3=":443"; ma=86400
content-length: 19668
x-amz-id-2: 8x+VPy3Px0bw+KZUh2J6LTJpQer6rxKUTgvXh/Jtr7xaFWatidYlhyNruLCEfut12xc2EF2pqtQ=
last-modified: Tue, 05 Apr 2022 15:42:49 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "f9cb9cc9a4366969067aa53ae6bb205b"
vary: Accept, Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 812282e2f962927d-FRA

GET
H3 200 732092.jpg
static.ewg.org/skindeep_images/7320/ 14 KB
15 KB 408ms
407ms Image
image/jpeg 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep_images/7320/732092.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7179e2e2669b01130a84a98d845afabbced3f73cdaf84da253159aba8d564fff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Apr 2023 14:52:10 GMT
server: cloudflare
etag: "9b939d27a35d1cfd723a9209c3d5acab"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e34c99929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14821

GET
H3 200 772290.jpg
static.ewg.org/skindeep_images/7722/ 20 KB
20 KB 472ms
471ms Image
image/jpeg 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep_images/7722/772290.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d73185668502041d66528803f544303abbda757cc20178a19c8405a4bbb9ef23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Apr 2023 14:52:18 GMT
server: cloudflare
etag: "a1923febc4b2597adb563b237ac9fd8f"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e34c9a929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20546

GET
H2 200 original.
phorcys-static.ewg.org/image/contents/571721/ 48 KB
48 KB 102ms
83ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phorcys-static.ewg.org/image/contents/571721/original.
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1087a767d25278138b8d58ae5f14a3bed5dcecb38583eb5bd30e48e009b23a8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: HIT
age: 5187
x-amz-request-id: 691JE13W66Y4ZTYW
cf-polished: qual=85, origFmt=jpeg, origSize=63120
content-disposition: inline; filename="original.webp"
alt-svc: h3=":443"; ma=86400
content-length: 49098
x-amz-id-2: /Uf4Ktwy/zY7ljt5iiE29q77tX4m+fmRWIa2Vy67ORoXR5MQHscIa1Zy5sF5tX0c0x+Y/U3Jlvc=
last-modified: Tue, 16 Mar 2021 19:25:18 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "6a77d85d441e9391b6fe748d4f7ae84a"
vary: Accept, Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 812282e2f964927d-FRA

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 844 KB
237 KB 204ms
46ms Script
application/javascript 2600:9000:2251:f400:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:f400:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 559d6434c97df4d0a882e70deeacbb736788a8e0cc2aedd606767aa1fe521007

Request headers

Referer: https://www.ewg.org/skindeep/
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:37:23 GMT
content-encoding: gzip
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 40654
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 242147
last-modified: Tue, 03 Oct 2023 14:35:54 GMT
server: AmazonS3
etag: "f83d910820d5f697e1f8702050b0ddf4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: 7ft9n8IV41qrxOidvri1ZL0gnGGYhj2gCnQuqSs8vxJv8bNrfd-0_Q==

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 59 KB
12 KB 203ms
45ms Stylesheet
text/css 2600:9000:2251:f400:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:f400:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8b4c614ea58c83fd79f81fd2678d9f7a37f0d7ca9c43c0c1703287504ebc537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 05:05:04 GMT
content-encoding: gzip
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 74912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11520
last-modified: Tue, 03 Oct 2023 14:35:54 GMT
server: AmazonS3
etag: "6a6b8f3ab059b10432d0303706f856d2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: ioF-rB7WxppE8uJoPPnyjocBXOutzYkHx-qqFttSSF2o3WXbJihEsA==

GET
H3 200 rocket-loader.min.js Show response
www.ewg.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 50ms
44ms Script
application/javascript 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Oct 2023 12:54:04 GMT
server: cloudflare
etag: W/"651eb1ec-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 812282e2ec77929f-FRA
expires: Mon, 09 Oct 2023 01:53:35 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 182ms
74ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://www.ewg.org/skindeep/
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 812282e38d344d1f-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 209ms
53ms Stylesheet
text/css 2a02:26f0:3100::1735:29f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=gjx0dil&ht=tk&f=13464.13465.13466.13467.18496.27079.27081.27082.27083.27085.27086&a=7992994&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gjx0dil.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:29f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/gjx0dil.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/743863/00000000000000007735b531/30/ 26 KB
26 KB 141ms
47ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/743863/00000000000000007735b531/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gjx0dil.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 160f8cc050512a40c6445bc42fac73fe2a1488abda38473c7e6360100268f1e3

Request headers

Referer: https://use.typekit.net/gjx0dil.css
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
server: nginx
etag: "0ee0a8547a58a70e50e25ac59f80461aca2a30a5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26512

GET
H3 200 homepage-verified-bg.png
static.ewg.org/skindeep/img/ 156 KB
156 KB 310ms
307ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/homepage-verified-bg.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/assets/application-33d7786ddcb422f8a40394945b89bcc4c1faf1b466837a23ce919b74aee8ade5.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0efecbe3adc4cc280dc03de06b5c6ac654359e0328ea00a4979acfbee27329c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "8c9c99dabb54d8147b38e1b9db707aa2"
cf-polished: origFmt=png, origSize=163326
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
content-disposition: inline; filename="homepage-verified-bg.webp"
accept-ranges: bytes
cf-ray: 812282e4dd06929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 159358

GET
H2 200 l
use.typekit.net/af/ac6334/000000000000000000012059/27/ 29 KB
29 KB 167ms
92ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ac6334/000000000000000000012059/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gjx0dil.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0216c8dc29523e3ff49d1831d3ca3631eb225f80924b590c890c3b24228c7aba

Request headers

Referer: https://use.typekit.net/gjx0dil.css
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
server: nginx
etag: "4fc6598b8ab354a0519cf28edb49b1ef3cfa7429"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29676

GET
H2 200 l
use.typekit.net/af/79d08f/00000000000000007735b53c/30/ 26 KB
26 KB 221ms
150ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/79d08f/00000000000000007735b53c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gjx0dil.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8b6e1621b8ede01def3b5b74dca23d7971e6916d306464ddf550fd3d2f28eb2b

Request headers

Referer: https://use.typekit.net/gjx0dil.css
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
server: nginx
etag: "bcb0944739635ca341c49a05e996cc540defe510"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26204

GET
H2 200 l
use.typekit.net/af/eab951/00000000000000007735b534/30/ 26 KB
26 KB 157ms
93ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/eab951/00000000000000007735b534/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gjx0dil.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0320cf460b6d0571714596f448dd8c8e5c07ca3a62be82f03a748e465a7ab297

Request headers

Referer: https://use.typekit.net/gjx0dil.css
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
server: nginx
etag: "a7e7d242d99a3413e51228cde80009daa1fdd256"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26680

GET
H2 200 fontawesome-webfont.woff2
static.ewg.org/fonts/ 75 KB
76 KB 525ms
399ms Font
application/octet-stream 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ewg.org/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/assets/application-33d7786ddcb422f8a40394945b89bcc4c1faf1b466837a23ce919b74aee8ade5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.ewg.org/
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:48:36 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Origin, Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: https://www.ewg.org
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e5a88a2c2d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H3 200 cat-makeup_C02.png
static.ewg.org/skindeep/img/ 7 KB
7 KB 465ms
454ms Image
image/png 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/cat-makeup_C02.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 888a28e91666aff7daf55980ae959a847d15e0679df05b23f3915f4ad901ea12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "376523078752d3e626c97e81fcb8dea8"
cf-polished: origSize=7351, status=webp_bigger
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e57d38929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7268

GET
H3 200 cat-nails_C02.png
static.ewg.org/skindeep/img/ 4 KB
4 KB 465ms
454ms Image
image/png 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/cat-nails_C02.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 113f44dcb3d39c8c8f68989ca37c132c1f03a0ca7c3745de01867e85f2d4a342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "85bf3c757d5f3c8db88e98afa42ebb0f"
cf-polished: origSize=4023, status=webp_bigger
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e57d39929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3863

GET
H3 200 cat-face-body_C02.png
static.ewg.org/skindeep/img/ 7 KB
8 KB 465ms
454ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/cat-face-body_C02.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 361f52574b5ed0e7fd053eb1cc6ac1be87ae56134a739e8736b6bf3a1d8f559f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:24 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "d773f948240eed6d3a7d464f4dd44c5d"
cf-polished: origFmt=png, origSize=8010
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
content-disposition: inline; filename="cat-face-body_C02.webp"
accept-ranges: bytes
cf-ray: 812282e57d3a929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7602

GET
H3 200 cat-personal-care_C02.png
static.ewg.org/skindeep/img/ 5 KB
5 KB 497ms
486ms Image
image/png 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/cat-personal-care_C02.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59beda93695ab1cc08083b8d5874b4cc4d73ed40d14cbe3a95a54a431e5166af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "52a01abc0462fa050a38265c18668cf2"
cf-polished: origSize=5730, status=webp_bigger
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e57d3b929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4697

GET
H3 200 cat-hair_C02.png
static.ewg.org/skindeep/img/ 4 KB
4 KB 524ms
513ms Image
image/png 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/cat-hair_C02.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50ef36c9070d19d4cb6a8c71aa5b2834efeffe4cc1de98bcf5ac8e67b593d82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:24 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "83243e6479aec73ec3badc1f09bb5ef7"
cf-polished: status=not_needed
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e57d3c929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4050

GET
H3 200 cat-fragrance_C02.png
static.ewg.org/skindeep/img/ 7 KB
7 KB 525ms
513ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/cat-fragrance_C02.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df79a80703f73833f886070789c35e196e02e688c5f5652ca13c606b7d34dc32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:24 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "f0a7c24a1fcd72061bd2b3fa5d0e81e9"
cf-polished: origFmt=png, origSize=7891
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
content-disposition: inline; filename="cat-fragrance_C02.webp"
accept-ranges: bytes
cf-ray: 812282e57d3d929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7108

GET
H3 200 cat-babies-moms_c02.png
static.ewg.org/skindeep/img/ 6 KB
6 KB 525ms
514ms Image
image/png 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/cat-babies-moms_c02.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5e6835f1b826466263e7547f6ed739ff134db24b61317609a4c521fee6d8dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "8cc645c0d28b019954280dbfbf3be65e"
cf-polished: origSize=6858, status=webp_bigger
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e57d3e929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6252

GET
H3 200 cat-men_c02.png
static.ewg.org/skindeep/img/ 5 KB
6 KB 525ms
514ms Image
image/png 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/cat-men_c02.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e10ad827ecc0b5ea668e3826bcb4ccbaa943a60b74cd3960a187b3489469204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "d6b92185e8ea02fc9d44acd356788ece"
cf-polished: origSize=6886, status=webp_bigger
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e57d3f929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5614

GET
H3 200 cat-sun_c02.png
static.ewg.org/skindeep/img/ 4 KB
5 KB 526ms
514ms Image
image/png 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/cat-sun_c02.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c437a17da8114355dee5c74e377f08aa5bf887ef8a92444025e3682ece3d48dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "f9c6f8f226e5c5be89a8d3b6b270aa28"
cf-polished: origSize=5323, status=webp_bigger
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e57d40929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4461

GET
H3 200 how-we-rate-01.jpg
static.ewg.org/skindeep/img/ 16 KB
16 KB 526ms
514ms Image
image/jpeg 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/how-we-rate-01.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca4fe387961ea77fda665b0f722f04cf4629e66a1bf4196637f9796f4467e1ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Apr 2023 14:50:30 GMT
server: cloudflare
etag: "843583bd57299c652c6240d0ac937de8"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e57d41929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 16599

GET
H3 200 how-we-rate-02.jpg
static.ewg.org/skindeep/img/ 18 KB
18 KB 530ms
518ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/how-we-rate-02.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a0ca610af6d4a0f5191be975668ba022ac66287d97e243dc26fd68ccd0762f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "e9a5d8704d9fc335ac2916b4feda7a93"
cf-polished: qual=85, origFmt=jpeg, origSize=20835
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
content-disposition: inline; filename="how-we-rate-02.webp"
accept-ranges: bytes
cf-ray: 812282e57d42929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17968

GET
H3 200 how-we-rate-03.jpg
static.ewg.org/skindeep/img/ 12 KB
12 KB 530ms
518ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/how-we-rate-03.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4bda90120ff721ca369ce708df48e398f0d097a1286e88e0156da0d5d1b9ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "28aef04f063b25c074a33715b78971a5"
cf-polished: qual=85, origFmt=jpeg, origSize=14404
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
content-disposition: inline; filename="how-we-rate-03.webp"
accept-ranges: bytes
cf-ray: 812282e57d43929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12360

GET
H3 200 verified-logo.svg
static.ewg.org/skindeep/img/ 11 KB
4 KB 555ms
543ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/verified-logo.svg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1fbf4ee73f3d9d0c531f2e308de3573d5fedfcdeed9ae4816b8127382d3bcf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:47 GMT
server: cloudflare
etag: W/"bda8ec50b651dc4f134fba5c65f06fe7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2073600
cf-ray: 812282e57d44929f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 vid-thumbnail-endocrine.jpg
static.ewg.org/skindeep/img/ 21 KB
22 KB 556ms
544ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/vid-thumbnail-endocrine.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36f7c640f6ac2c7631efc692d2156286200b316a7702dcdc5a55094945425dd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:48 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "28aa249610074943fc7b32567f36de2c"
cf-polished: qual=85, origFmt=jpeg, origSize=25644
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
content-disposition: inline; filename="vid-thumbnail-endocrine.webp"
accept-ranges: bytes
cf-ray: 812282e57d45929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21842

GET
H3 200 news-card-black-cosmetics.jpg
static.ewg.org/skindeep/img/ 12 KB
12 KB 556ms
544ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/news-card-black-cosmetics.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e369338ab669bdf9f352653e33ae86ea923d7c2d796020fc2d86ace6d8b8128

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Apr 2023 14:50:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "e93c7e3126f385a806d5e61afc7da2dd"
cf-polished: qual=85, origFmt=jpeg, origSize=14278
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
content-disposition: inline; filename="news-card-black-cosmetics.webp"
accept-ranges: bytes
cf-ray: 812282e57d46929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12328

GET
H3 200 news-card-k-beauty.jpg
static.ewg.org/skindeep/img/ 7 KB
7 KB 77ms
65ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/news-card-k-beauty.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1a421478b0db46432aacabb189bdf0fe9ec2bede3f3a5e37e5aba482f132c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: HIT
age: 6920
cf-polished: qual=85, origFmt=jpeg, origSize=8013
content-disposition: inline; filename="news-card-k-beauty.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6660
last-modified: Tue, 04 Apr 2023 14:50:31 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "1140bb43734276a7a1564092348ad60f"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e57d47929f-FRA

GET
H3 200 news-card-fda-asks-women.jpg
static.ewg.org/skindeep/img/ 12 KB
12 KB 570ms
558ms Image
image/jpeg 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/news-card-fda-asks-women.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6a15101658e8100ecdcce82a5f214b47d1df8eaf2cb9b2582e5a2c5bb7d021c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Apr 2023 14:50:36 GMT
server: cloudflare
etag: "03da64b964d4d9b8437ef44d0fd30609"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e57d48929f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11941

GET
H3 200 news-card-ingredient-safety-tests.jpg
static.ewg.org/skindeep/img/ 8 KB
8 KB 88ms
76ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/news-card-ingredient-safety-tests.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3008edad42e4b49a7b5e383b4c7790b023e2e1c7bbf902063a69b8ce87d5126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: HIT
age: 6920
cf-polished: qual=85, origFmt=jpeg, origSize=9502
content-disposition: inline; filename="news-card-ingredient-safety-tests.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8030
last-modified: Tue, 04 Apr 2023 14:50:31 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "7a0b845de047f88c01477e16b47fefd5"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e57d49929f-FRA

GET
H3 200 HL-App-PopUp_C02.jpg
static.ewg.org/reports/2017/sunscreens/img/ 27 KB
27 KB 105ms
93ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/reports/2017/sunscreens/img/HL-App-PopUp_C02.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49a020f82b17a6a6542563ac67191ea3a75defc3d45336309b0d2c20b885a372

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
cf-cache-status: HIT
age: 6994
cf-polished: qual=85, origFmt=jpeg, origSize=103716
content-disposition: inline; filename="HL-App-PopUp_C02.webp"
alt-svc: h3=":443"; ma=86400
content-length: 27784
last-modified: Tue, 04 Apr 2023 14:49:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "0fa166cd919b3631f0fa5dd1995173e3"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e57d4a929f-FRA

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 483ms
334ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=ddae71b0-53e4-4646-9859-d51edea50265

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG72W2QZVQMR1RD
age: 17
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: GoVnoy2qF9Dk8kQ+MdMhKfghn0mARE7l9EgbJdLnNNuU43oimKcqsqzdesH+K0MfnzCSaDN4yLTxUfwJSR/6zQ==
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5lXGYBIu3QmQslzfn0LR%2BV7VfEB3y0a0fBCJSy90cK53sx1hQ1vF32usNi%2BN4UyR5kBWSD%2B96MMyCx20NIZS2cYaNxOdi2SSkcudWHF1C85Ilyh7y%2FN2rbSt9Tc0bYQeVJIyDU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 812282e669a31c2c-FRA

GET
H2 200 glightbox.min.js Show response
cdn.jsdelivr.net/gh/mcstudios/glightbox/dist/js/ 55 KB
16 KB 61ms
55ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/mcstudios/glightbox/dist/js/glightbox.min.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c98267e669cfec3a2a89eb501b16d6d8fba8e0d33e09f355554b19fcf213ffea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 40196
x-jsd-version: 3.2.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230068-FRA, cache-jnb7025-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"dbd8-Z7wG/Dw8ZucqijwBOkGbLEB7cgo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNY0zt9qmip3CIPIorcsyIrx1XP%2B4sxROtPxjdCPNiPfm1%2FBM%2BHT9wKPSV4e%2BNFiwm%2FjPxVzKaXF9Xj%2BhfDFsMUClRcrXgVrbdsxq%2Bf5ol2B3kMZSs%2Bc63SmxF%2FDQiXiQ4D%2Fe6N9WcjpVz3NZwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 812282e57b1f4d82-FRA

GET
H3

200

main.js Show response
www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame A267
Redirect Chain

https://www.ewg.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
3 KB

444ms
444ms

Script
application/javascript

2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

261f818a169dac2b42a9abc0eb12e4c122ab4c696d09dd81a2bc81bb1745befc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 812282e63de1929f-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 07 Oct 2023 01:53:35 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
cache-control: max-age=300, public
cf-ray: 812282e59d51929f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 AKWZXHJB Show response
cdn.fundraiseup.com/widget/ 144 KB
48 KB 193ms
73ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fundraiseup.com/widget/AKWZXHJB

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fa34b986017bc16b1301d1b59209bb0272439e830b14e387fe1eba7b25ecb90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4128439532"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUfVfzR9M7s%2FfIAHQHxxy%2BY0INUNOnKFcFRRiw6iBis78kmkK5LEJL9TH8z6RCP%2BGOhWEpFm7%2BC8kEqevK%2FnESTnlMzULg2RPWBqNc%2FHq%2BqqpOgsxKg96708JwKkBhS3HfnYpWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 812282e94dfabbaf-FRA
link: <https://static.fundraiseup.com/cd0fe5d7ff62.elementsApi.js>; rel=preload; as=script, <https://static.fundraiseup.com/embed-data/elements-global/AKWZXHJB.js>; rel=preload; as=script, <https://static.fundraiseup.com/3.d08da86256ed.async-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/2.428ae4046cd0.elements-langs-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/0.12ba9e45acaa.elements-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout.6ee41b2bb1263f34d79c.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-vendors.a54b2b4ad160d0dbec51.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-styles.ec2e1e59bf426b6de084.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js>; rel=preload; as=script, <https://static.fundraiseup.com/sentry.685c41544713211d4276.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.3f29d0a424c15a020014.js>; rel=preload; as=script
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 303 KB
98 KB 189ms
70ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7847a31849da96836f0955dc737910448c9d92b6f5b716293b40f480492048a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100294
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 07 Oct 2023 01:53:36 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 167ms
54ms Script
text/javascript 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 07 Oct 2023 00:51:14 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3742
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Sat, 07 Oct 2023 02:51:14 GMT

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 78 KB
14 KB 51ms
50ms Stylesheet
text/css 2600:9000:2251:f400:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:f400:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c046b01353fcd84c5e8961116888d55dcac7e766338835a3bd20b4aee7be7637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:37:41 GMT
content-encoding: gzip
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 40654
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14164
last-modified: Tue, 03 Oct 2023 14:35:54 GMT
server: AmazonS3
etag: "bca08ff9c60246ba02d5e857e0d9b159"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: WwkB08R0Iokru8dCmM47Jtb8E3SYbbfeTkEKDtOeFqbO4CuZYkUvOg==

GET
H2 200 identity Show response
profile.ngpvan.com/ 72 B
1 KB 554ms
434ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

a4006e260f6b643412885e474d05b9c6c0807252c0b5c0da272bbf30129bddbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"48-9/j8j13jqPfUA3z/pyvWy9ifsIQ"
x-powered-by: Express, ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo: 11-38980795-38980800 NNNN CT(85 174 0) RT(1696643615687 50) q(0 0 2 0) r(4 4) U24
x-incap-sess-cookie-hdr: A46oJau3S2wFoNT/KHwhCiC6IGUAAAAA91ZAo4HLDRnpYGmBYwqiGQ==
content-length: 192
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 ddae71b0-53e4-4646-9859-d51edea50265 Show response
ekr.zdassets.com/compose/ 969 B
1 KB 320ms
214ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/ddae71b0-53e4-4646-9859-d51edea50265

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ddae71b0-53e4-4646-9859-d51edea50265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a38beab59f8f77a5cda0de87a22d89b1a2af06c3949db509be8932259c10524

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7fd853d94d045a9c-SEA, 7fd853d94d045a9c-SEA
x-runtime: 0.003295
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"9a38beab59f8f77a5cda0de87a22d89b"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxrbKCTscW1xruBnDp5SXYysciBcIrwIV0FBArwGLoRbiHBTHpgcvNkHwuFENSQkebxFj7RHZw02bMs0GazGl%2BQBGiwCjO3nFemV05quVmU77%2BCIZOC6bzuTpHkJgiH9Bxg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 812282ea0d9b3a66-FRA

GET
H3

200

main.js Show response
www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame A267
Redirect Chain

https://www.ewg.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
3 KB

44ms
44ms

Script
application/javascript

2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Protocol

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

857bab6beda0f9b11810762d9bfc7136ddae2b54f022db78cc32f26663648f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 812282eb8f7e929f-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 07 Oct 2023 01:53:36 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
cache-control: max-age=300, public
cf-ray: 812282e96ed5929f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ea-form-bg.jpg
static.ewg.org/skindeep/img/ 9 KB
9 KB 61ms
60ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/skindeep/img/ea-form-bg.jpg
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/assets/application-33d7786ddcb422f8a40394945b89bcc4c1faf1b466837a23ce919b74aee8ade5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda5978b34be4157995a6dd661befe10ad332ffcac83b83229324db1a227b5b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
cf-cache-status: HIT
age: 6991
cf-polished: qual=85, origFmt=jpeg, origSize=11614
content-disposition: inline; filename="ea-form-bg.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9230
last-modified: Tue, 04 Apr 2023 14:50:25 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "52eb6aa8b5e6827e255fe34206908bba"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 812282e9acbe927d-FRA

POST
H3 200 812282e00fa5927d Show response
www.ewg.org/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A267 0
268 B 67ms
64ms XHR
text/plain 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ewg.org/cdn-cgi/challenge-platform/h/g/jsd/r/812282e00fa5927d
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
content-encoding: br
server: cloudflare
cf-ray: 812282eb3f5d929f-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H3 204 rum Show response
www.ewg.org/cdn-cgi/ 0
139 B 54ms
42ms XHR
text/plain 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: application/json

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.ewg.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 812282eb5f6b929f-FRA

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/ 134 KB
44 KB 174ms
50ms Script
application/javascript 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Content-Encoding: gzip
Via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
Date: Sat, 07 Oct 2023 01:53:36 GMT
X-Amz-Cf-Pop: FRA50-C1
Age: 29
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:55 GMT
Server: AmazonS3
ETag: W/"156be461dd96d02fce3792c020f7748a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: 4ZYhYsPhxIDcVqFV1oA8HK03ZDsX0YF-K75bjKL5vaISvEiiObRbiQ==

GET
H2 200 dMOFRtWCQkCiIrGVS0TCFw2 Show response
actions.everyaction.com/v1/Forms/ 12 KB
5 KB 680ms
561ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://actions.everyaction.com/v1/Forms/dMOFRtWCQkCiIrGVS0TCFw2

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

967b9bf17234e1a8f1dc2de16e4ac62c6f871267cfc8551dc2b97fb798b2c52b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 4-27617014-27617020 2NNN RT(1696643616027 57) q(0 0 0 1) r(4 4)
content-length: 4306
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ewg.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: K/4HfyXPFh18oNT/KHwhCiC6IGUAAAAAsasHrke524jVno60LPTSvA==

GET
H2 200 cd0fe5d7ff62.elementsApi.js Show response
static.fundraiseup.com/ 120 KB
39 KB 109ms
91ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/cd0fe5d7ff62.elementsApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13571462b2a61a563e2ea9d0e3151d87fc00cd48a0b753d8a4f677b89b0c92db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VG1WF9WYNEXJ79M4
age: 30449
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tDNIgDl56IMHVzPX8gFCFzqVB7N6lc9MdPRSXxMtSA8KCYpGAPVkYwo2FrRoKc+r4g0wZjDoBb8=
last-modified: Fri, 06 Oct 2023 17:07:37 GMT
server: cloudflare
etag: W/"560c7f43ad52c2a24ae77b4fafce62dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hx15QqRHRp22%2FJXjEj4k7UxgDnwXBuDvBMsHutGSejFoASq2AHgMG%2BjKiKkwheYg6FIP6v8UU7FO%2B%2BPwSmfUGxzBDBsF0qSG0FbEDpBdznv3Y6rSGyu9%2Bs0qsbx5KnA1kK4oH5Wd0pg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 812282ebaf7abbaf-FRA

GET
H2 200 AKWZXHJB.js Show response
static.fundraiseup.com/embed-data/elements-global/ 431 B
776 B 65ms
47ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/embed-data/elements-global/AKWZXHJB.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6c477075c272f9a8f221223f6b4bf574db7d4b42bcd3c793dac2a61b7cc4ee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2YZRAD5KFQ99DEA5
age: 26641
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: FvSaaPePx65GY+DsYvdXo4J994AflK1FfEMoswgmvXGEa2tlQKqDkfxu0ELJoLVMMDzmhsDsqLw=
last-modified: Fri, 06 Oct 2023 18:22:06 GMT
server: cloudflare
etag: W/"92593135b4b7639953eae3726581e8d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQ75fGhm%2Fm5Yzu4yIyzIc97sdAIrpMndYXgnN7uwfSXg0tT4vwLnePZ5azoY%2B4kE%2FvC2%2BAEeb8dU32r8HeEPUYvnCsaAySbe0sYI2lxljNr%2BfFcDTB036fx4%2BF6m6vJLQlh%2FUVDxFBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 812282ebaf7dbbaf-FRA

GET
H2 200 3.d08da86256ed.async-vendors.js Show response
static.fundraiseup.com/ 102 KB
37 KB 73ms
55ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3.d08da86256ed.async-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fbe50cdc5ae5c288588a72ead3c0ba70674805991decc1175c5f29ec5a25719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7857GT24313ED077
age: 133903
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: UQg+fvqaS7ShQpHqBGlTQ1H8YPpOvI219gYn8NByauLqcEsODay/ziuoo9Fm/9Rk7sNkD8otyMU=
last-modified: Thu, 05 Oct 2023 12:23:14 GMT
server: cloudflare
etag: W/"f304f1dc51b41c67d4edfe68df1ea2ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoRxCYNLukE9oUmi9wU3Rycd63M6TmaYqDZYflGENPK4noe364t4r7KE%2B7JiwwPcG2R%2B%2FQuQddeyXl0hW44tVMdF3lH%2FOTuSzI4527pnLOr8LjzU8r0RKdAlolUe42h%2BCaY266QnyAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 812282ebaf7cbbaf-FRA

GET
H2 200 2.428ae4046cd0.elements-langs-vendors.js Show response
static.fundraiseup.com/ 307 KB
56 KB 107ms
92ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2.428ae4046cd0.elements-langs-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a100936394df295ab87d086d4004e52e8fb1b48a50a1dcac78069d93b91f1cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7853Y2BZ1TMRV4CD
age: 133903
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: OsvpJiOulEzv7dIkPJemRXq/kJ0Nz3FJ+Xasj5wbceNxoy84GiaPqV3pjq+hlcPQEfAzWRgNDcQ=
last-modified: Thu, 05 Oct 2023 12:23:10 GMT
server: cloudflare
etag: W/"4779e5abe9f7e33223821cec69ac7ac5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2F6BlmW%2BE%2BBURGHGYf51GJnzgWWdGkr80%2BbXsqoPixZQtDWS9%2BxO8gXvXfGb7feV%2FiDuNS%2BPY5hn7zGxKJJhMBp3zYIlc5BGDYKYMWd%2BkodNKel8mI5LsrdQyHAvciTFYtCq5Ahr1cc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 812282ebaf7bbbaf-FRA

GET
H2 200 0.12ba9e45acaa.elements-vendors.js Show response
static.fundraiseup.com/ 69 KB
18 KB 65ms
50ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/0.12ba9e45acaa.elements-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c3b489b0597762ad5971b3ef62803c0cca81f6c35e582c3f1b22bc01169e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VG1HGPG0T923K9HA
age: 30449
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Kt9vt7c8uPRatosTKfhW8JUXh9c1nE38Y/1mzxavR/3qGMvfAfQSsFcSlT7QixLsU2bcOvDxQFw=
last-modified: Fri, 06 Oct 2023 17:07:17 GMT
server: cloudflare
etag: W/"01f5b4c023295e1e449652f200e2ad6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1i5Y4q4jXhyx%2Bcj74X1mII2qUkj5WXlsQD%2BeT6NUEmcI5LiYu4NFjvQaf3TMueZsWxI4i3OBJD%2FMkPykGwZZ3G5oNWjqEcYkoaCEskvHYvei95lZD1wlYtCy%2FhoGcwEkiAUExfticd8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 812282ebaf84bbaf-FRA

GET
H2 200 checkout.6ee41b2bb1263f34d79c.js Show response
static.fundraiseup.com/ 421 KB
108 KB 107ms
92ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout.6ee41b2bb1263f34d79c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

187ea54d6887c652cb31b868955e5f254799a7ed2ccd99665520c1ad76fd5c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VG1GB2MFF7ASSYP7
age: 30449
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: fSfgLH/fPwibnDwXu5LbxVRg1qi/ucQ27fE+IU1/TOy+zLINqmg/bStvG71B9mVS0IOeC7RtPyY=
last-modified: Fri, 06 Oct 2023 17:07:38 GMT
server: cloudflare
etag: W/"45e8dd7605445a9ad8bfc3d01e86b101"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6b3YGtgR%2BYYqKKtLuWVZGJZh98s8YcQ2khsCQcvj2NFr5FbilTxmzuYjwBoInLorTKxI0yQTv%2B0H%2FW9SncaIbW8vTPNwtzoX%2Bg%2FW2zr9uDwH%2BKZu2ueWlWWt15jIDaucAiTFZ50khpw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 812282ebaf83bbaf-FRA

GET
H2 200 checkout-vendors.a54b2b4ad160d0dbec51.js Show response
static.fundraiseup.com/ 351 KB
113 KB 107ms
92ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-vendors.a54b2b4ad160d0dbec51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36f0e77e5b8f2f5b9bfee300900a3460d10371ea3a8ec8623c9dfbe2a3ce4c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: K04H8DHGBE79B2KV
age: 2037968
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cMg/bnfHGc05Qg3RAKTiWC/1QyTE1Axec5x1kEp+UkBSjfRwRfHFBsKsGU0yiz8FLwPZagMGC+c=
last-modified: Wed, 13 Sep 2023 11:27:50 GMT
server: cloudflare
etag: W/"9f7dda2df64e29a76d20b68c84a811a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQOwi%2BB8fAMjnZuyXR%2BM%2B2rCmdxW5pdO%2BMqcuWvsyfhvjqTQStjoNxndxdu53kX63SQiIzZe1yu4iR6%2BjtmBXhBQjtTlfzWUUAQCwBbCwmOHKVDuUhwne1%2Br4Pt%2FLaP36J7OzWiS6Z8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 812282ebaf82bbaf-FRA

GET
H2 200 checkout-styles.ec2e1e59bf426b6de084.js Show response
static.fundraiseup.com/ 108 KB
19 KB 107ms
93ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-styles.ec2e1e59bf426b6de084.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2eee7cee0aef81969589d21b08757dbe3224317d8d1b5a45cf7a5fd5046ba29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VG1WPHDE3MR7N11J
age: 30449
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pMZmbo7XhwbvR3LM4z/q/O0WCG13iuvn8cAd61TGKP50MlZDt0u1gXS8ibAlWnOSJQx1vwX0vig=
last-modified: Fri, 06 Oct 2023 17:07:38 GMT
server: cloudflare
etag: W/"dddaf7ddf05a1da4a46ef47316d48414"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dY1nNj%2B1TP03MI6NJAoukmJgSfMQXlAzJOyjO%2BQSfJDu3xF3%2FF4BWQ2eUZoLvcG9HRryRjzN%2FNYWnPIOVUPQHX1ofSyA7wfHsXuxQ%2Bis6XkAwXyjx17Cl5SXQFGBvwDc0Vl552Cru6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 812282ebaf81bbaf-FRA

GET
H2 200 checkout-sentry-vendor.bbaab79af6ac4ae5c523.js Show response
static.fundraiseup.com/ 13 KB
5 KB 66ms
52ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C2ZDS3JGJB3CBJKX
age: 1669198
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CJ9qdBHsBN0hLQtJk9Rf8/MNTbMyeT9VMti74idWAHr+GBHaFdIHajk1vCehui2QSsjzdP7hC5w=
last-modified: Thu, 17 Aug 2023 17:57:32 GMT
server: cloudflare
etag: W/"e8cb215ba1bf6e188dcd93c7faa7d814"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVLPbK4GB6QQgZ1T9akfrpD2QGBPMLeyWBSLnO1MCPdvKIkoiyVScgkiXFvZ6V14%2BrAfzwenqn9%2FJERj3n5%2BqATf51o%2F9XXJBF8pqUFbnR%2FCewRvAvjhHIekuPBTxakOLWu%2BAKdgpK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 812282ebaf80bbaf-FRA

GET
H2 200 sentry.685c41544713211d4276.js Show response
static.fundraiseup.com/ 3 KB
2 KB 107ms
93ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/sentry.685c41544713211d4276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9b60061d478908a24bce56feb1b8507019f7c54092f63936e209ec1018249ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4P8A8RM2N4PVGFW6
age: 224049
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: FZnnEJjuH/DjFmdmeuuXcjJINI9WeQgU+QVJII/uNggRxOlYJ+rSzoDWjnG5mVNzvVdp3xXNLCs=
last-modified: Wed, 04 Oct 2023 11:21:09 GMT
server: cloudflare
etag: W/"ebe38210d006cbc892671d38effb1e56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFooP4Pj62zrEMMmE9OFEQ2ypJJ8LG4f1R2KNMRueaIcyJtKFC18HyZB4a9%2BlD9zLKCBVueugE9%2Ft8IOZ%2BegqugjtYzpVK%2FXIrrLxarSzlPWaDfBhtKpbpjk0tadWikJDygPe3ADBho%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 812282ebefa7bbaf-FRA

GET
H2 200 checkout-modal-fiat-flow-factory.3f29d0a424c15a020014.js Show response
static.fundraiseup.com/ 133 KB
25 KB 67ms
53ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.3f29d0a424c15a020014.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b30426d9b37d898a06811d21b2af9fc7ffe8d8c608cb3976f3fe609e3a75bcf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7850F8X7KEK5ADZ6
age: 1135
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KG5oDqHhbrq67dLRWxTkcoUrOvACzFVdZ7a6RiI1jK+k/4GeBgErCBD0tYArlE4boy3eTFnnM2s=
last-modified: Thu, 05 Oct 2023 12:23:27 GMT
server: cloudflare
etag: W/"a600eca0a84219bda0bb5e6aeb0e0a08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ld9PQVQWaY9Aev5uIvcceW3Rv8t6M1nId9FbEuSZLrzapDb5P1%2BVubB%2BWxhP4E%2F2p1LZaHcIuNa52dUFBUV7iig2c76pHA%2B%2F4a5v%2FrHm1pV%2FC4J%2Fee7Omh0IWdyDR9VwDpbvBq4Xhc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 812282ebaf86bbaf-FRA

GET
H2 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
198 B 53ms
52ms Image
image/gif 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1564363692&utmhn=www.ewg.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&utmhid=45193731&utmr=-&utmp=%2Fskindeep%2F&utmht=1696643616603&utmac=UA-296149-9&utmcc=__utma%3D232508224.7576853.1696643617.1696643617.1696643617.1%3B%2B__utmz%3D232508224.1696643617.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=162029853&utmredir=3&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 07 Oct 2023 01:53:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
100 B 53ms
52ms Image
image/gif 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=2126414898&utmhn=www.ewg.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&utmhid=45193731&utmr=-&utmp=%2Fskindeep%2F&utmht=1696643616611&utmac=UA-296149-22&utmcc=__utma%3D232508224.7576853.1696643617.1696643617.1696643617.1%3B%2B__utmz%3D232508224.1696643617.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=974363869&utmredir=3&utmmt=1&utmu=qBAgAAAAAAAAAAAAAAAAAAAE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 07 Oct 2023 01:53:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tb
fndrsp.net/ 2 B
482 B 469ms
348ms Ping
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 07 Oct 2023 01:53:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ev4%2Bf9v8zjOw0ivvi3X70HROSBA5fVjGMdqctiWi9HhEZ9RC4qmnkpCk84qjHHA88N1BG1HQ50NjzeFuuf9fr7jFLt62yLQwTP5wHGgTkE2NMaxA8MwycAfmo%2BOC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.ewg.org
access-control-allow-credentials: true
cf-ray: 812282ed88f52bc2-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c493df9d423fa3cc5d89.woff
static.fundraiseup.com/src/fonts/ibm-plex-sans/ 68 KB
68 KB 160ms
102ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c493df9d423fa3cc5d89.woff

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa4ffe02411e1ffaaa2bda2fece4c0fb2c85456db525b6f31254e1fa0529d3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ewg.org/skindeep/
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y2R8YXQBSMSC9D2E
age: 1668950
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 69300
x-amz-id-2: h1A2aX7tVpcMtT3IzGglYDA7BQ6ukySBYIAXWpParJjZ8i4wJ/TMtz/U5U+rknhL0eruFKBySdg=
last-modified: Thu, 17 Aug 2023 17:57:30 GMT
server: cloudflare
etag: "5dd14ffc94f58becbeb197a5ee31423a"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOVxfb%2BcstBfjB7W5MyOmtTuVr632xlRk%2Fc5iomebahKExAlAMoX9ZTWBojiEawrMIu2WmyE01BlC5g6D8bWf2VqpXztYRGLpf8vrvIjHNm%2B3o%2F7JGceWTNJ8pk37cP0tEHc5m5wVMs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 812282ed29449b2d-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ 52 KB
53 KB 546ms
487ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ewg.org/skindeep/
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9Y598BBKGWMGJJ05
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 53064
x-amz-id-2: f0cs7uMye/nFRs2jDnJ4pn3M+tn+tgiD+CmjWeSs7mZ6Jn/YjNEEC7K9yqB5Mbq/06HpKhebaAM=
last-modified: Thu, 17 Aug 2023 17:57:30 GMT
server: cloudflare
etag: "c9e466876957e9d2128f63b225a81ae3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiOpn3xYhJ5omUfRIzIhoajIol7nIWcqxjtWJsMIVOMaZZR3m7Ay3HwC0l5K5qBygX3JYogwsTIvyj%2FvB8BDezjcqD2Cbs0OpT8Wp5KSLdKzdIIsXNRWdOZ33W1nqrTKAwd0MG2%2BvU4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 812282ed29459b2d-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.d94eaadc1070343e6d33.woff
static.fundraiseup.com/src/fonts/ibm-plex-sans/ 72 KB
72 KB 577ms
519ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.d94eaadc1070343e6d33.woff

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8b8e77df304134446ca875214b28cdbb9a36511daedbc4b8ba8ef77fc86964c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ewg.org/skindeep/
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y2RB6WWW71797QPQ
age: 1668950
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 73336
x-amz-id-2: dek0ywbeuNFhbP3Uu8bX1D9An69SDHEg3HRi2KVOmyXs5z8LxZ0kt0GPTcfl6vhsvzj3TjVGgmg=
last-modified: Thu, 17 Aug 2023 17:57:30 GMT
server: cloudflare
etag: "fd11415bd868e0815d59f78628a0220f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jza8vt26rzzdR6OP5eSZOGsrdAGSPXcKJ33XFoWgJ1Q6zSCN7%2B7R3%2BBe6%2Fg%2BQAC1UOjQC%2Fl7ZtkfI3hG5d0%2BAHOeRw8PQ6oGSy%2BqAUy4MTw7TGfF6%2FdJ7bhSTICxF4Vym%2F0ltkr5cL0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 812282ed29469b2d-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ 55 KB
56 KB 612ms
553ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ewg.org/skindeep/
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y2R0QD682GD0M5W3
age: 1668950
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 56460
x-amz-id-2: vwIy8TB3scPKlQc9SFeAdV4vtRZ2nPGl+yyCFtHImoDEZmYUaTaibYgMCxJW1B3fHM+wRQ/u1/M=
last-modified: Thu, 17 Aug 2023 17:57:30 GMT
server: cloudflare
etag: "cc65a7d46bec1bcadfd3a27d571765f5"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ez69Ou1fsI9K6plG%2Femp2c0WAp2t8M44KriRhSk04llQY3xrGQ6n0Hz6PZPaTDAFh5rQOp8PiWUy1Lt7ZtW093zurmmzDwFWE8BAwYLKQY42VB%2Bzy%2BQ7nIK%2FZoeUv2CBqZRmqY%2BMWw8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 812282ed29479b2d-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.6a83ec5143b3476f0a22.woff
static.fundraiseup.com/src/fonts/ibm-plex-sans/ 72 KB
73 KB 118ms
60ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.6a83ec5143b3476f0a22.woff

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d625ffeb66507b5bb261bed24c35f5f5ff9f156f5ebd3fce5b95f29f054f5469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ewg.org/skindeep/
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y2R84AH5HQ559TDE
age: 1668950
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 73644
x-amz-id-2: yY2zjSRfd5w4WhVAG8UDL4jbKnB5OVseDvBseoKBjkA6ooukyAAT7HsXnTPimEbqxE7Hh4zmuVg=
last-modified: Thu, 17 Aug 2023 17:57:30 GMT
server: cloudflare
etag: "b9a28c1ed8cdedf6d84d7d29ab9b58ac"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=th36q2W9ziE02IJSxXXYrpXEN%2B%2Bcnnh%2F4bfXNcus%2Bua21%2BUpG6V1RiSVW5d9kxeEBVrk%2BOfrI6eL9ye50ldYJ6WgkJA26i0CM7q3xv0XeqbsfTV2leb1fXrjvMByfa28QkpntOi2s9E%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 812282ed29489b2d-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ 56 KB
56 KB 648ms
590ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ewg.org/skindeep/
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y2R99X2W8RB063EJ
age: 1668950
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 56996
x-amz-id-2: PFpRSZw0XdPH+h1d5uD9pkBwzkvFr+nrwdCDh8098nEh328L+xq1PSdQQVW5/T0KOiY+VLrLzEk=
last-modified: Thu, 17 Aug 2023 17:57:30 GMT
server: cloudflare
etag: "643ad5d92cd7c31076790077c3003abc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAWb%2BaggNbAbki1THHILS%2BS262JnO0X0IJ4bYODFhAggCT%2BgCrCDXq4eFo9DguKON9xWRqM7fsVv0%2F74p9X7zoETqwpA4nsGlH%2FNwBxP1xc78s5sFvwlCxCFoSzH9QZ6NoVmMKqSTsQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 812282ed294a9b2d-FRA

GET
H2 200 web-widget-main-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 9346 921 KB
265 KB 81ms
74ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ddae71b0-53e4-4646-9859-d51edea50265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
x-amz-version-id: Tqd.BCD9w1gdIuCOkjN7K7S20lVumIKB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGCDT70WXW0XTBG
age: 1454658
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: w4TxXbuKfsJtUaNYI21UQF3WwdyKVc0OvhjojDbcRlmcVg4D+m0Q+pJzOrBKqCsq6jwYIyHXPHU=
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"a3155ef9816fdf792d367e746086c583"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOnM%2FHVFBWLVPWHJKnmN2TyQ0x9z2Ktf0Bf5thHS%2BpxrCevSWdcMtOczycPbm%2FBxWtk7kwlORgITxOadadYSteurzXEMhnVWDyMQN9KpGjZEw96bRM2hSlGijmi6hlyV9cK%2FzK0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 812282ed2d451c2c-FRA
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 127 KB
50 KB 708ms
50ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-PMD7D89

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3679f10c2bb8d1f47ecf8de8f3797d112ace5ae841f73128d25d3dbc15a116c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50553
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 07 Oct 2023 01:53:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 685ms
53ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 07 Oct 2023 01:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 124
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 07 Oct 2023 03:51:33 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1071783566/ 3 KB
2 KB 685ms
55ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1071783566/?random=1696643616889&cv=11&fst=1696643616889&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=0&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&value=0&bttype=purchase&auid=1083048024.1696643617&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

17b08df49e5ac7754bfab51c081d32f1b1728a984f6819d21939d987836e5bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 01:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1640
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 692ms
66ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 07 Oct 2023 01:53:36 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 195DF346BEB7478D8776F69774BAD075 Ref B: FRA31EDGE0119 Ref C: 2023-10-07T01:53:37Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108002/ 3 KB
2 KB 681ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108002/?random=1696643616900&cv=11&fst=1696643616900&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&hn=www.googleadservices.com&frm=0&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&auid=1083048024.1696643617&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

341d7dcd927831c3693154df7ec2d983023d1f1a77f85e1f6c8cc35b9edfabba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 01:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK at.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 844 KB
237 KB 686ms
58ms Script
application/javascript 52.84.186.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.186.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-186-88.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec0ba5b7f9f26cfcbb9fa05457fdc7627726b8f4dbff4be8a67f2969aed75b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 07 Oct 2023 00:58:51 GMT
Content-Encoding: gzip
Via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P1
Age: 3287
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 242155
Last-Modified: Tue, 03 Oct 2023 14:35:54 GMT
Server: AmazonS3
ETag: "3e20198bd506c8c4597056033d50f436"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: xXfjBNturRDAdaUtO-klIyID_kD4AqnpR80O4V3dBQj4omjTJX8VLA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 668ms
40ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/skindeep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 07 Oct 2023 01:53:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: TUSVkSCKOU3dQ6o9AnE/eS0pxbmyQ1YmhTWg9Vi/gKKuKdqWZHLDtt+Cw635Wl+THjlRyg9CDNLvUejesKYbig==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 18 KB
7 KB 760ms
132ms Script
text/javascript 52.57.67.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/skindeep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.67.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-67-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a863e3394fe3ce02b3e88e7cb6875e229473beecf5a065d96bc5636fe20dcdff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 07 Oct 2023 01:53:37 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 pixel.js Show response
cdn.popt.in/ 226 KB
50 KB 679ms
52ms Script
text/javascript 2606:4700:e6::ac40:c514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/pixel.js?id=16f9efd0362a4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b5f3af1ebefcf3c0a29825b219da7f99a6d3c2f2b2ad3f649cf551717aaf75e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:37 GMT
x-amz-version-id: EmwZ5K1Em3zEQ0ny4LLmbClC41_MzTLj
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 3686
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Oct 2023 10:51:43 GMT
server: cloudflare
etag: W/"51dfdf4d0a08c414b8ec0b224e7bf5b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2F9oZDWFxdTv%2BaJuF%2F7YcCn4bEGabyhIfOhS23JBmESzu7z7xuUgbclOyogeKn%2F4shKrbJlh9wBwXMyetUhZ8aBGxYh%2BTBsj%2Fir1FA1CdzR7IIw6TxktX0mwipdCUgw3%2FFrpHcqWOBVdVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 812282f1b9374dcd-FRA
x-amz-cf-id: Fzqp-LddkYccgfqPbu2KHUc7oNL11KqNvsgRzJ9wPsGjGVOcwmlqFA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
96 KB 353ms
349ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CS21GC49KT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4a670daaecef789dee4ea4b188744e21da9006e40c343c84b6a90c59fc659e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97945
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Oct 2023 01:53:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 291 KB
94 KB 337ms
334ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FF5ZYEH177&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c088b5d549536ce28859cd9e3f496aa697639e02bc4aa0e274d907c5bb902aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Oct 2023 01:53:37 GMT

POST
H3 200 812282e00fa5927d Show response
www.ewg.org/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A267 0
268 B 181ms
180ms XHR
text/plain 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ewg.org/cdn-cgi/challenge-platform/h/g/jsd/r/812282e00fa5927d
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Oct 2023 01:53:37 GMT
content-encoding: br
server: cloudflare
cf-ray: 812282ef88af929f-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 nvtag Show response
profile.ngpvan.com/v2/data/BuPvdHc3Qz3nUOJ_3Bnfkebg/ 2 B
830 B 624ms
395ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/BuPvdHc3Qz3nUOJ_3Bnfkebg/nvtag
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:36 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by: Express, ASP.NET
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ewg.org
x-iinfo: 7-30083567-30083574 NNNN CT(86 177 0) RT(1696643616657 71) q(0 0 2 -1) r(3 3) U24
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: zXgESEy67SMFoNT/KHwhCiG6IGUAAAAAXlkHbtJUJ34ZbcAI35PQcA==
content-length: 123
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 dMOFRtWCQkCiIrGVS0TCFw2
actions.everyaction.com/v1/Track/ 0
225 B 401ms
401ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://actions.everyaction.com/v1/Track/dMOFRtWCQkCiIrGVS0TCFw2?formSessionId=6844291a-66e7-4250-a0ae-527464aa05a6&bName=chrome&dType=desktop&formVersion=6/5/2023%208:25:15%20PM|1/9/2020%2010:26:47%20PM&fUrl=aHR0cHM6Ly93d3cuZXdnLm9yZy9za2luZGVlcC8%3D&fRef=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Sat, 07 Oct 2023 01:53:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 4-27617014-27617048 NNNN CT(85 177 0) RT(1696643616027 749) q(0 0 3 -1) r(4 4) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
x-incap-sess-cookie-hdr: 3dRZSV1tzwJ8oNT/KHwhCiG6IGUAAAAAH9n/dmuhlzj+ZobjAubFOQ==
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 en-us-json-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 9346 25 KB
6 KB 53ms
52ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:37 GMT
x-amz-version-id: hsI8uO5qXqigkFCAVGwBeynKIJCd66Hs
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG634E6JEX0QWAZ
age: 1454658
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: xPN4p0SCUPGXKregEUQnpKEDpsTJuP5jc1Fzfm7M0eI6Ek6sEigILcZVdbgX8yXKqKG690OWL10=
last-modified: Thu, 24 Aug 2023 03:39:38 GMT
server: cloudflare
etag: W/"fd692493810d22ae0ff5aca283a7a202"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsExMY8%2BRZ6y7WePkOm4gJC8dp%2BnhnMrXZH3uCMO9ukjYe1CRXJWZuzyf9bjJM5%2FxK6Jgh3w6xbgobIswBIYz29hj10Dp2%2BNlXYAfd8KUn8RU5hgVhO7WA2%2BSgtwfu34zCm7OZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 812282f1df971c2c-FRA
expires: Fri, 23 Aug 2024 03:39:37 GMT

GET
H2 200 config Show response
ewg.zendesk.com/embeddable/ Frame 9346 602 B
1 KB 301ms
159ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ewg.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6581504f3ba8a894ae75c27e4ad833878bc4802a9f9a651e1a4113d99a3f5e41

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-6c598dd9f9-x6zs8
x-cached: MISS
x-request-id: 812282f2bdc24d25-FRA
x-runtime: 0.002037
last-modified: Sat, 07 Oct 2023 00:04:27 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXc8NOXRbGWcJNFagvjQC7GJTHlp4uTbNRn4MifE1WFPKb6ZDMRdG%2Bg%2BrJx2pAssfZ%2BQwYuSLmPD29d3jshy4FiwwdIvcJBrJWKoJ6fB3p5uMSPSGROVvM67F5%2BnscL5nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 812282f2bdc24d25-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 156ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CS21GC49KT&gtm=45je3a40&_p=45193731&cid=1171524572.1696643618&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&sid=1696643617&sct=1&seg=0&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&ep.clean_path=%2Fskindeep%2F
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CS21GC49KT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 01:53:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 48ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FF5ZYEH177&gtm=45je3a40&_p=45193731&cid=1171524572.1696643618&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&sid=1696643617&sct=1&seg=0&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&en=page_view&_fv=1&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FF5ZYEH177&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 01:53:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tb
fndrsp.net/ 2 B
257 B 173ms
172ms Ping
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 07 Oct 2023 01:53:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TvrKIaFuzktj6rem08HepCI6g4b8J2OtMoNavlicTn9d4sU1STpsLCBoehudBH6vLqLbhzFhz9IdOX34LjMHIQoqW1UDcoqsgQlL%2Brbv%2FEsBFiVrQDs7hlABiB4"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.ewg.org
access-control-allow-credentials: true
cf-ray: 812282f37cad2bc2-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

/
www.google.de/pagead/1p-conversion/1071783566/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071783566/?random=510658773&cv=11&fst=1696643616889&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/1071783566/?random=510658773&cv=11&fst=1696643616889&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F...
https://www.google.de/pagead/1p-conversion/1071783566/?random=510658773&cv=11&fst=1696643616889&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&...

42 B
108 B

57ms
56ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1071783566/?random=510658773&cv=11&fst=1696643616889&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=0&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&value=0&auid=1083048024.1696643617&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVlBdE1TZkoxaGt2M2VmcGk1TC1TUW9PQUpGdDZwSWEwVVo2ZHlqS1hDWFdvaGNUTlItNEEaWkNoRUk4T0QtcUFZUW1vWDJsZGJ4cFpfN0FSSXVBTmxNaHZCd3dtMkk2Q1kwNHJQQXFMMEJ4MHJLUWlYMnBJZm43bXJNMW54QUM4TFJPZWlHYXRIWkdwZ3AzZyITCLPuiYHq4oEDFQLJuwgdR7AMow&is_vtc=1&ocp_id=IbogZfPZIYKS7_UPx-CymAo&cid=CAQSKQDICaaNhDl0wvFH-yRPLZyf6gl7vRnvu6dHhOQHz1mnoG6ygYY_d76E&eitems=ChEI8OD-qAYQ34yopoSCrOOPARIdAHkFAjMv-hmLf8DnV0qXwUxQ-Vkv4QoFCVTcPQY&random=3810402535&ipr=y

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 01:53:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Oct 2023 01:53:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1071783566/?random=510658773&cv=11&fst=1696643616889&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=0&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&value=0&auid=1083048024.1696643617&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVlBdE1TZkoxaGt2M2VmcGk1TC1TUW9PQUpGdDZwSWEwVVo2ZHlqS1hDWFdvaGNUTlItNEEaWkNoRUk4T0QtcUFZUW1vWDJsZGJ4cFpfN0FSSXVBTmxNaHZCd3dtMkk2Q1kwNHJQQXFMMEJ4MHJLUWlYMnBJZm43bXJNMW54QUM4TFJPZWlHYXRIWkdwZ3AzZyITCLPuiYHq4oEDFQLJuwgdR7AMow&is_vtc=1&ocp_id=IbogZfPZIYKS7_UPx-CymAo&cid=CAQSKQDICaaNhDl0wvFH-yRPLZyf6gl7vRnvu6dHhOQHz1mnoG6ygYY_d76E&eitems=ChEI8OD-qAYQ34yopoSCrOOPARIdAHkFAjMv-hmLf8DnV0qXwUxQ-Vkv4QoFCVTcPQY&random=3810402535&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/698108002/ 42 B
455 B 161ms
50ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108002/?random=1696643616900&cv=11&fst=1696640400000&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&frm=0&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&fmt=3&is_vtc=1&random=3103501543&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 01:53:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/698108002/ 42 B
455 B 163ms
51ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698108002/?random=1696643616900&cv=11&fst=1696640400000&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&frm=0&tiba=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&fmt=3&is_vtc=1&random=3103501543&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 01:53:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 431673573640385 Show response
connect.facebook.net/signals/config/ 131 KB
35 KB 106ms
105ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/431673573640385?v=2.9.132&r=stable&domain=www.ewg.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d0e0eb6a1e7146b4beb8c9ab7acc19dd13363f0beab6f3ca10ba3620a1f61fd2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 07 Oct 2023 01:53:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: W409DqGxXamdGSol8xVK/65xTb/2MFVJKm/PlvEL/FJ6QlzK82HLHbzMgQ6ZBsJOnhh6UfeZf2Df0oa9ielluQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 52ms
50ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=45193731&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&ul=en-us&de=UTF-8&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=232508224.7576853.1696643617.1696643617.1696643617.1&_utmz=232508224.1696643617.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1696643617860&_u=aCDCiEABRAAAACAAI~&jid=1914992528&gjid=2053970860&cid=1171524572.1696643618&tid=UA-296149-25&_gid=1892120520.1696643618&_slc=1&gtm=45He3a40n71PPNMZJ&cg2=skindeep&cg3=www.ewg.org&z=1738682782

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 01:53:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 52ms
52ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-296149-25&cid=1171524572.1696643618&jid=1914992528&gjid=2053970860&_gid=1892120520.1696643618&_u=aCDCiEABRAAAAGAAI~&z=1853855180

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 07 Oct 2023 01:53:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 41ms
39ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=45193731&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&ul=en-us&de=UTF-8&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%20Tracking&ea=0%25&el=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&_utma=232508224.7576853.1696643617.1696643617.1696643617.1&_utmz=232508224.1696643617.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1696643617869&_u=aCDCiEABRAAAAGAAI~&jid=&gjid=&cid=1171524572.1696643618&tid=UA-296149-25&_gid=1892120520.1696643618&gtm=45He3a40n71PPNMZJ&z=1705239064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 10:52:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54070
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 42ms
40ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=45193731&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&ul=en-us&de=UTF-8&dt=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SignupForm&ea=Form%20Load&el=Minimal&ev=4&_utma=232508224.7576853.1696643617.1696643617.1696643617.1&_utmz=232508224.1696643617.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1696643617873&_u=aCDCiEABRAAAAGAAI~&jid=&gjid=&cid=1171524572.1696643618&tid=UA-296149-25&_gid=1892120520.1696643618&gtm=45He3a40n71PPNMZJ&z=1579834698

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 10:52:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54070
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
28 KB 185ms
68ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: cdn.popt.in
URL: https://cdn.popt.in/pixel.js?id=16f9efd0362a4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2520855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27991
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6d57"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezjnn6p05suMM5LQRI06lsSBjRwoKp6iQc7xVJ0u13pp%2FfosvSFUc%2BJU7X3dH6LhV%2FmYyuIB4YeaIC4QaDXpPbaUv%2FuR0eFFkxh4088OCAYgYRuoW6uvYnbGXqHL2cUTP%2F4z4Wtg%2FpzA8b4nsGpUlmKo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 812282f5397630f3-FRA
expires: Thu, 26 Sep 2024 01:53:38 GMT

GET
H2 204 17156808.js Show response
bat.bing.com/p/action/ 0
118 B 69ms
68ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17156808.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 07 Oct 2023 01:53:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B8864EEF172648999DE435C2D6A3D73A Ref B: FRA31EDGE0119 Ref C: 2023-10-07T01:53:38Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 101ms
100ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17156808&tm=gtm002&Ver=2&mid=938c4f4e-a451-4b4b-a094-72d14dac2575&sid=551c570064b411eebb086baad0103d24&vid=551ca8a064b411ee8f0b7d9a0780326e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&p=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&r=&lt=1478&evt=pageLoad&sv=1&rn=534105

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 07 Oct 2023 01:53:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 69A6E929DEAC4B22AD34C7B3DEC5E118 Ref B: FRA31EDGE0119 Ref C: 2023-10-07T01:53:38Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 139ms
138ms Stylesheet
text/css 52.57.67.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.67.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-67-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 0a8a8d0d0e3dfaa79021f221ab8268c3febbe6123b612f3c0893888c63648dce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 07 Oct 2023 01:53:38 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 273ms
179ms Fetch
image/jpeg 52.57.67.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.67.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-67-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 07 Oct 2023 01:53:38 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 rt
tags.srv.stackadapt.com/ 43 B
108 B 137ms
135ms Image
image/gif 52.57.67.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.srv.stackadapt.com/rt?sid=pT46Xay2aUZgJC9VGHslbr&url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&t=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&tip=R3jVmGkjtLBJRvDlJvCZEElB09zBFwF7BECGlUIOSJA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.67.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-67-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:38 GMT
content-length: 43
content-type: image/gif

GET
H3 200 367774270429261 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 125ms
125ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/367774270429261?v=2.9.132&r=stable&domain=www.ewg.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e2f8bb7812e3ad4b10af4e0612143c313f2af19df81d844518c6353af7ae931a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 07 Oct 2023 01:53:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 7MRRdfSSp7vy0rQNVwVoL3tfePoNqjJ45bCcxZsIP3Z66TTxZPqaGonxiF5sVJpQ0l9V9wmI7tX0EXJ3uXFWXg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 185ms
39ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=431673573640385&ev=PageView&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&rl=&if=false&ts=1696643618197&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696643618181.611346610&ler=empty&it=1696643617839&coo=false&exp=a0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 07 Oct 2023 01:53:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 16f9efd0362a4 Show response
display.popt.in/APIRequest/ 59 KB
6 KB 1017ms
896ms XHR
application/json 2606:4700:e6::ac40:c414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.popt.in/APIRequest/16f9efd0362a4?domain=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&referrer=&previous_url=&cookies=%20poptin_old_user%3Dtrue%20poptin_user_id%3D0.sr75p8a7oe%20poptin_previous_url%3D%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&origin_landing_page=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=&cart_products_org_ids_list=

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c414 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea4923099ea8439cb018b666a405fc9c1d7ffb3cd920ffb1a796e645a112e26d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://bc.popt.in https://.mybigcommerce.com https://.jumpseller.com https://.myshopline.com https://.myshopify.com https://*.grisynava.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:39 GMT
content-security-policy: frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ju%2Bxn%2FTydNjtSWZk9cPXO6GMD%2Bni3IDCIyAciepXVPXV24BL%2BJNSzU2P6QGCgMtKYVebFO2vsVo4aL7gAprP9EM9hTJi1KkPi2t19puZgV3HpoHsC4hj5pv0BT6kgypIv34PXUc%2B115Mc63eck%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, no-store, nocache, private
access-control-allow-credentials: true
cf-ray: 812282f70ec12bb0-FRA
access-control-allow-headers: Origin, Content-Type
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
308 B 131ms
130ms XHR
text/plain 52.57.67.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=_oA6pMGgoNs4jqA5X_sYDQ&is_js=true&landing_url=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&t=EWG%20Skin%20Deep%C2%AE%20Cosmetics%20Database&tip=R3jVmGkjtLBJRvDlJvCZEElB09zBFwF7BECGlUIOSJA&host=https%3A%2F%2Fwww.ewg.org&sa_conv_data_css_value=%270-683cce95-4ab3-5c3d-6f24-ac2bdca6dd08%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9683cce954ab35c3d6f24ac2bdca6dd0850ff0765&sa-user-id-v3=s%253AAQAKIFbURH4pn9F9elphvKyN1Y2F2u-LEwwsvks73C-vemTuEHwYBCCh9IKpBjABOgSAjA8ZQgSo_6qy.yTgtmkvCDQcxKTzDBPbkBbcgT9xxrtFVdprKALSpJnE&sa-user-id-v2=s%253AaDzOlUqzXD1vJKwr3KbdCFD_B2U.R5uPQ7r1VsJWtPUXibal1DKjc7AbCc4JldOUSdIQm7w&sa-user-id=s%253A0-683cce95-4ab3-5c3d-6f24-ac2bdca6dd08.UF9VUKMSY3s1gNintEj%252F20qm2ZAc6F8QgNVQnj0qn2M
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.67.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-67-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 05e8056e4e591fb90a8094434a42c37c201c7367be9613d289508a00c72fdba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: https://www.ewg.org
date: Sat, 07 Oct 2023 01:53:38 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 116
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 46ms
42ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367774270429261&ev=PageView&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&rl=&if=false&ts=1696643618374&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696643618181.611346610&ler=empty&it=1696643617839&coo=false&exp=a0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 07 Oct 2023 01:53:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 47ms
43ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=431673573640385&ev=ViewContent&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&rl=&if=false&ts=1696643618376&cd[content_name]=2020%20-%20%20Skin%20Deep%20Footer%20Embed%20PDF%20-%20Sign%20Up&cd[content_category]=SignupForm&sw=1600&sh=1200&v=2.9.132&r=stable&ec=1&o=30&fbp=fb.1.1696643618181.611346610&ler=empty&it=1696643617839&coo=false&exp=a0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 07 Oct 2023 01:53:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 48ms
45ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367774270429261&ev=ViewContent&dl=https%3A%2F%2Fwww.ewg.org%2Fskindeep%2F&rl=&if=false&ts=1696643618377&cd[content_name]=2020%20-%20%20Skin%20Deep%20Footer%20Embed%20PDF%20-%20Sign%20Up&cd[content_category]=SignupForm&sw=1600&sh=1200&v=2.9.132&r=stable&ec=1&o=30&fbp=fb.1.1696643618181.611346610&ler=empty&it=1696643617839&coo=false&exp=a0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 07 Oct 2023 01:53:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 403 /
d362h7pxdteoyk.cloudfront.net/ 0
0 763ms
644ms Stylesheet
application/xml 2600:9000:2057:5c00:10:fb15:b700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d362h7pxdteoyk.cloudfront.net/
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5c00:10:fb15:b700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H/1.1

200
OK

/
tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/
Redirect Chain

https://fonts.popt.in/?family=Poppins&display=swap
https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/?family=Poppins&display=swap

1015 B
1 KB

864ms
219ms

Stylesheet
text/css

2600:1f14:50b:9a02:2b8:e236:39c9:797c
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws/?family=Poppins&display=swap
Protocol: HTTP/1.1
Server: 2600:1f14:50b:9a02:2b8:e236:39c9:797c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8503bb1f3969798a88dce37ee7f38979711dfd7495f5b8dafd66a19ff24e2d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 07 Oct 2023 01:53:40 GMT
x-amzn-Remapped-host: fonts.popt.in
Connection: keep-alive
x-amzn-RequestId: bab245ad-9fa4-46f8-a01b-06de8a114d8b
Content-Length: 1015
X-Amzn-Trace-Id: root=1-6520ba24-3d3e805d61437fd3654f1e04;sampled=0;lineage=013914a9:0
Content-Type: text/css; charset=utf-8

Redirect headers

date: Sat, 07 Oct 2023 01:53:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjThB%2BqFUMjaUoihZE6U1ObtHszbMvVakC5WXTWzD1%2B7hr1GjmG2HMx5lcJ%2FhSIRVZGc8nvw5XHk8SHGF%2FKYr1i%2FrTIEVwhRbjfz%2BTlcv9euyCPYQisKZL10F1n65vjPi39J%2FBKtwfC3pMs7"}],"group":"cf-nel","max_age":604800}
location: https://tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws?family=Poppins&display=swap
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 812282fcbf3d4dcd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 heb-fonts.min.css
cdn.popt.in/css/ 22 KB
3 KB 51ms
48ms Stylesheet
text/css 2606:4700:e6::ac40:c514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/css/heb-fonts.min.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7459dd5ce48ddd21da15f490514af4be07ff85f0b0b6b9e118542d68ff5ec91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:39 GMT
x-amz-version-id: qXd_m_chdhWvR5DNrvI834tklGtnWkb9
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 140511
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Sep 2018 18:05:20 GMT
server: cloudflare
etag: W/"fb58ef8ec15444a0d0cf977973d4f824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcAL1VOcklafSAOExEgjP5A1FbyQlMBJkbHoOUZh9z7LJOS1h%2FNWYG7x%2BWYraYYVmvaY%2BpYOvmFC0%2BjiK7vwA6kthPkkLMSeUvsjRgqOfkDA9mXD4ytUKatu%2B0BS9MrR9q2S9que81HGeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=30672000
cf-ray: 812282fcaf384dcd-FRA
x-amz-cf-id: ux9ES_UAPCzM04JbQrwaGsP9CLhC5zxLQbCmoPeaOQQpTbxjcrgHJg==

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 48ms
44ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2013989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uao4%2BqbD%2B5dpvIxuPETQVrUqtxI8cGBsMSjsWc7DqTTTBREOd860lL8QM5HdBg5AnUlnPl6ZRxcNGx7eMHO4gKRHOn%2BlcKJ8clgpfGs3SSC53pMvmZQg8Dc%2FbhqU7J2V64NI17ZM0zxXd0zf%2FOLtws0%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 812282fcad8730f3-FRA
expires: Thu, 26 Sep 2024 01:53:39 GMT

GET
H2 200 poptin-style-en.css
cdn.popt.in/css/ 32 KB
6 KB 52ms
48ms Stylesheet
text/css 2606:4700:e6::ac40:c514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/css/poptin-style-en.css?ver=10
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 937165b54b6ab52132e90b8ba07061725498daefc8646f6353f2f10e0c85ab03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:39 GMT
x-amz-version-id: krZfXsaiKHc.p8.gAEi77pntA.MQdcVf
via: 1.1 ae2eaf89e0d81cd8867df60807612b22.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ARN56-P1
age: 3623
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Oct 2023 10:51:43 GMT
server: cloudflare
etag: W/"fe8584a8bb5cd111f30bacec3f8f9ba4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yykJhJ30U4dX%2FBjmqp65mqKGxsOPWdY33YTrB2fuNHynOY%2FmhK2axY%2FMg6AFeVuY2cybZFqZ6DgNyz%2FpC7ZcsyBcrLT%2F9KSq1jte0OrYElO25iiPYvPtcFXcMO2ulo6M8bdsW98YQe3HRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 812282fcaf394dcd-FRA
x-amz-cf-id: WR8I_B8EBECv1iQ3-EqzYUK7INhb-vlhhyfxJhxYMpEz11J7xHOwcg==

GET
H2 200 poptin-animations.css
cdn.popt.in/css/ 6 KB
2 KB 49ms
47ms Stylesheet
text/css 2606:4700:e6::ac40:c514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/css/poptin-animations.css?ver=10
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 310f7d360d659a851c73aa97dcb6031bf45c659cc822b13e947683c5689619f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/skindeep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:39 GMT
x-amz-version-id: GrfHHjI4B6ZyWz_lsfrOgkT5npVIf.z8
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 1634
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Oct 2023 10:51:43 GMT
server: cloudflare
etag: W/"407750e10b819ae6ef75e726fcd79341"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAMP3QJyj6NFrIHvn6yq3v6z4Jo8sjbQZHEGpZhDpt40ParO1h5ycrjZ%2Fb7FLVc5Dt6yZsGCVTUVnhxPcYm49H%2Bz%2FjPv7s9%2FhktbQ06JGtTmkf4hLPmTpsGUG00gR0AhFJimwPM3bf2z0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 812282fcbf3a4dcd-FRA
x-amz-cf-id: 7p9prHA3wXj7hgw15gl-8NRGUVdzp7pVbUZYIuewLa5sd--HjrFVvg==

GET
H2 200 account_9b61648a66fde_poptin_57086350dc63f_2022-08-22_22-26-47_version_14.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 57 KB
16 KB 163ms
51ms XHR
text/html 2600:9000:2251:a00:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_9b61648a66fde_poptin_57086350dc63f_2022-08-22_22-26-47_version_14.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:a00:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b00b157c20accaf8212bea0c83e634ad121f2602009cce5e8407f6780d332e9

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: yVCiKNDNsk9YdNy2EQa7G6eHbcJRg0yz
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
date: Fri, 06 Oct 2023 04:21:48 GMT
x-amz-cf-pop: FRA60-P3
age: 77512
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 01 Feb 2023 14:07:48 GMT
server: AmazonS3
etag: W/"4945120b9ac7e1de77ad5d192754b922"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: cLJM5x7vgtV9LoAn_fYdyCuyW4gew3RwlzLTlsQ8PGLNXSwKfHvdIA==

GET
H2 200 account_9b61648a66fde_poptin_67f5ecd30735e_2022-08-22_21-13-52_version_20.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 53 KB
20 KB 225ms
120ms XHR
text/html 2600:9000:2251:a00:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_9b61648a66fde_poptin_67f5ecd30735e_2022-08-22_21-13-52_version_20.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:a00:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0ab80f3a212f9e00c0e7920b2a77bf7be45a34c35e756d5a9e922e3d2c06fbd

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 05:18:01 GMT
x-amz-version-id: a3aJz0rPsSJDB0NVK4EBDCAj012eWngE
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 74139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 01 Feb 2023 15:33:55 GMT
server: AmazonS3
etag: W/"d8a2f1c2c9672f8c98870a6d197ab3a4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: FvkrYLQEuqbWNP3LSSFPH48EUJ0GvJfxwSoVab_97TcaQy9MV-sr4A==

GET
H2 200 account_55c22f12bdb6f_poptin_f0eac4a67c44a_2023-07-31_17-53-20_version_14.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 128 KB
52 KB 148ms
45ms XHR
text/html 2600:9000:2251:a00:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_55c22f12bdb6f_poptin_f0eac4a67c44a_2023-07-31_17-53-20_version_14.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:a00:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c9f4ade181c8b25385e3caf6cdd23930e13d0a008268d2b2d95b9ba6227cef5

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: XqglFCX5hYIymzV1AUCWCEY5EKLRCTlK
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
date: Fri, 06 Oct 2023 04:21:17 GMT
x-amz-cf-pop: FRA60-P3
age: 77543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 01 Aug 2023 07:16:02 GMT
server: AmazonS3
etag: W/"837009c4e58c6c6a5c678e92bf390337"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: n5sZoRwI2riuYFXjHXaih0eF1ij9vXX3KOMGX1okxdzpYW8VsRc55Q==

GET
H2 200 account_9621f0312c969_poptin_5ac201ed55036_2023-09-26_21-38-02_version_16.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 137 KB
43 KB 193ms
91ms XHR
text/html 2600:9000:2251:a00:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_9621f0312c969_poptin_5ac201ed55036_2023-09-26_21-38-02_version_16.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:a00:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0d600a9e0d303bd42a97ec4cbef390d78bcf2fa6ce52f9c5d513bdfb3631d90

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 7IDA01Tt8E093dlT0CC4AA5rvi3qI4YB
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
date: Fri, 06 Oct 2023 18:44:45 GMT
x-amz-cf-pop: FRA60-P3
age: 78089
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 02 Oct 2023 18:43:38 GMT
server: AmazonS3
etag: W/"2f5979b0094b98af419e48546a7101f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: Opy99DNW9lv4b3R5TSb5St1EBJcPulh4MuBW4hcf6mbfH1jI-Y-l7w==

GET
H2 200 account_9621f0312c969_poptin_680e1ac5c7022_2023-10-02_18-24-57_version_4.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 164 KB
64 KB 212ms
118ms XHR
text/html 2600:9000:2251:a00:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_9621f0312c969_poptin_680e1ac5c7022_2023-10-02_18-24-57_version_4.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:a00:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04a4c2e20bb7f8a36b7b7195cae7a5e7d1f17a4c8b5e86cc0f9eeeff5010de2b

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 9SXHlrEXXlrE4KPUnYfh7J3xvwhcrGlA
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
date: Fri, 06 Oct 2023 08:01:25 GMT
x-amz-cf-pop: FRA60-P3
age: 64335
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 03 Oct 2023 07:17:59 GMT
server: AmazonS3
etag: W/"ec49829e87dc24a89a611a9c26849f45"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: RVRaHofe8Dc4eS76W0_5IAE7qJ6pca9cXPgndFQ8yUYTiWaPsyrE4g==

GET
H2 200 account_022c669222fa0_poptin_3030449e6ae03_2022-08-22_18-26-49_version_16.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 61 KB
21 KB 275ms
184ms XHR
text/html 2600:9000:2251:a00:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_022c669222fa0_poptin_3030449e6ae03_2022-08-22_18-26-49_version_16.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:a00:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9812e0535932ca3263b6fc6a2e05a384c072d9753b0d78cf994bb527c2e4afea

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: fComh52UtVkJ1SzRGDISJAje28VXnofe
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
date: Fri, 06 Oct 2023 06:02:15 GMT
x-amz-cf-pop: FRA60-P3
age: 71709
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 01 Feb 2023 11:53:57 GMT
server: AmazonS3
etag: W/"f3701a9fd65ecea6ece5796e3bde7ace"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: NAXsPbl-FD_7S0jiWFxStxj4FplqjxJEzHadYcb6MhplRBBt0v1G_w==

GET
H2 200 account_022c669222fa0_poptin_3692925d66dc7_2023-02-03_20-45-59_version_4.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 106 KB
57 KB 246ms
166ms XHR
text/html 2600:9000:2251:a00:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_022c669222fa0_poptin_3692925d66dc7_2023-02-03_20-45-59_version_4.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:a00:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8917cff109e6626a4b834414d1628b31af591e9b51c3028bb6bca9eb521fdfdb

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: f.o_GvG7_qQ_cLBYHuZlg.UVFnW3Uxow
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
date: Fri, 06 Oct 2023 03:51:44 GMT
x-amz-cf-pop: FRA60-P3
age: 80210
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 03 Feb 2023 19:27:25 GMT
server: AmazonS3
etag: W/"52ff0bab6256a444dced5ebfddb107f9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: L7Xx0IqC45sQGrr04Wa34DDNCiLx4E_egVxcCaOqory_6yf9VH2fcg==

GET
H2 200 account_f1299265f6a20_poptin_f13163b063c83_2022-08-22_16-56-35_version_12.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 57 KB
7 KB 231ms
166ms XHR
text/html 2600:9000:2251:a00:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_f1299265f6a20_poptin_f13163b063c83_2022-08-22_16-56-35_version_12.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:a00:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a69c24838d049e592bd331e94f95d86e9f495a89cc93b801adcdce3a3b8c7c36

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: I_VuI34DFroPrM23Mogh7RMbZD4mWsSQ
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
date: Fri, 06 Oct 2023 06:37:56 GMT
x-amz-cf-pop: FRA60-P3
age: 69380
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 01 Feb 2023 22:40:55 GMT
server: AmazonS3
etag: W/"cac333920ac0f19c3b312b72bd5314b4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: ltovhj34W4eKMkx9pIk_ieRV_Bedyq__WKDXSCpom-DlJZmTOz0WCw==

GET
H2 200 account_e96f25e1679a4_poptin_64644527ff3a9_2023-03-01_16-43-33_version_26.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 121 KB
47 KB 214ms
159ms XHR
text/html 2600:9000:2251:a00:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_e96f25e1679a4_poptin_64644527ff3a9_2023-03-01_16-43-33_version_26.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:a00:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c98efacd5c1078d72312f2ffed4b039fd3afa83f5dd3e7d9ed3baa28af305a87

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 9W0iaP53Dnn.B6pq.Orz_7XAPXNt1hbK
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
date: Fri, 06 Oct 2023 06:41:03 GMT
x-amz-cf-pop: FRA60-P3
age: 69306
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 14 Mar 2023 22:45:24 GMT
server: AmazonS3
etag: W/"ab580e2b140523befde183e3030803ac"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: zI3wylHZMfsJ9JOlZeJcDqp-VpBdiDDLUMuNTDX9BknX0YcjZTIJnw==

GET
H2 200 account_e96f25e1679a4_poptin_66c7f4ef3cf08_2023-03-13_16-53-43_version_18.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 98 KB
39 KB 246ms
195ms XHR
text/html 2600:9000:2251:a00:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_e96f25e1679a4_poptin_66c7f4ef3cf08_2023-03-13_16-53-43_version_18.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:a00:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 472f5ade88ade1da0370f4108304c1846b5a2db7ea40136123f7ee41ae74fb74

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 05:34:16 GMT
x-amz-version-id: 1rJ3b5uxjt3O3QvShFVvPrLSk8lFOnD9
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 73164
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 14 Mar 2023 22:38:13 GMT
server: AmazonS3
etag: W/"5cd5d20b6f91830df1b22c06de773413"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 5luPDr5Q8e6T5hveo0wFiUDoe_unL0IH_5kH0arah4iKSLCuW4YOWg==

GET
H2 200 account_022c669222fa0_poptin_79516a1404560_2023-03-10_00-10-25_version_16.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 675 KB
479 KB 243ms
196ms XHR
text/html 2600:9000:2251:a00:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_022c669222fa0_poptin_79516a1404560_2023-03-10_00-10-25_version_16.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:a00:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 072b10966fb7b1f1113d882bb78101631c8fbd25f790ec25f4ff18775dc033f1

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 9.LtoWNM0jR_t6bd8TUROeQJA.EPRxgt
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
date: Fri, 06 Oct 2023 08:30:13 GMT
x-amz-cf-pop: FRA60-P3
age: 62606
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 14 Mar 2023 22:36:31 GMT
server: AmazonS3
etag: W/"2bf9e48c260fad219f48a4162137ad7e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: T3q_8pe19d_Q0uzxqSjS87Ds-jRals77aPHzu__mPZPvS15kELZI2A==

GET
H2 200 account_9b61648a66fde_poptin_6fe82e00a481a_2022-08-01_21-14-34_version_68.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 59 KB
10 KB 234ms
196ms XHR
text/html 2600:9000:2251:a00:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_9b61648a66fde_poptin_6fe82e00a481a_2022-08-01_21-14-34_version_68.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:a00:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5c7ba62b816a391d05aacea2f212ded2a02fd852df17aee12510193e602451b

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 0Vo7x2wr5bjcmiA__z87UL3KoTqabav1
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
date: Fri, 06 Oct 2023 03:57:37 GMT
x-amz-cf-pop: FRA60-P3
age: 78963
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 01 Feb 2023 16:17:06 GMT
server: AmazonS3
etag: W/"72b5ffa60bc6b5b90e899c2c72326f0c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: UwBE3Yj3rlwnTTbai9StuT51ooHeZMy7yANH0Pp4ie_lXaiUvnOBKA==

GET
H2 200 account_9b61648a66fde_poptin_cfa2893692e22_2022-08-02_23-06-01_version_30.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 55 KB
10 KB 228ms
194ms XHR
text/html 2600:9000:2251:a00:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_9b61648a66fde_poptin_cfa2893692e22_2022-08-02_23-06-01_version_30.html
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:a00:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b0d27cf634127be142eebb7f08342107056fb395035faf762cf34ce20a687d0

Request headers

Accept: */*
Referer: https://www.ewg.org/skindeep/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:12:15 GMT
x-amz-version-id: DpqsMw_v_q7D.7VKMAeu9NWTn_HDxooG
content-encoding: gzip
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 67285
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 01 Feb 2023 20:59:21 GMT
server: AmazonS3
etag: W/"262084188026df0de2da2a35c45e2949"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: WWoDxy-NEtjWFxAU3NktwVo7LJWuHL8S_pra0UYwVDtA_wfoyRsDqg==

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 142ms
55ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 01:53:39 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6843397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Thu, 22 Jun 2023 11:02:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3a-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYm9BXF2kAU%2FDp%2BhQ9ThH%2BlfIOzeEC1XQa7vmfg13mmc0rYLBcD4kZ28L0CX7PRWHYuVcwP1eHGjd89h5yiOcri%2FdPXUZ%2FSjaHW2uhx2OwNvRGIj69ULwK%2Fhtu1Dy0Y57NMrQEbH31IrRIjnrhA2sK6%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 812282febd0c2bcf-FRA
expires: Thu, 26 Sep 2024 01:53:39 GMT

GET
DATA 200
OK truncated
/ 32 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9cb8e5016e3d6a739ea4598672ff18cd77e046dedccdef837ba364b2a13e021

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 53 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f91ef2b49aa451d0551d81fd1cb986ceb6c9cb4c38c5d483ae20f9dd44d50e46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f327f0e7319aee52de6e98d5c727dbcf7fbb44e6282a592925de20a53855d79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 50 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 986d2df771cdf8faf8becb7ab6c99dff3b2dce1a8ce4442c3113098e6c37aa1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cb461a42fd29820f8a528721844445a4b2005ea7ab477c99d89911f0bdf789d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/jpeg

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ewg.org/	1970-01-21 00:53:23	Name: __utma Value: 232508224.7576853.1696643617.1696643617.1696643617.1
.ewg.org/	1969-12-31 23:59:59	Name: __utmc Value: 232508224
.ewg.org/	1970-01-20 19:40:11	Name: __utmz Value: 232508224.1696643617.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.ewg.org/	1970-01-20 15:17:24	Name: __utmt Value: 1
.ewg.org/	1970-01-20 15:17:24	Name: __utmt_rollup Value: 1
.ewg.org/	1970-01-20 15:17:25	Name: __utmb Value: 232508224.2.10.1696643617
.ewg.org/	1969-12-31 23:59:59	Name: fundraiseup_stat Value:
.ewg.org/	1970-01-21 00:53:23	Name: fundraiseup_cid Value: 16966436167151468069
.ewg.org/	1969-12-31 23:59:59	Name: fundraiseup_func Value: {%22t%22:%22.ewg.org%22%2C%22s%22:%221696643616717%22%2C%22sp%22:1}
profile.ngpvan.com/	1970-01-21 00:53:23	Name: ngpvanuser Value: BuPvdHc3Qz3nUOJ_3Bnfkebg
.ewg.org/	1970-01-20 17:26:59	Name: _gcl_au Value: 1.1.1083048024.1696643617
.everyaction.com/	1970-01-21 00:02:47	Name: visid_incap_823975 Value: /cnAmqN8RG6WTrs/3PI25yC6IGUAAAAAQUIPAAAAAACi9MfS1rbj33hIJot7JRX+
.everyaction.com/	1969-12-31 23:59:59	Name: incap_ses_730_823975 Value: dCLuQduuak18oNT/KHwhCiC6IGUAAAAA+0y+5DRir394y9l2zY2Gmw==
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_823975 Value: 1sxud87npXxUaGb0xwoUeQAAAACl9mIpwTizHdgbzKU3YyAS
.ewg.org/	1970-01-21 00:02:59	Name: cf_clearance Value: .0njJv6tj9ZrkdCrS5Kh7DCfR5dDa8FpOCq1lN.bEFI-1696643617-0-1-68136468.580f3505.889bdc1a-0.2.1696643617
.ewg.org/	1970-01-21 00:53:23	Name: _ga_CS21GC49KT Value: GS1.1.1696643617.1.0.1696643617.0.0.0
tags.srv.stackadapt.com/	1970-01-21 00:02:59	Name: sa-user-id Value: s%3A0-683cce95-4ab3-5c3d-6f24-ac2bdca6dd08.UF9VUKMSY3s1gNintEj%2F20qm2ZAc6F8QgNVQnj0qn2M
.srv.stackadapt.com/	1970-01-21 00:02:59	Name: sa-user-id Value: s%3A0-683cce95-4ab3-5c3d-6f24-ac2bdca6dd08.UF9VUKMSY3s1gNintEj%2F20qm2ZAc6F8QgNVQnj0qn2M
tags.srv.stackadapt.com/	1970-01-21 00:02:59	Name: sa-user-id-v2 Value: s%3AaDzOlUqzXD1vJKwr3KbdCFD_B2U.R5uPQ7r1VsJWtPUXibal1DKjc7AbCc4JldOUSdIQm7w
.srv.stackadapt.com/	1970-01-21 00:02:59	Name: sa-user-id-v2 Value: s%3AaDzOlUqzXD1vJKwr3KbdCFD_B2U.R5uPQ7r1VsJWtPUXibal1DKjc7AbCc4JldOUSdIQm7w
tags.srv.stackadapt.com/	1970-01-21 00:02:59	Name: sa-user-id-v3 Value: s%3AAQAKIFbURH4pn9F9elphvKyN1Y2F2u-LEwwsvks73C-vemTuEHwYBCCh9IKpBjABOgSAjA8ZQgSo_6qy.yTgtmkvCDQcxKTzDBPbkBbcgT9xxrtFVdprKALSpJnE
.srv.stackadapt.com/	1970-01-21 00:02:59	Name: sa-user-id-v3 Value: s%3AAQAKIFbURH4pn9F9elphvKyN1Y2F2u-LEwwsvks73C-vemTuEHwYBCCh9IKpBjABOgSAjA8ZQgSo_6qy.yTgtmkvCDQcxKTzDBPbkBbcgT9xxrtFVdprKALSpJnE
.ewg.org/	1970-01-21 00:53:23	Name: _ga_FF5ZYEH177 Value: GS1.1.1696643617.1.0.1696643617.0.0.0
.ewg.org/	1970-01-21 00:53:23	Name: _ga Value: GA1.2.1171524572.1696643618
.ewg.org/	1970-01-20 15:18:50	Name: _gid Value: GA1.2.1892120520.1696643618
.ewg.org/	1970-01-20 15:17:23	Name: _dc_gtm_UA-296149-25 Value: 1
.doubleclick.net/	1970-01-21 00:38:59	Name: IDE Value: AHWqTUnihHMhY7YKHFT1402PYPnx-UUqCmengnaek23GtEej8H1024XbyeRcW_Uj
www.ewg.org/	1970-01-20 15:20:16	Name: poptin_old_user Value: true
www.ewg.org/	1970-01-21 00:02:59	Name: poptin_user_id Value: 0.sr75p8a7oe
.ewg.org/	1970-01-20 15:18:50	Name: _uetsid Value: 551c570064b411eebb086baad0103d24
.ewg.org/	1970-01-21 00:38:59	Name: _uetvid Value: 551ca8a064b411ee8f0b7d9a0780326e
www.ewg.org/	1970-01-21 00:02:59	Name: sa-user-id Value: s%253A0-683cce95-4ab3-5c3d-6f24-ac2bdca6dd08.UF9VUKMSY3s1gNintEj%252F20qm2ZAc6F8QgNVQnj0qn2M
www.ewg.org/	1970-01-21 00:02:59	Name: sa-user-id-v2 Value: s%253AaDzOlUqzXD1vJKwr3KbdCFD_B2U.R5uPQ7r1VsJWtPUXibal1DKjc7AbCc4JldOUSdIQm7w
www.ewg.org/	1970-01-21 00:02:59	Name: sa-user-id-v3 Value: s%253AAQAKIFbURH4pn9F9elphvKyN1Y2F2u-LEwwsvks73C-vemTuEHwYBCCh9IKpBjABOgSAjA8ZQgSo_6qy.yTgtmkvCDQcxKTzDBPbkBbcgT9xxrtFVdprKALSpJnE
.bing.com/	1970-01-21 00:38:59	Name: MUID Value: 15634857F16D69B523825BF4F0C168BB
.ewg.org/	1970-01-20 17:26:59	Name: _fbp Value: fb.1.1696643618181.611346610
www.ewg.org/	1970-01-20 15:17:23	Name: poptin_previous_url Value:
www.ewg.org/	1970-01-21 00:02:59	Name: poptin_user_ip Value: 2a01:4a0:1338:92::9
www.ewg.org/	1970-01-21 00:02:59	Name: poptin_user_country_code Value: false
www.ewg.org/	1970-01-20 16:00:35	Name: poptin_session_account_022c669222fa0 Value: true
www.ewg.org/	1970-01-20 16:00:35	Name: poptin_session_account_30866bc303d76 Value: true
www.ewg.org/	1970-01-20 15:17:25	Name: poptin_o_v_57086350dc63f Value: 26f02b5e62aad
www.ewg.org/	1970-01-20 15:17:25	Name: poptin_o_v_67f5ecd30735e Value: acb2596f20209
www.ewg.org/	1970-01-20 16:00:35	Name: poptin_session_account_55c22f12bdb6f Value: true
www.ewg.org/	1970-01-20 15:17:25	Name: poptin_o_v_5ac201ed55036 Value: 403b0a2425623
www.ewg.org/	1970-01-20 16:00:35	Name: poptin_session_account_9621f0312c969 Value: true
www.ewg.org/	1970-01-20 15:17:25	Name: poptin_o_v_680e1ac5c7022 Value: b065f602f5a32
www.ewg.org/	1970-01-20 15:17:25	Name: poptin_o_v_3030449e6ae03 Value: 56a0b2ba52033
www.ewg.org/	1970-01-20 16:00:35	Name: poptin_session_account_9b61648a66fde Value: true
www.ewg.org/	1970-01-20 15:17:25	Name: poptin_o_v_3692925d66dc7 Value: 6bb322ae07c05
www.ewg.org/	1970-01-20 15:17:25	Name: poptin_o_v_f13163b063c83 Value: 26f03a54201b3
www.ewg.org/	1970-01-20 16:00:35	Name: poptin_session_account_e96f25e1679a4 Value: true
www.ewg.org/	1970-01-20 16:00:35	Name: poptin_session_account_f1299265f6a20 Value: true
www.ewg.org/	1970-01-20 15:17:25	Name: poptin_o_v_6fe82e00a481a Value: d320a260f5b32
www.ewg.org/	1970-01-20 15:17:25	Name: poptin_o_v_cfa2893692e22 Value: 3b029a4522465
www.ewg.org/	1970-01-20 15:17:25	Name: poptin_session Value: true
www.ewg.org/	1970-01-20 16:00:35	Name: poptin_c_visitor Value: true

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d362h7pxdteoyk.cloudfront.net/ Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://www.ewg.org/skindeep/ Message: The resource https://static.fundraiseup.com/0.12ba9e45acaa.elements-vendors.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ewg.org/skindeep/ Message: The resource https://d362h7pxdteoyk.cloudfront.net/ was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ewg.org/skindeep/ Message: The resource https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.3f29d0a424c15a020014.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ewg.org/skindeep/ Message: The resource https://static.fundraiseup.com/sentry.685c41544713211d4276.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ewg.org/skindeep/ Message: The resource https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ewg.org/skindeep/ Message: The resource https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c493df9d423fa3cc5d89.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ewg.org/skindeep/ Message: The resource https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.6a83ec5143b3476f0a22.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ewg.org/skindeep/ Message: The resource https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ewg.org/skindeep/ Message: The resource https://static.fundraiseup.com/2.428ae4046cd0.elements-langs-vendors.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ewg.org/skindeep/ Message: The resource https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.d94eaadc1070343e6d33.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ewg.org/skindeep/ Message: The resource https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ewg.org/skindeep/ Message: The resource https://static.fundraiseup.com/3.d08da86256ed.async-vendors.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ewg.org/skindeep/ Message: The resource https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actions.everyaction.com
bat.bing.com
cdn.fundraiseup.com
cdn.jsdelivr.net
cdn.popt.in
cdnjs.cloudflare.com
connect.facebook.net
d1aqhv4sn5kxtx.cloudfront.net
d362h7pxdteoyk.cloudfront.net
d3lopmpcew67el.cloudfront.net
d3rse9xjbp8270.cloudfront.net
display.popt.in
ekr.zdassets.com
ewg.zendesk.com
fndrsp.net
fonts.popt.in
googleads.g.doubleclick.net
js.verygoodvault.com
p.typekit.net
phorcys-static.ewg.org
profile.ngpvan.com
region1.google-analytics.com
static.cloudflareinsights.com
static.ewg.org
static.fundraiseup.com
static.zdassets.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
tctguyhimcwcyexxgullu3seem0fkhrh.lambda-url.us-west-2.on.aws
use.typekit.net
www.ewg.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
104.16.51.111
104.18.70.113
104.26.5.251
142.250.186.130
143.204.98.103
172.67.72.38
188.114.96.3
2001:4860:4802:34::36
2600:1f14:50b:9a02:2b8:e236:39c9:797c
2600:9000:2057:5c00:10:fb15:b700:21
2600:9000:2251:a00:b:8c20:bf40:21
2600:9000:2251:f400:12:303c:8700:21
2606:4700:10::ac43:6f2
2606:4700::6810:3965
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700:e6::ac40:c414
2606:4700:e6::ac40:c514
2620:1ec:c11::200
2a00:1450:4001:802::2004
2a00:1450:4001:803::2003
2a00:1450:4001:806::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c07::9a
2a02:26f0:3100::1735:29f9
2a02:26f0:480:f::213:7ec6
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
45.60.33.183
52.57.67.90
52.84.186.88
0216c8dc29523e3ff49d1831d3ca3631eb225f80924b590c890c3b24228c7aba
0320cf460b6d0571714596f448dd8c8e5c07ca3a62be82f03a748e465a7ab297
04a4c2e20bb7f8a36b7b7195cae7a5e7d1f17a4c8b5e86cc0f9eeeff5010de2b
05e8056e4e591fb90a8094434a42c37c201c7367be9613d289508a00c72fdba1
072b10966fb7b1f1113d882bb78101631c8fbd25f790ec25f4ff18775dc033f1
092eb1cc8a065c048f13b6d256f2a1fcfbb6edd4d6862f8c45dbd22fb95d63e4
0a8a8d0d0e3dfaa79021f221ab8268c3febbe6123b612f3c0893888c63648dce
0ef81c7a94d77d72ba76a5238c123ba2745523677642c2e01318f327fdd6dcac
1087a767d25278138b8d58ae5f14a3bed5dcecb38583eb5bd30e48e009b23a8e
113f44dcb3d39c8c8f68989ca37c132c1f03a0ca7c3745de01867e85f2d4a342
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
13571462b2a61a563e2ea9d0e3151d87fc00cd48a0b753d8a4f677b89b0c92db
160f8cc050512a40c6445bc42fac73fe2a1488abda38473c7e6360100268f1e3
17b08df49e5ac7754bfab51c081d32f1b1728a984f6819d21939d987836e5bc8
187ea54d6887c652cb31b868955e5f254799a7ed2ccd99665520c1ad76fd5c2b
19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048
1a0ca610af6d4a0f5191be975668ba022ac66287d97e243dc26fd68ccd0762f0
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
261f818a169dac2b42a9abc0eb12e4c122ab4c696d09dd81a2bc81bb1745befc
268c0022ee889d1277e8bcf016f47b7d6e9297f11a6cbb4a2d0e4c89bebb463d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d35c4f1697f12e2435631b97ec36ba6cf21873d9307df3079acec25af871b54
310f7d360d659a851c73aa97dcb6031bf45c659cc822b13e947683c5689619f2
341d7dcd927831c3693154df7ec2d983023d1f1a77f85e1f6c8cc35b9edfabba
361f52574b5ed0e7fd053eb1cc6ac1be87ae56134a739e8736b6bf3a1d8f559f
36431667a50d408c0cdfdf90bd79b0a2c4b40efec6b0b0e6445905fed7fb6dd3
3679f10c2bb8d1f47ecf8de8f3797d112ace5ae841f73128d25d3dbc15a116c9
36f0e77e5b8f2f5b9bfee300900a3460d10371ea3a8ec8623c9dfbe2a3ce4c19
36f7c640f6ac2c7631efc692d2156286200b316a7702dcdc5a55094945425dd8
3a0440e98130b5a75a59f6e01af2ef189101302b0e48d11b43360e907ba3b7c5
3b0d27cf634127be142eebb7f08342107056fb395035faf762cf34ce20a687d0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46954197136ba6c46bc950e1bdc5f339be1718a510cb5b9508cb3a965d2a5d4f
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
472f5ade88ade1da0370f4108304c1846b5a2db7ea40136123f7ee41ae74fb74
49a020f82b17a6a6542563ac67191ea3a75defc3d45336309b0d2c20b885a372
4b5f3af1ebefcf3c0a29825b219da7f99a6d3c2f2b2ad3f649cf551717aaf75e
4cb461a42fd29820f8a528721844445a4b2005ea7ab477c99d89911f0bdf789d
50ef36c9070d19d4cb6a8c71aa5b2834efeffe4cc1de98bcf5ac8e67b593d82e
53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912
54ac646fb7f53b96352444aec92464b44ea2cccb6557f1f0aafa78011f4d09a5
559d6434c97df4d0a882e70deeacbb736788a8e0cc2aedd606767aa1fe521007
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
58c3b489b0597762ad5971b3ef62803c0cca81f6c35e582c3f1b22bc01169e5b
59beda93695ab1cc08083b8d5874b4cc4d73ed40d14cbe3a95a54a431e5166af
5b00b157c20accaf8212bea0c83e634ad121f2602009cce5e8407f6780d332e9
5b5e6835f1b826466263e7547f6ed739ff134db24b61317609a4c521fee6d8dc
5c9f4ade181c8b25385e3caf6cdd23930e13d0a008268d2b2d95b9ba6227cef5
5f398f5e5f249fa9cf6c62078d0e3e620c099d818f6c8de062765e15023949b0
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6581504f3ba8a894ae75c27e4ad833878bc4802a9f9a651e1a4113d99a3f5e41
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c50942ffdc3976344714610879e76021ac023d83cf5e2b3df62f0f42c3d6415
6d3f62d4d17969f9c70e9438cf671004725019e868123f2ebc295a006f8d5d2d
7179e2e2669b01130a84a98d845afabbced3f73cdaf84da253159aba8d564fff
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e10ad827ecc0b5ea668e3826bcb4ccbaa943a60b74cd3960a187b3489469204
7e369338ab669bdf9f352653e33ae86ea923d7c2d796020fc2d86ace6d8b8128
7fa34b986017bc16b1301d1b59209bb0272439e830b14e387fe1eba7b25ecb90
7fbe50cdc5ae5c288588a72ead3c0ba70674805991decc1175c5f29ec5a25719
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8503bb1f3969798a88dce37ee7f38979711dfd7495f5b8dafd66a19ff24e2d15
857bab6beda0f9b11810762d9bfc7136ddae2b54f022db78cc32f26663648f88
888a28e91666aff7daf55980ae959a847d15e0679df05b23f3915f4ad901ea12
8917cff109e6626a4b834414d1628b31af591e9b51c3028bb6bca9eb521fdfdb
8972611117f010e304a392d3c14c5dd5f8ae6919c447b0eca916c858df3a07ac
8b6e1621b8ede01def3b5b74dca23d7971e6916d306464ddf550fd3d2f28eb2b
8f327f0e7319aee52de6e98d5c727dbcf7fbb44e6282a592925de20a53855d79
937165b54b6ab52132e90b8ba07061725498daefc8646f6353f2f10e0c85ab03
967b9bf17234e1a8f1dc2de16e4ac62c6f871267cfc8551dc2b97fb798b2c52b
9812e0535932ca3263b6fc6a2e05a384c072d9753b0d78cf994bb527c2e4afea
986d2df771cdf8faf8becb7ab6c99dff3b2dce1a8ce4442c3113098e6c37aa1b
9a38beab59f8f77a5cda0de87a22d89b1a2af06c3949db509be8932259c10524
9e93be17b533bd2401f20952c1009ec6fb5d26c3312398c3ec44c47a1852b67d
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a100936394df295ab87d086d4004e52e8fb1b48a50a1dcac78069d93b91f1cba
a1fbf4ee73f3d9d0c531f2e308de3573d5fedfcdeed9ae4816b8127382d3bcf6
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a4006e260f6b643412885e474d05b9c6c0807252c0b5c0da272bbf30129bddbe
a69c24838d049e592bd331e94f95d86e9f495a89cc93b801adcdce3a3b8c7c36
a6a15101658e8100ecdcce82a5f214b47d1df8eaf2cb9b2582e5a2c5bb7d021c
a6c477075c272f9a8f221223f6b4bf574db7d4b42bcd3c793dac2a61b7cc4ee7
a803699b66c0ec59ca0b0c4a0c0ca5d8770db033028d7c15ae82143ab914398d
a863e3394fe3ce02b3e88e7cb6875e229473beecf5a065d96bc5636fe20dcdff
a9cb8e5016e3d6a739ea4598672ff18cd77e046dedccdef837ba364b2a13e021
ac5b025ff904a91baaf324cd932fac5f80f1754b881f04f48bb3f0a5eb8fc9c3
b30426d9b37d898a06811d21b2af9fc7ffe8d8c608cb3976f3fe609e3a75bcf4
b8b8e77df304134446ca875214b28cdbb9a36511daedbc4b8ba8ef77fc86964c
be1a421478b0db46432aacabb189bdf0fe9ec2bede3f3a5e37e5aba482f132c4
c046b01353fcd84c5e8961116888d55dcac7e766338835a3bd20b4aee7be7637
c088b5d549536ce28859cd9e3f496aa697639e02bc4aa0e274d907c5bb902aef
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c2eee7cee0aef81969589d21b08757dbe3224317d8d1b5a45cf7a5fd5046ba29
c437a17da8114355dee5c74e377f08aa5bf887ef8a92444025e3682ece3d48dc
c4bda90120ff721ca369ce708df48e398f0d097a1286e88e0156da0d5d1b9ce4
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c5c7ba62b816a391d05aacea2f212ded2a02fd852df17aee12510193e602451b
c8b4c614ea58c83fd79f81fd2678d9f7a37f0d7ca9c43c0c1703287504ebc537
c98267e669cfec3a2a89eb501b16d6d8fba8e0d33e09f355554b19fcf213ffea
c98efacd5c1078d72312f2ffed4b039fd3afa83f5dd3e7d9ed3baa28af305a87
ca4fe387961ea77fda665b0f722f04cf4629e66a1bf4196637f9796f4467e1ea
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda5978b34be4157995a6dd661befe10ad332ffcac83b83229324db1a227b5b8
d0e0eb6a1e7146b4beb8c9ab7acc19dd13363f0beab6f3ca10ba3620a1f61fd2
d3008edad42e4b49a7b5e383b4c7790b023e2e1c7bbf902063a69b8ce87d5126
d41cc847bf3a40dc050509ee4f267bc2e1343f7be5a3c5aff080f9248c885545
d625ffeb66507b5bb261bed24c35f5f5ff9f156f5ebd3fce5b95f29f054f5469
d73185668502041d66528803f544303abbda757cc20178a19c8405a4bbb9ef23
d7459dd5ce48ddd21da15f490514af4be07ff85f0b0b6b9e118542d68ff5ec91
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
d9b60061d478908a24bce56feb1b8507019f7c54092f63936e209ec1018249ab
da4511b1a9061dbcdf74276a1cb279848ee0739b2f047eed7a16abb6155fe3d0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df79a80703f73833f886070789c35e196e02e688c5f5652ca13c606b7d34dc32
e0d600a9e0d303bd42a97ec4cbef390d78bcf2fa6ce52f9c5d513bdfb3631d90
e0efecbe3adc4cc280dc03de06b5c6ac654359e0328ea00a4979acfbee27329c
e2f8bb7812e3ad4b10af4e0612143c313f2af19df81d844518c6353af7ae931a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea4923099ea8439cb018b666a405fc9c1d7ffb3cd920ffb1a796e645a112e26d
ec0ba5b7f9f26cfcbb9fa05457fdc7627726b8f4dbff4be8a67f2969aed75b92
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ab80f3a212f9e00c0e7920b2a77bf7be45a34c35e756d5a9e922e3d2c06fbd
f4a670daaecef789dee4ea4b188744e21da9006e40c343c84b6a90c59fc659e2
f7847a31849da96836f0955dc737910448c9d92b6f5b716293b40f480492048a
f91ef2b49aa451d0551d81fd1cb986ceb6c9cb4c38c5d483ae20f9dd44d50e46
fa4ffe02411e1ffaaa2bda2fece4c0fb2c85456db525b6f31254e1fa0529d3cc
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

www.ewg.org Open in urlscan Pro 2606:4700:10::ac43:6f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

146 Requests

97 %HTTPS

70 %IPv6

26 Domains

38 Subdomains

34 IPs

5 Countries

4680 kBTransfer

11072 kBSize

57 Cookies

9 Outgoing links

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ewg.org Open in urlscan Pro
2606:4700:10::ac43:6f2 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

97 %
HTTPS

70 %
IPv6

26
Domains

38
Subdomains

34
IPs

5
Countries

4680 kB
Transfer

11072 kB
Size

57
Cookies

146 HTTP transactions
6 data transactions