www.ewg.org Open in urlscan Pro
2606:4700:10::ac43:6f2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ewg.org/
Effective URL:
https://www.ewg.org/
Submission: On December 14 via api (December 14th 2022, 7:32:25 pm UTC) from US — Scanned from DE

Summary HTTP 267 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 48 IPs in 5 countries across 37 domains to perform 267 HTTP transactions. The main IP is 2606:4700:10::ac43:6f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ewg.org. The Cisco Umbrella rank of the primary domain is 231255.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 2nd 2022. Valid for: a year.

This is the only time www.ewg.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:174b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	2606:4700:10:... 2606:4700:10::ac43:6f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20e... 2600:9000:20eb:e000:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
9	104.84.56.126 104.84.56.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.22.0.244 104.22.0.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
18	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
2	104.26.8.138 104.26.8.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	172.67.15.63 172.67.15.63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	18.66.147.109 18.66.147.109	16509 (AMAZON-02) (AMAZON-02)
1	147.135.78.45 147.135.78.45	16276 (OVH) (OVH)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
8	3.216.203.91 3.216.203.91	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	108.138.24.138 108.138.24.138	16509 (AMAZON-02) (AMAZON-02)
8	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2606:4700:e4:... 2606:4700:e4::ac40:ac16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
9	2600:9000:249... 2600:9000:2490:5400:3:1d53:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
7	20.60.58.97 20.60.58.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2606:4700::68... 2606:4700::6813:d483	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.214.117.136 18.214.117.136	14618 (AMAZON-AES) (AMAZON-AES)
10	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:e4:... 2606:4700:e4::ac40:ad16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2600:9000:225... 2600:9000:2251:2000:b:8c20:bf40:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
2	13.69.106.215 13.69.106.215	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	54.88.161.92 54.88.161.92	14618 (AMAZON-AES) (AMAZON-AES)
2	76.223.13.31 76.223.13.31	16509 (AMAZON-02) (AMAZON-02)
8	18.194.76.248 18.194.76.248	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.77 52.222.214.77	16509 (AMAZON-02) (AMAZON-02)
267	48

1 2606:4700:10::6816:174b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.ewg.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:10::ac43:6f2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ewg.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ewg.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:e000:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.84.56.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.22.0.244 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
act.ewg.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
actions.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.8.138 (United States)

ASN13335 (CLOUDFLARENET, US)

fndrsp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.67.15.63 (United States)

ASN13335 (CLOUDFLARENET, US)

static.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 18.66.147.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-109.fra60.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.78.45 (United States)

ASN16276 (OVH, FR)

sentry.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.216.203.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-203-91.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.24.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-138.fra56.r.cloudfront.net

d1aqhv4sn5kxtx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e4::ac40:ac16 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2490:5400:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 20.60.58.97 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:d483 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.117.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-117-136.compute-1.amazonaws.com

srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:ad16 (United States)

ASN13335 (CLOUDFLARENET, US)

display.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2251:2000:b:8c20:bf40:21 (United States)

ASN16509 (AMAZON-02, US)

d3lopmpcew67el.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.215 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.88.161.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-161-92.compute-1.amazonaws.com

vgs-collect-keeper.apps.verygood.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.13.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.194.76.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-76-248.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-77.fra56.r.cloudfront.net

checkout.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	ewg.org 1 redirects www.ewg.org — Cisco Umbrella Rank: 231255 act.ewg.org static.ewg.org — Cisco Umbrella Rank: 373883	915 KB
25	fundraiseup.com cdn.fundraiseup.com — Cisco Umbrella Rank: 38284 static.fundraiseup.com — Cisco Umbrella Rank: 37088 sentry.fundraiseup.com — Cisco Umbrella Rank: 40440	481 KB
22	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 33143	591 KB
16	everyaction.com secure.everyaction.com — Cisco Umbrella Rank: 48736 static.everyaction.com — Cisco Umbrella Rank: 83826 actions.everyaction.com — Cisco Umbrella Rank: 83583	475 KB
14	cloudfront.net d3rse9xjbp8270.cloudfront.net d1aqhv4sn5kxtx.cloudfront.net d3lopmpcew67el.cloudfront.net	1 MB
12	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2623	40 KB
11	typekit.net use.typekit.net — Cisco Umbrella Rank: 464 p.typekit.net — Cisco Umbrella Rank: 615	171 KB
10	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	339 B
10	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 5924	285 KB
10	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3226 srv.stackadapt.com — Cisco Umbrella Rank: 582	15 KB
8	braintreegateway.com client-analytics.braintreegateway.com — Cisco Umbrella Rank: 7827	1 KB
8	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	479 KB
8	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1678 m.addthis.com — Cisco Umbrella Rank: 1627 api-public.addthis.com — Cisco Umbrella Rank: 4465	219 KB
7	windows.net nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 60479	2 MB
7	popt.in cdn.popt.in — Cisco Umbrella Rank: 27456 display.popt.in — Cisco Umbrella Rank: 27729	116 KB
7	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 47863 secure.ngpvan.com — Cisco Umbrella Rank: 52984 fastaction.ngpvan.com — Cisco Umbrella Rank: 99231	6 KB
7	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	3 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 371	24 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6041	740 B
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	660 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	326 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 304 fonts.googleapis.com — Cisco Umbrella Rank: 37	62 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 740 syndication.twitter.com — Cisco Umbrella Rank: 1034	133 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	62 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 8940	1 KB
2	verygood.systems vgs-collect-keeper.apps.verygood.systems — Cisco Umbrella Rank: 68108	313 B
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 803	281 B
2	azurewebsites.net lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 12184	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 162	3 KB
2	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 923	94 KB
2	pinterest.com widgets.pinterest.com — Cisco Umbrella Rank: 6640	415 B
2	fndrsp.net fndrsp.net — Cisco Umbrella Rank: 33763	1007 B
1	paypal.com checkout.paypal.com — Cisco Umbrella Rank: 13079	3 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2191	47 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1903	894 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 389	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 999	6 KB
267	37

	Domain	Requested by
35	www.ewg.org	1 redirects www.ewg.org static.fundraiseup.com
23	static.fundraiseup.com	www.ewg.org cdn.fundraiseup.com static.fundraiseup.com
22	js.verygoodvault.com	d3rse9xjbp8270.cloudfront.net act.ewg.org js.verygoodvault.com
10	www.facebook.com	www.ewg.org act.ewg.org
10	www.lightboxcdn.com	www.ewg.org www.lightboxcdn.com act.ewg.org
10	www.google-analytics.com	www.ewg.org www.googletagmanager.com act.ewg.org
9	d3lopmpcew67el.cloudfront.net	static.fundraiseup.com
9	static.everyaction.com	act.ewg.org static.everyaction.com
9	use.typekit.net	www.ewg.org use.typekit.net act.ewg.org
8	client-analytics.braintreegateway.com	az416426.vo.msecnd.net
8	connect.facebook.net	www.ewg.org connect.facebook.net act.ewg.org
8	tags.srv.stackadapt.com	www.ewg.org tags.srv.stackadapt.com static.fundraiseup.com az416426.vo.msecnd.net
7	nvlupin.blob.core.windows.net	act.ewg.org
6	bat.bing.com	www.googletagmanager.com bat.bing.com www.ewg.org act.ewg.org
6	secure.everyaction.com	d3rse9xjbp8270.cloudfront.net www.ewg.org static.fundraiseup.com az416426.vo.msecnd.net
5	cdn.popt.in	www.googletagmanager.com cdnjs.cloudflare.com
4	www.google.de	www.ewg.org act.ewg.org
4	www.google.com	2 redirects www.ewg.org act.ewg.org
4	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
4	act.ewg.org	ajax.googleapis.com act.ewg.org az416426.vo.msecnd.net
4	www.googletagmanager.com	www.ewg.org www.googletagmanager.com act.ewg.org
4	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net static.fundraiseup.com static.everyaction.com az416426.vo.msecnd.net
4	s7.addthis.com	www.ewg.org s7.addthis.com
3	cdnjs.cloudflare.com	cdn.popt.in cdnjs.cloudflare.com
3	api-public.addthis.com	static.fundraiseup.com s7.addthis.com
3	stats.g.doubleclick.net	www.google-analytics.com static.fundraiseup.com
3	d3rse9xjbp8270.cloudfront.net	www.ewg.org d3rse9xjbp8270.cloudfront.net
2	payments.braintree-api.com	az416426.vo.msecnd.net
2	vgs-collect-keeper.apps.verygood.systems	js.verygoodvault.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	platform.twitter.com	act.ewg.org platform.twitter.com
2	lightboxapi.azurewebsites.net	www.lightboxcdn.com
2	display.popt.in	static.fundraiseup.com az416426.vo.msecnd.net
2	srv.stackadapt.com	www.ewg.org
2	fonts.googleapis.com	act.ewg.org cdnjs.cloudflare.com
2	region1.google-analytics.com	www.googletagmanager.com
2	d1aqhv4sn5kxtx.cloudfront.net	www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com
2	www.googleoptimize.com	www.googletagmanager.com
2	widgets.pinterest.com	s7.addthis.com
2	secure.ngpvan.com	static.fundraiseup.com az416426.vo.msecnd.net
2	fndrsp.net	cdn.fundraiseup.com
2	p.typekit.net	use.typekit.net
2	ajax.googleapis.com	www.ewg.org act.ewg.org
1	checkout.paypal.com	static.everyaction.com
1	actions.everyaction.com	az416426.vo.msecnd.net
1	fastaction.ngpvan.com	static.everyaction.com
1	syndication.twitter.com	platform.twitter.com
1	az416426.vo.msecnd.net	act.ewg.org
1	static.ewg.org	www.ewg.org
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	sentry.fundraiseup.com	static.fundraiseup.com
1	cdn.fundraiseup.com	www.ewg.org
1	static.cloudflareinsights.com	www.ewg.org
267	56

This site contains links to these domains. Also see Links.

Domain
act.ewg.org
www.facebook.com
twitter.com
www.youtube.com
instagram.com
www.ewgactionfund.org
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
fundraiseup.com Cloudflare Inc ECC CA-3	`2022-06-21` - `2023-06-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.ngpvan.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-12-09` - `2023-12-08`	a year	crt.sh
*.fndrsp.net E1	`2022-10-23` - `2023-01-21`	3 months	crt.sh
*.verygoodvault.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.everyaction.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-11` - `2023-04-11`	a year	crt.sh
sentry.fundraiseup.com R3	`2022-12-14` - `2023-03-14`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
clusteroa-mcghe.ngpvanapp.com SSL.com RSA SSL subCA	`2022-06-07` - `2023-06-07`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2022-10-09` - `2023-11-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-23` - `2022-12-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
static.everyaction.com Amazon	`2022-06-08` - `2023-07-07`	a year	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 02	`2022-11-17` - `2023-11-12`	a year	crt.sh
*.stackadapt.com Amazon	`2022-06-07` - `2023-07-05`	a year	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01	`2022-03-14` - `2023-03-09`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 06	`2022-11-21` - `2023-11-16`	a year	crt.sh
vgs-collect-keeper.apps.verygood.systems R3	`2022-11-19` - `2023-02-17`	3 months	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2022-09-15` - `2023-10-16`	a year	crt.sh
client-analytics.braintreegateway.com DigiCert SHA2 High Assurance Server CA	`2022-03-16` - `2023-04-16`	a year	crt.sh
checkout.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-07-28` - `2023-08-28`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.ewg.org/
Frame ID: A6943D3077C68A169D8908FB4D38562A
Requests: 150 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CD9E66A517DEE6EE459729F7F69F049E
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: DA02D1CD885791EDE588E303B9684AB0
Requests: 1 HTTP requests in this frame

Frame: https://www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671033600
Frame ID: A53C12F158AA1AB0715C53D786384A88
Requests: 3 HTTP requests in this frame

Frame: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Frame ID: E6A9F51D7D4DE64E30F883C9CA09CD99
Requests: 86 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1671046337990&lv=1
Frame ID: 29E8D861A10178B98872702C97FCFC18
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fact.ewg.org
Frame ID: 01DE76200D7FD3F17D0196C91D4D2792
Requests: 2 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1671046339130&lv=1
Frame ID: 1B5AA9682AA918365B4287E274E4DC9A
Requests: 2 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Frame ID: 448A4FA8BA841C3150EE355D6B583C51
Requests: 4 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Frame ID: 165F89BACC6EA107AC84FCDC8C8041C7
Requests: 17 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Frame ID: F2E3F0A57A4E112435034FD7AD3FC199
Requests: 2 HTTP requests in this frame

Frame: https://checkout.paypal.com/web/3.44.2/html/dispatch-frame.min.html
Frame ID: AD10795011E3145BC3DB231FA8E49A99
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Environmental Working Group – Empowering  Healthy Choices | Environmental Working Group(link is external)FacebookTwitterEmail AppPinterestAddThisFacebookTwitterEmail AppPinterestAddThisPinterestFacebookEmailCopy Link

Page URL History Show full URLs

http://www.ewg.org/ HTTP 301
https://www.ewg.org/ Page URL

Detected technologies

AddThis (Widgets) Expand

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Lightbox (JavaScript Libraries) Expand

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

267
Requests

99 %
HTTPS

56 %
IPv6

37
Domains

56
Subdomains

48
IPs

5
Countries

7896 kB
Transfer

19007 kB
Size

80
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://act.ewg.org/onlineactions/u11SBV__yEGUAYpdlg_T4Q2?sourceid=1009049
Title: Donate

Search URL Search Domain Scan URL

URL: https://act.ewg.org/O6Wq1SkLXEam4cmOkmwkyA2?sourceid=1008982
Title: Donate

Search URL Search Domain Scan URL

URL: https://act.ewg.org/onlineactions/u11SBV__yEGUAYpdlg_T4Q2?sourceid=1021072
Title: Support Our Mission

Search URL Search Domain Scan URL

URL: https://act.ewg.org/gA5TECmdgkGgfeSIR_7vGQ2?sourceid=1020222
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ewg.org
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ewg
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/EnvironmentalWG/
Title: YouTube

Search URL Search Domain Scan URL

URL: https://instagram.com/environmentalworkinggroup
Title: Instagram

Search URL Search Domain Scan URL

URL: https://act.ewg.org/onlineactions/u11SBV__yEGUAYpdlg_T4Q2?sourceid=1020224
Title: Donate

Search URL Search Domain Scan URL

URL: http://www.ewgactionfund.org/
Title: EWG Action Fund(link is external)

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ewg.org/ HTTP 301
https://www.ewg.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071783566/?random=391899113&cv=11&fst=1671046337368&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ewg.org%2F&tiba=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&value=0&auid=485289946.1671046337&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=wSSaY-3JHced1waQsJqwCg&sscte=1&crd=&eitems=ChEIgIXmnAYQkta9xq6Z6bD1ARIdAAFPixoZSCbEN19obx5ru9yRhy_qW382tC2ajB8&pscrd=EkxDaEFJZ0lYbW5BWVEyWVM4b0tXeWdyTTVFaVVBTkx2QzFvSm5LMmZUOThQM19kd29MMHBBR2xrX1lBYko3MDItOEFUbXZ3RE9VRHY2GldDaEFJZ0lYbW5BWVEtOWVtbTVmMTdkSVZFaTBBSV8yVmlPeWt5R19fNm9DQ2tMWkkyeFRzMUFDQ1Y4XzhHU21nWkpIb29oby1pa3dkS0hjWDVIUXNRcjQ HTTP 302
https://www.google.com/pagead/1p-conversion/1071783566/?random=391899113&cv=11&fst=1671046337368&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ewg.org%2F&tiba=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&value=0&auid=485289946.1671046337&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0lYbW5BWVEyWVM4b0tXeWdyTTVFaVVBTkx2QzFvSm5LMmZUOThQM19kd29MMHBBR2xrX1lBYko3MDItOEFUbXZ3RE9VRHY2GldDaEFJZ0lYbW5BWVEtOWVtbTVmMTdkSVZFaTBBSV8yVmlPeWt5R19fNm9DQ2tMWkkyeFRzMUFDQ1Y4XzhHU21nWkpIb29oby1pa3dkS0hjWDVIUXNRcjQ&is_vtc=1&ocp_id=wSSaY-3JHced1waQsJqwCg&cid=CAQSKQDq26N9wCNB5nNXDC41iXhwJFbDaeuKDs3_0o8gQ4qTxhNR8x3KPBsMIBM&eitems=ChEIgIXmnAYQkta9xq6Z6bD1ARIdAAFPixri4RRAYAJD0oRmVex7IzB0o1mrwZKniyU&random=4263602495 HTTP 302
https://www.google.de/pagead/1p-conversion/1071783566/?random=391899113&cv=11&fst=1671046337368&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ewg.org%2F&tiba=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&value=0&auid=485289946.1671046337&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0lYbW5BWVEyWVM4b0tXeWdyTTVFaVVBTkx2QzFvSm5LMmZUOThQM19kd29MMHBBR2xrX1lBYko3MDItOEFUbXZ3RE9VRHY2GldDaEFJZ0lYbW5BWVEtOWVtbTVmMTdkSVZFaTBBSV8yVmlPeWt5R19fNm9DQ2tMWkkyeFRzMUFDQ1Y4XzhHU21nWkpIb29oby1pa3dkS0hjWDVIUXNRcjQ&is_vtc=1&ocp_id=wSSaY-3JHced1waQsJqwCg&cid=CAQSKQDq26N9wCNB5nNXDC41iXhwJFbDaeuKDs3_0o8gQ4qTxhNR8x3KPBsMIBM&eitems=ChEIgIXmnAYQkta9xq6Z6bD1ARIdAAFPixri4RRAYAJD0oRmVex7IzB0o1mrwZKniyU&random=4263602495&ipr=y&prhg=0

Request Chain 197

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071783566/?random=1444379519&cv=11&fst=1671046338603&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&ref=https%3A%2F%2Fwww.ewg.org%2F&tiba=Support%20EWG%20with%20a%20Year-End%20Gift!&value=0&auid=485289946.1671046337&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=wiSaY7ujKsStmLAPhtaj2AY&sscte=1&crd=&eitems=ChEIgIXmnAYQkta9xq6Z6bD1ARIdAAFPixpbjh2-uADMinwTIz_p_DL4YHBBiptIk3s&pscrd=EkxDaEFJZ0lYbW5BWVEyWVM4b0tXeWdyTTVFaVVBTkx2QzFvSm5LMmZUOThQM19kd29MMHBBR2xrX1lBYko3MDItOEFUbXZ3RE9VRHY2GldDaEFJZ0lYbW5BWVEtOWVtbTVmMTdkSVZFaTBBSV8yVmlLY3VnazdPX2dFYTZRZ1BZMXpzSVhpM1NXNWJUTmUteEZZUkxNUGpYLS01enNWY1A4b0laVGM HTTP 302
https://www.google.com/pagead/1p-conversion/1071783566/?random=1444379519&cv=11&fst=1671046338603&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&ref=https%3A%2F%2Fwww.ewg.org%2F&tiba=Support%20EWG%20with%20a%20Year-End%20Gift!&value=0&auid=485289946.1671046337&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0lYbW5BWVEyWVM4b0tXeWdyTTVFaVVBTkx2QzFvSm5LMmZUOThQM19kd29MMHBBR2xrX1lBYko3MDItOEFUbXZ3RE9VRHY2GldDaEFJZ0lYbW5BWVEtOWVtbTVmMTdkSVZFaTBBSV8yVmlLY3VnazdPX2dFYTZRZ1BZMXpzSVhpM1NXNWJUTmUteEZZUkxNUGpYLS01enNWY1A4b0laVGM&is_vtc=1&ocp_id=wiSaY7ujKsStmLAPhtaj2AY&cid=CAQSKQDq26N9yogd43hCRk8lHcNGT_JpbhYatD23hP0-mdF4AFTR9Sx6rNe7IBM&eitems=ChEIgIXmnAYQkta9xq6Z6bD1ARIdAAFPixodiN_MXc9nDJAs7LAAhrT9E5-2pcKZsnc&random=3948542626 HTTP 302
https://www.google.de/pagead/1p-conversion/1071783566/?random=1444379519&cv=11&fst=1671046338603&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&ref=https%3A%2F%2Fwww.ewg.org%2F&tiba=Support%20EWG%20with%20a%20Year-End%20Gift!&value=0&auid=485289946.1671046337&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0lYbW5BWVEyWVM4b0tXeWdyTTVFaVVBTkx2QzFvSm5LMmZUOThQM19kd29MMHBBR2xrX1lBYko3MDItOEFUbXZ3RE9VRHY2GldDaEFJZ0lYbW5BWVEtOWVtbTVmMTdkSVZFaTBBSV8yVmlLY3VnazdPX2dFYTZRZ1BZMXpzSVhpM1NXNWJUTmUteEZZUkxNUGpYLS01enNWY1A4b0laVGM&is_vtc=1&ocp_id=wiSaY7ujKsStmLAPhtaj2AY&cid=CAQSKQDq26N9yogd43hCRk8lHcNGT_JpbhYatD23hP0-mdF4AFTR9Sx6rNe7IBM&eitems=ChEIgIXmnAYQkta9xq6Z6bD1ARIdAAFPixodiN_MXc9nDJAs7LAAhrT9E5-2pcKZsnc&random=3948542626&ipr=y&prhg=0

267 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ewg.org/
Redirect Chain

http://www.ewg.org/
https://www.ewg.org/

71 KB
17 KB

736ms
709ms

Document
text/html

2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

ba7b668b5791d8a95fbedf6f068f6de9da86516bfc29986f78e0c5124ff325f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=300, public
cf-cache-status: DYNAMIC
cf-ray: 77995d4b88f05b8c-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=UTF-8
date: Wed, 14 Dec 2022 19:32:15 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Wed, 14 Dec 2022 19:16:08 GMT
permissions-policy: interest-cohort=()
server: cloudflare
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 12
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Non-Partisan Mallards
x-ua-compatible: IE=edge

Redirect headers

CF-RAY: 77995d4afddf9293-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 14 Dec 2022 19:32:15 GMT
Expires: Wed, 14 Dec 2022 20:32:15 GMT
Location: https://www.ewg.org/
Server: cloudflare
Server-Timing: cf-q-config;dur=4.9999998736894e-06
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bLMY4IbeO5Zdzi60Vrh0H1RYRxE.js Show response
www.ewg.org/cdn-cgi/apps/head/ 4 KB
2 KB 44ms
41ms Script
application/javascript 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ewg.org/cdn-cgi/apps/head/bLMY4IbeO5Zdzi60Vrh0H1RYRxE.js
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46954197136ba6c46bc950e1bdc5f339be1718a510cb5b9508cb3a965d2a5d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
x-amz-version-id: Ee77d5bFTzlnaYLHr8.lFL5T5uvSa7nt
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Apr 2022 18:32:07 GMT
server: cloudflare
x-amz-request-id: A1RWVWDMEBCV6KBW
age: 1441453
etag: W/"98eaf1726317685cb6a43f5317a6ca2b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77995d5008065b8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: P/O2dfjSV0AEgNPUVGElcmt837/29g8ACBut94FfR/q7xRiPiln+K2q9yDXbycIN1ds9Fw6ONVw=

GET
H2 200 google_tag.script.js Show response
www.ewg.org/sites/default/files/google_tag/ewg_gtm_prod/ 347 B
496 B 78ms
75ms Script
application/javascript 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/sites/default/files/google_tag/ewg_gtm_prod/google_tag.script.js?rmwaun

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

6a30178a7b8b29e1756fc62ab676fe5702f287c9e869a386d9a8b8450aacd8b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 17
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 756
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Dec 2022 19:16:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"15b-5efce9129ec3e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 77995d50082c5b8c-FRA
expires: Wed, 28 Dec 2022 19:16:33 GMT

GET
H2 200 css_LF44VakA4HWQczEsVvV_dRlTnLEJ7NaUzrCXfFFy1ZQ.css
www.ewg.org/sites/default/files/css/ 48 KB
7 KB 64ms
62ms Stylesheet
text/css 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/sites/default/files/css/css_LF44VakA4HWQczEsVvV_dRlTnLEJ7NaUzrCXfFFy1ZQ.css

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

8fd82bb80083d24034bfa306e18fffd38ec6b77638246a2e4adf10700e46c691

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 23
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227659
cf-polished: origSize=48762
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Dec 2022 14:17:41 GMT
cf-bgj: minify
server: cloudflare
etag: W/"199c-5ef29778882e0"
vary: Accept-encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 77995d5008085b8c-FRA
expires: Mon, 26 Dec 2022 03:09:18 GMT

GET
H2 200 css_gWzDOcqLz-UCcsp-2Q603Lm0KUoBcf_GbkMmxEuUUSU.css
www.ewg.org/sites/default/files/css/ 4 KB
1 KB 66ms
63ms Stylesheet
text/css 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/sites/default/files/css/css_gWzDOcqLz-UCcsp-2Q603Lm0KUoBcf_GbkMmxEuUUSU.css

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

1b82242ef266747ba64b6c6ee448a6c75524cee59a3279bac34153772ba39556

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 37
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227659
cf-polished: origSize=4663
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Dec 2022 14:17:41 GMT
cf-bgj: minify
server: cloudflare
etag: W/"4c5-5ef297788f4fd"
vary: Accept-encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 77995d50080e5b8c-FRA
expires: Sun, 25 Dec 2022 22:05:19 GMT

GET
H2 200 css_wQz34bFtV_Kf_gIXbAAoeH7ZH8niROCYBkCKUPW0jVA.css
www.ewg.org/sites/default/files/css/ 982 B
317 B 75ms
72ms Stylesheet
text/css 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/sites/default/files/css/css_wQz34bFtV_Kf_gIXbAAoeH7ZH8niROCYBkCKUPW0jVA.css

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

c922012cc3e3f066e9730c70ad9b997ad0d3b1386b4310d38793bfdca8b2e9e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 34
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227659
cf-polished: origSize=1012
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Dec 2022 14:17:41 GMT
cf-bgj: minify
server: cloudflare
etag: W/"dd-5ef2977896a5d"
vary: Accept-encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 77995d5008115b8c-FRA
expires: Sun, 25 Dec 2022 22:28:28 GMT

GET
H2 200 css_4sBZI9OT1NykSPLiBBCv_Xg4Sh6Qdnp2GT-IxEkIdR4.css
www.ewg.org/sites/default/files/css/ 2 KB
927 B 68ms
66ms Stylesheet
text/css 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/sites/default/files/css/css_4sBZI9OT1NykSPLiBBCv_Xg4Sh6Qdnp2GT-IxEkIdR4.css

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

51ceef1666747601f63ea51bf4fd7d806b7c161f54c3e62d1771f5d3e890000a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 30
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83873
cf-polished: origSize=2495
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Nov 2022 21:46:18 GMT
cf-bgj: minify
server: cloudflare
etag: W/"34e-5ee8ecd2a1cb3"
vary: Accept-encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 77995d5008125b8c-FRA
expires: Mon, 26 Dec 2022 03:15:08 GMT

GET
H2 200 wyp4ngq.css
use.typekit.net/ 5 KB
1 KB 73ms
15ms Stylesheet
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/wyp4ngq.css

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2a019d0278056f7fe4ffd5895fb85ef8c7c20bc729ddb0bbd375cee12ba70d41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 14 Dec 2022 19:32:16 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 889

GET
H2 200 css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css
www.ewg.org/sites/default/files/css/ 286 KB
29 KB 59ms
57ms Stylesheet
text/css 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

af061dea2a0b8f937879908649f8148dc17701396e50910f514353fb93aa029e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 44
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 80389
cf-polished: origSize=293215
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Dec 2022 20:13:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"70a3-5efbb3f32d86f"
vary: Accept-encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 77995d5008155b8c-FRA
expires: Tue, 27 Dec 2022 20:13:03 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 133ms
41ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 16:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 16:34:57 GMT

GET
H2 200 js_aQowG812v1NBgIvlmSL5IzenKNQJ_fSbYWpa67IYn70.js Show response
www.ewg.org/sites/default/files/js/ 79 KB
22 KB 57ms
55ms Script
text/javascript 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/sites/default/files/js/js_aQowG812v1NBgIvlmSL5IzenKNQJ_fSbYWpa67IYn70.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

a2a7c75e6f910b1a1635e6a0b5f6c364fd9462a3e8628f268c7d7324748c3535

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 10
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 231452
cf-polished: origSize=84533
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Dec 2022 14:17:42 GMT
cf-bgj: minify
server: cloudflare
etag: W/"54c4-5ef2977974843"
vary: Accept-encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 77995d5008165b8c-FRA
expires: Mon, 26 Dec 2022 03:09:22 GMT

GET
H2 200 js_QWzjbMkjzs8dtrGALRGtOmsT8rYcp9diUVZPdcfGNTY.js Show response
www.ewg.org/sites/default/files/js/ 22 KB
6 KB 67ms
65ms Script
text/javascript 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/sites/default/files/js/js_QWzjbMkjzs8dtrGALRGtOmsT8rYcp9diUVZPdcfGNTY.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

8946b615678bc7a69368a15f2cce5e5cad4aaf76f879c1772f88c082b15540e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 36
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 150073
cf-polished: origSize=38649
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 07 Dec 2022 20:24:49 GMT
cf-bgj: minify
server: cloudflare
etag: W/"260f-5ef42b659ed6b"
vary: Accept-encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 77995d5008195b8c-FRA
expires: Sun, 25 Dec 2022 23:07:02 GMT

GET
H2 200 js_6NoFANqb1Sup4PEDc_2-j2oX19WM3OuwmkiueE25ISc.js Show response
www.ewg.org/sites/default/files/js/ 228 B
318 B 87ms
85ms Script
text/javascript 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/sites/default/files/js/js_6NoFANqb1Sup4PEDc_2-j2oX19WM3OuwmkiueE25ISc.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

77e04b8d390412a549fc0a09b4ca07115813c56d8416068256f800a11d6ac7df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 92
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 120917
cf-polished: origSize=427
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Nov 2022 21:46:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"11d-5ee8ecd41ad78"
vary: Accept-encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 77995d50081a5b8c-FRA
expires: Sun, 25 Dec 2022 22:17:17 GMT

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 816 KB
231 KB 54ms
8ms Script
application/javascript 2600:9000:20eb:e000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97e2618e32ad4b988a384ed6633ce8d2311f57cdccb80f82754962ca3e6156f0

Request headers

Referer: https://www.ewg.org/
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:35:34 GMT
content-encoding: gzip
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 14203
x-cache: Hit from cloudfront
content-length: 235431
last-modified: Tue, 13 Dec 2022 15:35:24 GMT
server: AmazonS3
etag: "d06b344ac401cb4358b53b2467713d5e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: mHMPHnymlhiV9UC6RL61R7Zw9Z1wdBDJ_b9BwzuaE7Z7b0sCgiy0WQ==

GET
H2 200 js_BtHkHpAna_VBM6aHSQunlvjffLT2yuGcPQ0QfLkTkmw.js Show response
www.ewg.org/sites/default/files/js/ 31 KB
13 KB 87ms
85ms Script
text/javascript 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/sites/default/files/js/js_BtHkHpAna_VBM6aHSQunlvjffLT2yuGcPQ0QfLkTkmw.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

e042fc1de6d508bef82a6a8f52d043052fe3ca5ad56ac24a1abb759a0f1afd2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 85
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 120917
cf-polished: origSize=32211
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Nov 2022 21:46:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"3223-5ee8ecd41e305"
vary: Accept-encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 77995d50081c5b8c-FRA
expires: Sun, 25 Dec 2022 22:11:28 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 574ms
14ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 14 Dec 2022 19:32:16 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116406

GET
H2 200 js_z-1yhZdYgMmGWCciniYZ3nW_X5BjJ9TdfkRcq0cNOQg.js Show response
www.ewg.org/sites/default/files/js/ 4 KB
2 KB 87ms
86ms Script
text/javascript 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/sites/default/files/js/js_z-1yhZdYgMmGWCciniYZ3nW_X5BjJ9TdfkRcq0cNOQg.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

2d858c78a87544a1db5828168f44b0bc7838301d2a51ddac357b421fed0583a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 39
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 80389
cf-polished: origSize=5831
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Dec 2022 20:13:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"92a-5efbb3f3448b2"
vary: Accept-encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 77995d5008295b8c-FRA
expires: Tue, 27 Dec 2022 20:16:38 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 100ms
65ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.ewg.org/
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 77995d5088f39016-FRA

GET
H2 200 AKWZXHJB Show response
cdn.fundraiseup.com/widget/ 129 KB
45 KB 183ms
116ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fundraiseup.com/widget/AKWZXHJB

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

050c9f6306ca79b4b7ea83d820e5e9f836d212c1aba3cc0682184289ba9b12b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
server: cloudflare
etag: W/"3726744703"
vary: Accept-Encoding
content-type: text/javascript
cf-ray: 77995d50ba57995d-FRA
link: <https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js>; rel=preload; as=script, <https://static.fundraiseup.com/1.e143f8d79516.sentry.js>; rel=preload; as=script
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 128ms
38ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 19:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 459
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 14 Dec 2022 21:24:37 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 62ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=wyp4ngq&ht=tk&f=13464.13465.13472.13473.27079.27082.27083&a=1008292&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wyp4ngq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3 200 shutterstock_1169876839-1-optimized.jpg
www.ewg.org/sites/default/files/styles/wide_standard_banner/public/2022-11/ 148 KB
149 KB 110ms
110ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/sites/default/files/styles/wide_standard_banner/public/2022-11/shutterstock_1169876839-1-optimized.jpg?h=fa75da27&itok=SE1og-Hz

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

d16c55ac681ee1f1211caf1d0de636ded0610c0059a043f28831571201709a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 17 Dec 2022 05:31:08 GMT
date: Wed, 14 Dec 2022 19:32:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 907313
cf-polished: qual=85, origFmt=jpeg, origSize=209916
x-powered-by: Non-Partisan Mallards
x-cache: HIT
content-disposition: inline; filename="shutterstock_1169876839-1-optimized.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 151720
last-modified: Wed, 02 Nov 2022 19:59:31 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "333fc-5ec824765129e-gzip"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77995d510c239b5b-FRA
x-cache-hits: 27

GET
H3 200 james-sutton-strawberries.jpg
www.ewg.org/sites/default/files/styles/wide_standard_xl/public/2021-02/ 98 KB
98 KB 78ms
78ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/sites/default/files/styles/wide_standard_xl/public/2021-02/james-sutton-strawberries.jpg?h=312dccf8&itok=lvKX7mfe

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

016ff2f1d685a7ebfed54b6103415cfbef8b08e765e3d45a9a406ff13c07fac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Tue, 13 Dec 2022 05:22:58 GMT
date: Wed, 14 Dec 2022 19:32:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1147857
cf-polished: qual=85, origFmt=jpeg, origSize=118947
x-powered-by: Non-Partisan Mallards
x-cache: HIT
content-disposition: inline; filename="james-sutton-strawberries.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100162
last-modified: Wed, 31 Mar 2021 16:01:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "1d0a3-5bed73b94a921-gzip"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77995d510c319b5b-FRA
x-cache-hits: 130

GET
H3 200 arrow-right.svg
www.ewg.org/themes/custom/ewg/images/svg/ 491 B
624 B 138ms
137ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/themes/custom/ewg/images/svg/arrow-right.svg

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

6dac07583f8d9da0578856ee466052ca232c7c3b89dd0a05fd6c150dd3202ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 117
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 230212
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jun 2022 14:07:42 GMT
server: cloudflare
etag: W/"1eb-5e1a54718a5c6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 77995d510c369b5b-FRA
expires: Mon, 26 Dec 2022 03:08:39 GMT

GET
H2 200 l
use.typekit.net/af/dc8fcf/00000000000000003b9ad458/27/ 25 KB
25 KB 27ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/dc8fcf/00000000000000003b9ad458/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wyp4ngq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 107fa82c97e618d8eb31f798e0f15d4fcafe110485ae2b8e3583c49ef8800c1c

Request headers

Referer: https://use.typekit.net/wyp4ngq.css
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
server: nginx
etag: "88ff878fee440479df3185202326836c26088a83"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25832

GET
H3 200 icon-facebook.svg
www.ewg.org/themes/custom/ewg/images/svg/ 413 B
582 B 136ms
136ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/themes/custom/ewg/images/svg/icon-facebook.svg

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

ac3d0d0a02889fb01a78157d525af8ddd39c5ec1fcfeeb1c13c18d7153b3a319

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 100
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 215755
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jun 2022 14:07:42 GMT
server: cloudflare
etag: W/"19d-5e1a54718b430"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 77995d510c399b5b-FRA
expires: Sun, 25 Dec 2022 22:35:24 GMT

GET
H3 200 icon-twitter.svg
www.ewg.org/themes/custom/ewg/images/svg/ 977 B
859 B 136ms
136ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/themes/custom/ewg/images/svg/icon-twitter.svg

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

f58078ff438c748a6b2d9eb0d46d7b5c31e33af5e5c3a8fa0f5618155eda6493

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 82
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 164037
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jun 2022 14:07:42 GMT
server: cloudflare
etag: W/"3d1-5e1a54718b979"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 77995d510c3c9b5b-FRA
expires: Sun, 25 Dec 2022 22:17:18 GMT

GET
H3 200 icon-youtube.svg
www.ewg.org/themes/custom/ewg/images/svg/ 656 B
675 B 137ms
136ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/themes/custom/ewg/images/svg/icon-youtube.svg

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

aa5c43073aa598314008ce4cd0905eb40692ea9d9c744a5fd264d6fab508f597

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 87
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 212066
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jun 2022 14:07:42 GMT
server: cloudflare
etag: W/"290-5e1a54718babb"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 77995d510c3f9b5b-FRA
expires: Sun, 25 Dec 2022 22:17:18 GMT

GET
H3 200 icon-instagram.svg
www.ewg.org/themes/custom/ewg/images/svg/ 915 B
767 B 137ms
137ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/themes/custom/ewg/images/svg/icon-instagram.svg

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

8438e5b72880045c0274f043315f1a8522074266a74693426f0beccbb6162c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 138
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 212066
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jun 2022 14:07:42 GMT
server: cloudflare
etag: W/"393-5e1a54718b594"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 77995d510c439b5b-FRA
expires: Mon, 26 Dec 2022 03:08:34 GMT

GET
H3 200 bullet.svg
www.ewg.org/themes/custom/ewg/images/svg/ 315 B
513 B 137ms
137ms Image
image/svg+xml 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/themes/custom/ewg/images/svg/bullet.svg

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

3d8c7388d3a2e4bb4ceaee678cc4d01a85183c3cca9605a5546de5e7248e4fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 159
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 212066
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jun 2022 14:07:42 GMT
server: cloudflare
etag: W/"13b-5e1a54718a875"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 77995d510c459b5b-FRA
expires: Sun, 25 Dec 2022 22:12:34 GMT

GET
H2 200 l
use.typekit.net/af/294d74/00000000000000000001210a/27/ 16 KB
16 KB 29ms
12ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/294d74/00000000000000000001210a/27/l?subset_id=2&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wyp4ngq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8c954919f90065472cd14f0c455e09666de359675034a81be08c88951c807d58

Request headers

Referer: https://use.typekit.net/wyp4ngq.css
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
server: nginx
etag: "1a0cc7f7896513d267aa4885a72fa701369b224c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16036

GET
H2 200 l
use.typekit.net/af/cbd3bf/00000000000000003b9ad455/27/ 20 KB
20 KB 30ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cbd3bf/00000000000000003b9ad455/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wyp4ngq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8034a501dab0e4db0e10f7d1f0b3a060683398d112a80128384214776cd5381b

Request headers

Referer: https://use.typekit.net/wyp4ngq.css
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
server: nginx
etag: "85ae2e3f416813fa0ab5f189792070591cb6f35d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20292

GET
H2 200 l
use.typekit.net/af/ac6334/000000000000000000012059/27/ 29 KB
29 KB 25ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ac6334/000000000000000000012059/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wyp4ngq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0216c8dc29523e3ff49d1831d3ca3631eb225f80924b590c890c3b24228c7aba

Request headers

Referer: https://use.typekit.net/wyp4ngq.css
Origin: https://www.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
server: nginx
etag: "4fc6598b8ab354a0519cf28edb49b1ef3cfa7429"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29676

GET
H3 200 chris-ralston-water-lemon.jpg
www.ewg.org/sites/default/files/styles/standard_sm/public/2021-02/ 31 KB
31 KB 106ms
105ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/sites/default/files/styles/standard_sm/public/2021-02/chris-ralston-water-lemon.jpg?h=7477eee5&itok=EPh4g4iq

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

7bf95aaf7602849649f373a52425283baee3dd5f2106b7c8475e5f5b8a9e9467

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Thu, 08 Dec 2022 06:12:04 GMT
date: Wed, 14 Dec 2022 19:32:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1047576
cf-polished: qual=85, origFmt=jpeg, origSize=39427
x-powered-by: Non-Partisan Mallards
x-cache: HIT
content-disposition: inline; filename="chris-ralston-water-lemon.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31764
last-modified: Wed, 31 Mar 2021 15:49:37 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "9a03-5bed70fe5baea-gzip"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77995d514cb29b5b-FRA
x-cache-hits: 383

GET
H3 200 SunscreenBlog.jpg
www.ewg.org/sites/default/files/styles/standard_sm/public/2022-05/ 25 KB
25 KB 145ms
144ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/sites/default/files/styles/standard_sm/public/2022-05/SunscreenBlog.jpg?h=2e181f1f&itok=Tj7XT-FX

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

be5d87a383269519e007c89b1b43ad7cb1f2121e98bdfbd41c742d938113bcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Mon, 26 Dec 2022 03:24:30 GMT
date: Wed, 14 Dec 2022 19:32:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 166780
cf-polished: qual=85, origFmt=jpeg, origSize=32485
x-powered-by: Non-Partisan Mallards
x-cache: HIT
content-disposition: inline; filename="SunscreenBlog.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25696
last-modified: Thu, 05 May 2022 03:36:41 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "7ee5-5de3b7341c5fb-gzip"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77995d514cb69b5b-FRA
x-cache-hits: 54

GET
H3 200 james-sutton-strawberries.jpg
www.ewg.org/sites/default/files/styles/standard_sm/public/2021-02/ 40 KB
40 KB 148ms
146ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/sites/default/files/styles/standard_sm/public/2021-02/james-sutton-strawberries.jpg?h=312dccf8&itok=Nz38XUZH

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

34f3b5e0251855d41006378c74794cb5c609e685a49e709a43d5cda4cff94158

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Thu, 08 Dec 2022 06:30:07 GMT
date: Wed, 14 Dec 2022 19:32:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1071578
cf-polished: qual=85, origFmt=jpeg, origSize=45748
x-powered-by: Non-Partisan Mallards
x-cache: HIT
content-disposition: inline; filename="james-sutton-strawberries.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40488
last-modified: Wed, 31 Mar 2021 15:49:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "b2b4-5bed70fede901-gzip"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77995d514cc19b5b-FRA
x-cache-hits: 376

GET
H3 200 Stocksy_cosmetics_skindeep_woman_cream.jpg
www.ewg.org/sites/default/files/styles/standard_sm/public/2021-02/ 23 KB
24 KB 124ms
123ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/sites/default/files/styles/standard_sm/public/2021-02/Stocksy_cosmetics_skindeep_woman_cream.jpg?h=2b114c4e&itok=b7SOeL_Y

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

79cd8a92846594b8d292a0910932bc2fe5fc082f793d98646d3a2d49da3e1cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 17 Dec 2022 05:40:39 GMT
date: Wed, 14 Dec 2022 19:32:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 604138
cf-polished: qual=85, origFmt=jpeg, origSize=31543
x-powered-by: Non-Partisan Mallards
x-cache: HIT
content-disposition: inline; filename="Stocksy_cosmetics_skindeep_woman_cream.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23744
last-modified: Wed, 31 Mar 2021 15:49:36 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "7b37-5bed70fd84a12-gzip"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77995d514cc39b5b-FRA
x-cache-hits: 179

GET
H3 200 CleanersBlog_0.jpg
www.ewg.org/sites/default/files/styles/standard_sm/public/blog/ 31 KB
31 KB 127ms
125ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/sites/default/files/styles/standard_sm/public/blog/CleanersBlog_0.jpg?h=2e181f1f&itok=0YmIP1cp

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

e381bcaa479370c3c04e1bf71ecf1d79336612e17daac581eba328e1c95377ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Tue, 13 Dec 2022 05:00:34 GMT
date: Wed, 14 Dec 2022 19:32:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1188921
cf-polished: qual=85, origFmt=jpeg, origSize=37740
x-powered-by: Non-Partisan Mallards
x-cache: HIT
content-disposition: inline; filename="CleanersBlog_0.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31232
last-modified: Wed, 31 Mar 2021 15:50:07 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "936c-5bed711b01420-gzip"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77995d514cc89b5b-FRA
x-cache-hits: 78

GET
H3 200 EWG_Banner_EnergySage_Header_C01.jpg
www.ewg.org/sites/default/files/styles/standard_sm/public/2021-04/ 40 KB
41 KB 128ms
126ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/sites/default/files/styles/standard_sm/public/2021-04/EWG_Banner_EnergySage_Header_C01.jpg?h=c673cd1c&itok=88D9FshS

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

a46d4ed9c5a0662bff61ec86ede7f94e53ee7215c3c08f3df2396fa27584df58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 17 Dec 2022 06:31:58 GMT
date: Wed, 14 Dec 2022 19:32:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 954406
cf-polished: qual=85, origFmt=jpeg, origSize=46808
x-powered-by: Non-Partisan Mallards
x-cache: HIT
content-disposition: inline; filename="EWG_Banner_EnergySage_Header_C01.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41244
last-modified: Thu, 22 Apr 2021 07:55:41 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "b6d8-5c08b0183328e-gzip"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77995d514cc99b5b-FRA
x-cache-hits: 17

GET
H3 200 samara-doole-peaTniZsUQs-unsplash_water.jpg
www.ewg.org/sites/default/files/styles/standard_xl/public/2021-02/ 237 KB
237 KB 129ms
128ms Image
image/jpeg 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/sites/default/files/styles/standard_xl/public/2021-02/samara-doole-peaTniZsUQs-unsplash_water.jpg?h=b204cd5f&itok=2DeCxhgy

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

70ece97d44f9b18f4f3ddbb8e9521b3d53b885abb0de8d4cd9658e6d1a913cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 84
date: Wed, 14 Dec 2022 19:32:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 211518
cf-polished: degrade=85, origSize=246224, status=webp_bigger
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 242217
last-modified: Fri, 19 Aug 2022 16:30:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "3c1d0-5e69a9f73d851-gzip"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77995d514ccc9b5b-FRA
expires: Mon, 26 Dec 2022 03:11:09 GMT

GET
H3 200 NCCAFOBlgo.jpg
www.ewg.org/sites/default/files/styles/standard_sm/public/2022-11/ 77 KB
78 KB 152ms
151ms Image
image/jpeg 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ewg.org/sites/default/files/styles/standard_sm/public/2022-11/NCCAFOBlgo.jpg?h=2e181f1f&itok=ih5dIog0

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

85e6a7f79fcbc4a01cdd80ae8effe5815c2268d416f22ccf86160fea20c589f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 24
date: Wed, 14 Dec 2022 19:32:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 169032
cf-polished: degrade=85, origSize=83821, status=webp_bigger
x-powered-by: Non-Partisan Mallards
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79053
last-modified: Thu, 01 Dec 2022 14:09:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "1476d-5eec4c3f2a580-gzip"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 77995d514ccd9b5b-FRA
expires: Mon, 26 Dec 2022 03:29:52 GMT

GET
H2 200 2.b834baef76dc.vendors~sentry.js Show response
static.fundraiseup.com/ 156 KB
38 KB 66ms
55ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06e9645c9b35870a0d1f97d55e26a3dc525dfa5925c0508bcaa798e4fbfc7ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 09:12:09 GMT
server: cloudflare
x-amz-request-id: 216E3S57V7Q219YB
age: 986016
etag: W/"f17966a25b7d4e5188e468133da7853f"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d51dc73995d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: lxXSIu+fCtjOw8QTgnNKMx25yxMDBnIrYJAKGjrfpzGvfNLk2dOD+tZFOeseiBGUft7/qho/1Rw=

GET
H2 200 1.e143f8d79516.sentry.js Show response
static.fundraiseup.com/ 3 KB
2 KB 48ms
37ms Script
text/javascript 104.22.0.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1.e143f8d79516.sentry.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.0.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9600457bb5f0f50e35583e36adfba65fbcd485a1e26f8e388636afd9d153cb81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 09:08:33 GMT
server: cloudflare
x-amz-request-id: NTAE7GZ92X1M1S40
age: 209533
etag: W/"dae2106c4c6cc2043b3d6756109852a4"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d51dc77995d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: sR9tp56CrxIHpoApcM61zli647BkLKETdIoDdZ3UQ1v1EKcq7w+cufFY9S0Cu1lE8iu6/Rq9+PY=

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 74ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-296149-22&cid=990904173.1671046336&jid=658407826&gjid=2024131055&_gid=1123595738.1671046336&_u=YGBAgEABAAAAAEAAI~&z=202665895

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Dec 2022 19:32:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 66ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-296149-1&cid=990904173.1671046336&jid=304370315&gjid=1908473200&_gid=1123595738.1671046336&_u=YGDAgEABAAAAAEAAI~&z=1644181763

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Dec 2022 19:32:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 120ms
38ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=676618147&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2F&ul=en-us&de=UTF-8&dt=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAAI~&jid=658407826&gjid=2024131055&cid=990904173.1671046336&tid=UA-296149-22&_gid=1123595738.1671046336&z=1808304859

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 12:42:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24575
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 125ms
42ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=676618147&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2F&ul=en-us&de=UTF-8&dt=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAEAAI~&jid=304370315&gjid=1908473200&cid=990904173.1671046336&tid=UA-296149-1&_gid=1123595738.1671046336&z=695590296

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 12:42:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24575
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 59 KB
12 KB 26ms
8ms Stylesheet
text/css 2600:9000:20eb:e000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3901a4cf9af1987f682d2f1b977d8779d462face823978c1ff88861974faeaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:35:33 GMT
content-encoding: gzip
via: 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 14204
x-cache: Hit from cloudfront
content-length: 11470
last-modified: Tue, 13 Dec 2022 15:35:24 GMT
server: AmazonS3
etag: "9480c7d7934032b4ad063f108395b5f2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: gWuJKy2mAFL4gG8gL82ns_PDd4Ao7cmx_suXb86YfpxlNbeP7l7zEQ==

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 78 KB
14 KB 27ms
9ms Stylesheet
text/css 2600:9000:20eb:e000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 117a19c76e08bdb4f23e5ddc93d03109cf930ee2cd29914f0849fa573ef6158f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:35:34 GMT
content-encoding: gzip
via: 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 14203
x-cache: Hit from cloudfront
content-length: 14220
last-modified: Tue, 13 Dec 2022 15:35:24 GMT
server: AmazonS3
etag: "9d5423d34f4af4b1a32c2328fcc1678f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: fwX9t1L6zoBy_550QkhcFBoID5obJKtunlfr_fhKL9W5gsqPANKQ0A==

GET
H2 200 identity Show response
profile.ngpvan.com/ 72 B
1 KB 472ms
420ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

31bce978d653ff68258bcb3967276dcd50828d7d210cfb690ce2ade7bdeb599f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"48-CNWm3Q9nVAfRXs/AktTnuYWCGgE"
x-powered-by: Express, ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo: 9-177380035-177380037 NNNN CT(87 231 0) RT(1671046335505 11) q(0 0 3 0) r(4 4) U5
content-length: 192
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

POST
H2 200 tb
fndrsp.net/ 2 B
507 B 272ms
223ms Ping
text/plain 104.26.8.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.8.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NND9VlAg9r8M3%2FGId9Sff3Bxzn91nzAe3%2FYmDVUu533cnsOotTHr%2BrmWX%2BHJAi9dP4gxXFPHF8JKA8uMlZCiqKlDbaIrJhae1qfA%2F10CqVETXrKPTuY7nqTCS7M%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.ewg.org
access-control-allow-credentials: true
cf-ray: 77995d52bd7a913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 AKWZXHJB.js Show response
static.fundraiseup.com/embed-data/elements-global/ 431 B
676 B 94ms
79ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/embed-data/elements-global/AKWZXHJB.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6c477075c272f9a8f221223f6b4bf574db7d4b42bcd3c793dac2a61b7cc4ee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 15:05:04 GMT
server: cloudflare
x-amz-request-id: 47P91R10T80BTQYX
age: 16027
etag: W/"92593135b4b7639953eae3726581e8d4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 77995d528c0491d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 3TB+6Ao5l4rDXN3s7+LMZXGZjcKhdaiaCa4kKAlG0AFInr7EzBv6VXa02qnOlsFy9QGLiWb5I3o=

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.14.0/ 134 KB
44 KB 87ms
10ms Script
application/javascript 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: uQF6CVoMnT1mOHvFavSn8ur6rXtO9Qh9
Content-Encoding: gzip
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 19:31:23 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 55
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2022 01:07:52 GMT
Server: AmazonS3
ETag: W/"2eb620d1b4f90db03c929f89d188cf80"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: psQmP16CE8E_rxDB60rbM174_MgJz0ejTNx-NonHft7Io034zJiJqg==

GET
H2 200 _jKOzsF3OE-CRm7cJ3j3Tw2 Show response
secure.everyaction.com/v1/Forms/ 11 KB
5 KB 164ms
120ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/v1/Forms/_jKOzsF3OE-CRm7cJ3j3Tw2

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

38bc24347c768aaef7bc63487a80f068bf2b1281372104ec3b334d5cad554ed0

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 14-480205146-480102049 2NNN RT(1671046335591 14) q(0 0 0 2) r(1 1)
content-length: 4132
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ewg.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true

POST
H2 200 / Show response
sentry.fundraiseup.com/api/2/envelope/ 2 B
159 B 310ms
99ms Fetch
application/json 147.135.78.45
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.fundraiseup.com/api/2/envelope/?sentry_key=cb0af19166ad4bdeb8c3efc4848d6635&sentry_version=7
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.78.45 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Caddy, nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.ewg.org
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
date: Wed, 14 Dec 2022 19:32:16 GMT
server: Caddy, nginx
content-length: 2
vary: Origin
content-type: application/json

GET
H3 200 checkout-vendors.5db2c34c5fcdf1317b2b.js Show response
static.fundraiseup.com/ 367 KB
116 KB 67ms
67ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-vendors.5db2c34c5fcdf1317b2b.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80e7912c0d627299cce6b7b9fce5fd100b7f2321ac5790c054a204d289708ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 09:08:32 GMT
server: cloudflare
x-amz-request-id: Y6B2BHKF7P3RQ2TZ
age: 122983
etag: W/"36b4b5e9108835529eb77f03df6caad8"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d532d3091d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: S8wqpr3D+hKnwopQhxioxjyBz0WeVvmuKxj5CfoQ2lQZv8j1hCn7NSwCb8hR456vHPUp+PebnPg=

GET
H3 200 checkout.eb3d656fb3ee735d83c4.js Show response
static.fundraiseup.com/ 640 KB
144 KB 76ms
75ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c45d3c4105a6884890d0872d9659d764509791de4db496df484d637361366f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 10:22:33 GMT
server: cloudflare
x-amz-request-id: CXPYABB2EAN1R34X
age: 32152
etag: W/"bf09f32bafdadf6196d8dc6853dae2fb"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d532d3191d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: O/HevJZXMgFY0j5cLW5A3kGFHa+EwXR9+TtBjtUWCC890D/2NJQjhTXpAPSaxNX4LQkwBD04CMs=

GET
H3 200 checkout-styles.aece24b917ab9329d505.js Show response
static.fundraiseup.com/ 260 KB
25 KB 88ms
87ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-styles.aece24b917ab9329d505.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc75f722a84f61be2cea98eeb0a9b088aca851abbd3e5ed5be0f0e7d8b1a43c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 09:08:32 GMT
server: cloudflare
x-amz-request-id: Y6BC8KYV5C06EV8V
age: 122983
etag: W/"50d9ea0079a248554094ed62729e8dc1"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d532d3591d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: rCThhs+Dd27jhtwxqaBrlhRQCto5RaEJzMVIo6/9u9WJ3WBsZy4aYEX0M/zc35KWc4XAfOYopQg=

GET
H3 200 4e89eaf71baa.elementsApi.js Show response
static.fundraiseup.com/ 273 KB
92 KB 53ms
53ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4e89eaf71baa.elementsApi.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bc157c8a9fc79d846ce1405915407a6b2706c82c625135d8d0f4ec05825c482

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 10:22:30 GMT
server: cloudflare
x-amz-request-id: CXPQ56BPRGJ6B41E
age: 32152
etag: W/"bced1e2802ea229bc67eaaeda6c57391"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d532d3691d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: EIyYuLJexW4BYTOl28JXGcdlWik9aXuZ5TCq8Hwgb+fF+ijRZCHpabgWPw6vQUc2pU0/Px+5hVg=

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 33ms
9ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=12449
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 _jKOzsF3OE-CRm7cJ3j3Tw2
secure.everyaction.com/v1/Track/ 0
380 B 106ms
106ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.everyaction.com/v1/Track/_jKOzsF3OE-CRm7cJ3j3Tw2?formSessionId=dc9a8ca6-74a7-4040-9012-bfbe9ec5b54b&bName=chrome&dType=desktop&fUrl=aHR0cHM6Ly93d3cuZXdnLm9yZy8%3D&fRef=

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 14-480205146-480204273 PNNN RT(1671046335591 236) q(0 0 0 0) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3 200 6419.302674c2a758a4a24b41.js Show response
static.fundraiseup.com/ 5 KB
2 KB 59ms
59ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/6419.302674c2a758a4a24b41.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e72879585a21444d9a5097a8c85544ee2e7a641ccc0b2605597947d59abb937

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:45:01 GMT
server: cloudflare
x-amz-request-id: KSGA3T4B39F92M9Y
age: 462735
etag: W/"496f95f10d5a1c0514d326bf805630bf"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55186091d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: t359GBk2Q8mLggWPRrm6R8ZlyQiPgitx0WqviXL28x7d2K1VSeqOpxZ/TFlDEUNKAN/Tj30SHk0=

GET
H3 200 1274.406d9f51024d50a0d338.js Show response
static.fundraiseup.com/ 489 B
648 B 52ms
52ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1274.406d9f51024d50a0d338.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

517d0e410b6f9bd554ae75aac888166d393ffa09f6d5a796202ef940ce891a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:44:51 GMT
server: cloudflare
x-amz-request-id: P85SN8ZVJ50VB1SF
age: 462735
etag: W/"23373b963bd3b414118e285a7667b406"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55186291d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: bPhGQkLX0tYHIsRLAk2oaAElPtQO+Pw/3YoTW9+QPc7IJSLajbysU+gHGsUXi2oCR6gMKMSv07Q=

GET
H3 200 7022.26f3f8a71b4c54a2f4f2.js Show response
static.fundraiseup.com/ 1 KB
979 B 56ms
56ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/7022.26f3f8a71b4c54a2f4f2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829ff02b7de16de225a6726eab4638e9f9be5d924cadd362ea2c2b8ee1f5ab1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:45:02 GMT
server: cloudflare
x-amz-request-id: DQVBKK4E30RAESMM
age: 462733
etag: W/"50460aaad958ee37f91af7a682fd684d"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55186391d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: W38q8ih03hOz4kTvWPs8VcD0+CecLDjjFImTM+j49EcVuKITwpO5XosuKeFQ3IgydTg8iSWGBvg=

GET
H3 200 9531.00e207fc5b6a2c310a14.js Show response
static.fundraiseup.com/ 974 B
814 B 52ms
51ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9531.00e207fc5b6a2c310a14.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa43a4913c10cb7474abc18a89888464a3f5a5968661e603368c5bbe578a9e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:45:03 GMT
server: cloudflare
x-amz-request-id: DQVEWHTC6REV6402
age: 462733
etag: W/"4a7ec74f55a2b612c23ffd1f96768f36"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55186491d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5TSrLTACLhYViVTdJHLKgkZxpu/ziXmJEva4aonmJvOhpJ9x6MAXJWtF8qJ1ErpJK0+fyMI9zqE=

GET
H3 200 9271.5cb9e6d81fd6794450ab.js Show response
static.fundraiseup.com/ 2 KB
1 KB 52ms
51ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9271.5cb9e6d81fd6794450ab.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6015cbb9de7896e09d2cda9f800a8090c9f8eac9f7cdf0dfa23d13490d7f1130

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:45:03 GMT
server: cloudflare
x-amz-request-id: DQVEGAFZP0ZBXRVH
age: 462733
etag: W/"2c3e53c3773ccd929d9068e15a4352c5"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55186691d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 7dDMo79CpsxA6Kb5+FpfOCiW/NioHJY81cXIntWsdaWQdKQIDSFFo+L3JhaINu+xqJqiG6cadNs=

GET
H3 200 3327.6950451f41030a1ad61d.js Show response
static.fundraiseup.com/ 562 B
667 B 52ms
52ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3327.6950451f41030a1ad61d.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8cc521e0a10be2fb375ec0f63a42da53accd0d4fcbd6c0322210f09713551be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:44:58 GMT
server: cloudflare
x-amz-request-id: DQV96XHEDC92SP95
age: 462733
etag: W/"e627bbdcffee5dac04efe54991ca0b76"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55186891d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: lT/YAoAp7n3okuLqS5pITubPeEGX1bkNgDXQoFxMWxnXlcw540PITjFulIrNd3Tc0KruYk/pwt0=

GET
H3 200 4732.9d1258f580964bdfbb09.js Show response
static.fundraiseup.com/ 3 KB
1 KB 46ms
46ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4732.9d1258f580964bdfbb09.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

533748efc94ce8ff8e16f5a5aa29cc37a8d9858f38f02bb5b1e34c9fb05bb5f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:45:01 GMT
server: cloudflare
x-amz-request-id: DQV78JNXSM04A24K
age: 462733
etag: W/"1321d6b11919b4e1fa53df6053b7768b"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55186991d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: RQW7NJUR28kzcUe7FnT6EKzxHbgIWnz86e/9p0533Ir92SpOvgn344ZIKcvhyJVdJHIX8abPK3g=

GET
H3 200 6800.d867beee64b5cf195152.js Show response
static.fundraiseup.com/ 8 KB
2 KB 73ms
72ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/6800.d867beee64b5cf195152.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724c5fa02e478c9fcd25bebd142b626a00c7a89a4325ff1de4e9d52b405d9c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:45:02 GMT
server: cloudflare
x-amz-request-id: DQVFR19Y4000SGW6
age: 462733
etag: W/"f7fed4e0066875c22c4da2bece67d391"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55186b91d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: y90xx5aU/XbFkoZ9IWqtYTzTP8v666Fp+vtDOp10l0st2Jhtn0Pyym+Bmts1g6z6ZoPr67D+lak=

GET
H3 200 9283.83f1680e19e58bb8d356.js Show response
static.fundraiseup.com/ 2 KB
1 KB 73ms
73ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9283.83f1680e19e58bb8d356.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a27a11b71db3fe967ca53133e088d5fb232975a7063cc263223179005a21e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:45:03 GMT
server: cloudflare
x-amz-request-id: DQVA380EFBMCE4WW
age: 462733
etag: W/"bd2a9e9c48126246fcf59f97870a67b0"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55186c91d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: bADGW7wE1HibtTCuO03CuXDQZYrfKMIOJRwBs3A4G7A43yDFB84tCYGJYa+q7XuK1iAZimd4qeM=

GET
H3 200 5322.15e1e0331ad64d9f1c92.js Show response
static.fundraiseup.com/ 645 B
716 B 44ms
44ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/5322.15e1e0331ad64d9f1c92.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3beec46f9408114d0fc684752200e2780f293cda680963dbedb59d55ae9e941c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:45:01 GMT
server: cloudflare
x-amz-request-id: DQV6CGK7S27VBTK5
age: 462733
etag: W/"762989951878448745d9eaccb9e50fc9"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55186d91d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MmH50+qt7L7ffgPumxkHfMeJUN4cazWyLNLlnjnr9hHSVRFPGsKKQgeec3skIcW4sPL6jWPckCw=

GET
H3 200 9526.64fc083cbd34261f1d50.js Show response
static.fundraiseup.com/ 574 B
689 B 74ms
74ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9526.64fc083cbd34261f1d50.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac7c62fa06c3d8a5401bfc0e16220b09a79176914ae1c9e4fa773df3e8a1efdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:45:03 GMT
server: cloudflare
x-amz-request-id: DQV113VNVCAK4526
age: 462733
etag: W/"4bd095839a0606a142be5f64d5108977"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55186f91d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 18vrVbp9WLunWgHiXlL83smEYWO+srFSbqVIppJrxVVta66YGANpd9EBbyzwYWBQOkd19eBqEEA=

GET
H3 200 1543.e9300ab1a85ad5df0b86.js Show response
static.fundraiseup.com/ 485 B
648 B 51ms
50ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1543.e9300ab1a85ad5df0b86.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16635f93b1c775b905d12365a7af7806af8acaa34c179c0d4b37a18472b33889

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:44:52 GMT
server: cloudflare
x-amz-request-id: DQV95R32QE30GA52
age: 462733
etag: W/"fcb690c91a6ddac96693a241e2556b89"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55187191d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: zNHpViNSKK+RqeS+ohqmshL+yCZ1AgYgkU3Uz+SxVxv2p4u85Dto7s+OqeDYfnVrLspb/a6s1pA=

GET
H3 200 4840.188321a5c15a71538528.js Show response
static.fundraiseup.com/ 1 KB
905 B 52ms
52ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4840.188321a5c15a71538528.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f966a11b9bdc2022fec4790526c4ae400bc5e7dbd204e2b2dfb3ff71ad54fe3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 08:56:31 GMT
server: cloudflare
x-amz-request-id: W6D8EW99K2EK6TKS
age: 2370149
etag: W/"b9be7b30de38f4670a6552a95db84265"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55187591d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 31Yq2TLXnk0gW9HZU5NuYIaKeHn+INbB8NcPej9ZbkECEzZ1OIFzIXyiRFXuCxhtwJxjdk/MiIM=

GET
H3 200 6096.8eee853157d6662d7b85.js Show response
static.fundraiseup.com/ 3 KB
1 KB 53ms
53ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/6096.8eee853157d6662d7b85.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e88f1e7d41ab459b48fcdb708225eeab6990e1a0675ca1a2602f740ddef030c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:45:01 GMT
server: cloudflare
x-amz-request-id: DQV9DK40BW4YDT9W
age: 462733
etag: W/"c3732b96ecd6b182950094aad780d243"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55187791d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: kbV/fZV2b1IVOffJB5nwUHBoMnKkkOdbC+CaErFhbSUrHD074ZpbbqKlHoFmELHFfaoySHrI5+4=

GET
H3 200 401.50635f8b03fde5d73f21.js Show response
static.fundraiseup.com/ 1 KB
906 B 49ms
48ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/401.50635f8b03fde5d73f21.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88ae3474a9f46e3a4778e41bfaafa9f3074cd203d3e1936f08708aa594ed5f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Dec 2022 08:41:01 GMT
server: cloudflare
x-amz-request-id: W1DBZCREKNAKQM6M
age: 1161306
etag: W/"7d29f9ed4962d8c4ec514f75120d9aa0"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55187f91d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: G9mPuBxr9G7sl84alLySFbRH6xY9xSZnK2ypRMb9MeDVsoeWnu+Bo14Wt3sH7FUy2WMXDMGGNXU=

GET
H3 200 3016.b212b39389ac58fa5040.js Show response
static.fundraiseup.com/ 3 KB
1 KB 49ms
48ms Script
text/javascript 172.67.15.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3016.b212b39389ac58fa5040.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.eb3d656fb3ee735d83c4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06f708dc1fc5dd3d4df2982eecb6844693afd7ba44d7b46f441754a6d6560456

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 10:44:57 GMT
server: cloudflare
x-amz-request-id: DQV7DA1Z4VZXYE8A
age: 462733
etag: W/"9b18c66fa9e7b566fbdc87457beea434"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 77995d55188191d2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +c3cf8JlimaZBh9nQA807XJ7Soix87taOLCOxZU/8Q7oO+QAfXS+jM//FvQWvjH5fmN9m/cB6+k=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 261 KB
87 KB 378ms
51ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/sites/default/files/google_tag/ewg_gtm_prod/google_tag.script.js?rmwaun

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13bf043ada562e2138983eae7bd4018696cfc95d780169875cc406dd5361dc54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88546
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Dec 2022 19:32:17 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-54611daa33276138/ 2 KB
894 B 146ms
145ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-54611daa33276138/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 15f5886fe26d9ea0603f8f01cab1312f8936d6c00bb1095423ac674f7aff8862

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: gzip
etag: -1721656222--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=39, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 718

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 289ms
170ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=639a24c0f01d5f88&bkl=0&bl=1&pdt=836&sid=639a24c0f01d5f88&pub=ra-54611daa33276138&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.ewg.org&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1671046336931&jsl=33&uvs=639a24c00a4d0374000&skipb=1&callback=addthis.cbs.jsonp__20136899164360810
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b5185704fa97295ee3ad381100734810bf3cd41f459d609363a680dc8ff0d0de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:17 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame CD9E 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame DA02 71 KB
26 KB 12ms
10ms Document
text/html 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.ewg.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Wed, 14 Dec 2022 19:32:17 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3 200 invisible.js Show response
www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame A53C 37 KB
15 KB 47ms
46ms Script
application/javascript 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671033600
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec55dd21fc09d9d8e9eb4916b6b4fd44ad7c38b504c2013ffe640cc326434950

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77995d55ef899b5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 statistics.php Show response
www.ewg.org/core/modules/statistics/ 0
213 B 471ms
470ms XHR
text/html 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/core/modules/statistics/statistics.php

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Non-Partisan Mallards

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.ewg.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
age: 0
x-powered-by: Non-Partisan Mallards
vary: Accept-Encoding
x-cache: MISS
content-type: text/html; charset=UTF-8
cf-ray: 77995d560fe39b5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache-hits: 0

GET
H2 200 2022-deadline Show response
act.ewg.org/a/ Frame E6A9 40 KB
11 KB 622ms
394ms Document
text/html 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://act.ewg.org/a/2022-deadline?sourceid=1021356

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f1d9f866938a6bdb57f6957269f895926571ff00ae15243ac7a76508c37ae623

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ewg.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Request-Context
cache-control: public, max-age=10
content-encoding: gzip
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type: text/html; charset=utf-8
date: Wed, 14 Dec 2022 19:32:17 GMT
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-iinfo: 13-424982647-424968906 2NNN RT(1671046336529 10) q(0 0 0 0) r(4 4)
x-xss-protection: 1; mode=block

GET
H2 200 EWG_GT-2022_Donate_Close-Button_C01.png
static.ewg.org/img/yea2020/ 1 KB
2 KB 372ms
325ms Image
image/webp 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewg.org/img/yea2020/EWG_GT-2022_Donate_Close-Button_C01.png
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/sites/default/files/css/css_0oOIfaV6CoFTTijukrWU6bdJqWurUaqenknoPA1EWAY.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e4a2d388603732b5cb8115bfcba55b9e807a311a94abbc339410a84f548e22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
x-amz-version-id: faP4ELxCh42reVs8NJrre0.fDAvZyFk1
cf-cache-status: REVALIDATED
x-amz-request-id: 6EE7KMQCQ2ZXQWQJ
cf-polished: origFmt=png, origSize=1874
content-disposition: inline; filename="EWG_GT-2022_Donate_Close-Button_C01.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1370
x-amz-id-2: yPxO99jhAb+J9rhwFvbf6STwk51Qotqf7dOkV+yyjx2MC8bsNEU3WnQpWvh1L3cVequdIO8ZFoQ=
last-modified: Mon, 28 Nov 2022 03:05:36 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "9d0bec107ce5c242f3767221cb3add22"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=2073600
x-amz-meta-version-id: iFsRICADvok_HhnfV9MC4Uq9QoEeNOpA
accept-ranges: bytes
cf-ray: 77995d5659a55b8c-FRA

GET
H2 200 nvtag Show response
profile.ngpvan.com/v2/data/RC9b_3ph7l3fj6Pqzd1GDMwp/ 2 B
950 B 120ms
106ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/RC9b_3ph7l3fj6Pqzd1GDMwp/nvtag
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:16 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by: Express, ASP.NET
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ewg.org
x-iinfo: 13-424982570-424981459 PNNN RT(1671046336118 9) q(0 0 0 -1) r(1 1) U5
access-control-allow-credentials: true
content-length: 123
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 204 RC9b_3ph7l3fj6Pqzd1GDMwp Show response
secure.everyaction.com/Databag/Profile/ 0
445 B 119ms
118ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/RC9b_3ph7l3fj6Pqzd1GDMwp

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://www.ewg.org
x-iinfo: 14-480205146-480204273 PNNN RT(1671046335591 736) q(0 0 0 1) r(1 1) U11
access-control-expose-headers: Request-Context
cache-control: private
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 204 RC9b_3ph7l3fj6Pqzd1GDMwp Show response
secure.ngpvan.com/Databag/Profile/ 0
908 B 407ms
366ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/RC9b_3ph7l3fj6Pqzd1GDMwp

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://www.ewg.org
x-iinfo: 9-177380035-177380101 NNNN CT(85 177 0) RT(1671046335505 854) q(0 0 3 0) r(4 4) U11
access-control-expose-headers: Request-Context
cache-control: private
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 11ms
9ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 14 Dec 2022 19:32:17 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 pica.js
www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/ Frame A53C 21 KB
8 KB 24ms
23ms Other
application/javascript 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fa882103d3e80d371f66e41026bd64380469a5cde972b8407a32667a122b256

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77995d57bbc59b5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
251 B 219ms
167ms XHR
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.ewg.org%2F

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 14 Dec 2022 19:32:17 GMT
surrogate-key: sFbt=https://www.ewg.org/
last-modified: Wed, 14 Dec 2022 18:00:00 GMT
server: nginx/1.15.8
content-type: application/json
access-control-allow-origin: https://www.ewg.org
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 70 B
285 B 156ms
107ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.ewg.org%2F&callback=window._ate.cbs.rcb_crm40

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cf014d466c73ad694226ba46973032387bd08ab941c681424b5433e93ac7070a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 1415099246574725
expires: Wed, 14 Dec 2022 19:47:17 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 37 B
284 B 251ms
199ms Script
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.ewg.org%2F&callback=_ate.cbs.rcb_a5te0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

28ab4238f1a212bf54de130cc1e4ed0ec4139a4891f0af25e7de7afe82d2d22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.ewg.org/
last-modified: Wed, 14 Dec 2022 19:32:17 GMT
server: nginx/1.15.8
date: Wed, 14 Dec 2022 19:32:17 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 57

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 69 B
130 B 195ms
147ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.ewg.org%2F&callback=window._ate.cbs.rcb_g2rk0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a6e19b09d353c99aaaa290158facf81662ee365e97abd7b89111b40b997f714f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 5988618973825994
expires: Wed, 14 Dec 2022 19:47:17 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 37 B
284 B 251ms
200ms Script
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.ewg.org%2F&callback=_ate.cbs.rcb_5s7k0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

8f0d6c120a0d957d58f20100e2a72c5b3e87134d8758033c1c700e61dab4671f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.ewg.org/
last-modified: Wed, 14 Dec 2022 19:32:17 GMT
server: nginx/1.15.8
date: Wed, 14 Dec 2022 19:32:17 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 57

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 151.67aec2e0546e639563bb.js Show response
s7.addthis.com/static/ 2 KB
1 KB 11ms
11ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/151.67aec2e0546e639563bb.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 14 Dec 2022 19:32:17 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-68f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 815

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-296149-25&cid=990904173.1671046336&jid=2115608583&gjid=177099746&_gid=1123595738.1671046336&_u=aGDAgEABAAAAAEAAI~&z=280704200

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Dec 2022 19:32:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 521ms
110ms Script
text/javascript 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: b05d6ca68263cce4745a51021cbfdfe357db38d4843ffc7ba4add7f7ce431720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 14 Dec 2022 19:32:17 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 5391
Content-Type: text/javascript

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 130 KB
47 KB 145ms
59ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-PMD7D89

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eeeaa1e6161e797aba740b6a51d87b0c7342c84736861da1cc1575019ccc4806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48003
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 19:32:17 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1071783566/ 2 KB
2 KB 145ms
50ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1071783566/?random=1671046337368&cv=11&fst=1671046337368&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ewg.org%2F&tiba=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&value=0&bttype=purchase&auid=485289946.1671046337&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

eca77bb85157c863770eac9d6464691a41ad8076f255bd6edef3e05cfaa0908b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 65ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 14 Dec 2022 19:32:16 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0FBC87C60074450A999CF47E5F64EB7B Ref B: FRAEDGE1521 Ref C: 2022-12-14T19:32:17Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108002/ 2 KB
1 KB 161ms
80ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108002/?random=1671046337379&cv=11&fst=1671046337379&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ewg.org%2F&tiba=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&auid=485289946.1671046337&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afc9b78632f23e96e486e9f8f5a84fa278161a1b9ba70acf4d07065fc785067f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 899
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK at.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 816 KB
231 KB 47ms
9ms Script
application/javascript 108.138.24.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-138.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9091d0dd99de839fc06f7370019d1cbeb57184b6ff5ffda72820e2f076f1f74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 15:35:39 GMT
Content-Encoding: gzip
Via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 14199
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 235438
Last-Modified: Tue, 13 Dec 2022 15:35:24 GMT
Server: AmazonS3
ETag: "ebf76bb33f2028767268b9ad0d57bcf7"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: Znrry-uf-GjkPAEntnFdnxZOMNeTOuKiMkwsHCWPF1wF28j94tNxYQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 64ms
16ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

afb1dcad63433cbf8ac857dc57fb92e7023117152c82ce97d5cfeea17400b0b9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Dec 2022 19:32:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27299
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: SHe6mBB5TyzxH3KBEQ0I7KrlE0ogYx79++T42u0qk1IvcJddJ4vXzEbqczdqHnVyx8PRVOa6ccmCC+mWlCeYqA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
cdn.popt.in/ 215 KB
48 KB 65ms
36ms Script
text/javascript 2606:4700:e4::ac40:ac16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/pixel.js?id=16f9efd0362a4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ac16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea9b9ad0a4833d68850222013198bd9e5f6ae19ba856a071823b51ee6c3262f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
x-amz-version-id: dNjIKK.xi13Umkasdey5TxaO1ZOU8two
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 5617
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Dec 2022 13:58:01 GMT
server: cloudflare
etag: W/"1b512cf3fb3d339b5deaccb0808f711f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGrzkGbs4wCVTGN%2Fqv9k1vZiW5staaAerYulnH9qMjmK4E%2B9get1O6wsRvR3pFDGpNzGc%2B9YMpF2SpMI4M%2BlGixY5pL8bMm5BymB6LXG9CQsSS8B2Jz95YKqxJuDYR4MR0Z5wLZvWDv83A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 77995d59382d1605-DUS
x-amz-cf-id: 3-4kqMLYJYZxviP6WaqtPn3dYK7Q2O9kfPI2kxBTmxiEBFJUMZkzyg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
76 KB 129ms
54ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CS21GC49KT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c7c18b4cedbac846bc71fd9ecf8f4a8370774346b8aa3a08d6ef7c07ee556cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78069
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 19:32:17 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
37ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=676618147&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2F&ul=en-us&de=UTF-8&dt=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SignupForm&ea=Form%20Load&el=Minimal&ev=4&_u=aGDAgEABAAAAAEAAI~&jid=2115608583&gjid=177099746&cid=990904173.1671046336&tid=UA-296149-25&_gid=1123595738.1671046336&gtm=2wgbu0PPNMZJ&z=1709393563

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 12:42:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24576
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 tb
fndrsp.net/ 2 B
500 B 211ms
192ms Ping
text/plain 104.26.8.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AKWZXHJB

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.8.138 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BibOc4G74cSwivlPOgpSHZylLoJLvddeWNXn45uUQy9psRd5zKb6g%2FfAq1MIINBDEgMfjEKp0t5x99bL7%2FL%2BhEDrTidXIjK%2Fmgza3mv4LF%2FcB9Y9tL2Q6vPm%2FU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.ewg.org
access-control-allow-credentials: true
cf-ray: 77995d58d99f9131-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 17156808.js Show response
bat.bing.com/p/action/ 0
136 B 112ms
111ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17156808.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Dec 2022 19:32:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B521F8C5280D4CE196FD9EDA5328674A Ref B: FRAEDGE1521 Ref C: 2022-12-14T19:32:17Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800

GET
H2 204 0
bat.bing.com/action/ 0
174 B 33ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17156808&tm=gtm002&Ver=2&mid=97c42ee3-9e3d-4081-a73b-b983859f942f&sid=04f9b4007be611edb51de775268080b1&vid=04f9d6707be611ed80fd0d455db360ea&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&p=https%3A%2F%2Fwww.ewg.org%2F&r=&lt=1773&evt=pageLoad&sv=1&rn=194057

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Dec 2022 19:32:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F495216D45B04C069CA025D0B2F60753 Ref B: FRAEDGE1521 Ref C: 2022-12-14T19:32:17Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 77995d4b88f05b8c Show response
www.ewg.org/cdn-cgi/challenge-platform/h/g/cv/result/ Frame A53C 2 B
382 B 71ms
71ms XHR
text/plain 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ewg.org/cdn-cgi/challenge-platform/h/g/cv/result/77995d4b88f05b8c
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671033600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: br
server: cloudflare
cf-ray: 77995d5b1b079b5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 431673573640385 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 34ms
16ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/431673573640385?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d32fa260a04d92e7518b819cb3d8914500fb33012210ed5e02b050653e47f37f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Dec 2022 19:32:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86081
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: wuEtSbQ1mIKioCuX6NipxIiks9X2Jc5dtZJwAwX+zqzUnuPeSsMBmSmrR7vrZe/g/sMUr68x1uJh0cb4RbL7Lg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1071783566/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071783566/?random=391899113&cv=11&fst=1671046337368&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP...
https://www.google.com/pagead/1p-conversion/1071783566/?random=391899113&cv=11&fst=1671046337368&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadser...
https://www.google.de/pagead/1p-conversion/1071783566/?random=391899113&cv=11&fst=1671046337368&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadserv...

42 B
64 B

126ms
51ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1071783566/?random=391899113&cv=11&fst=1671046337368&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ewg.org%2F&tiba=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&value=0&auid=485289946.1671046337&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0lYbW5BWVEyWVM4b0tXeWdyTTVFaVVBTkx2QzFvSm5LMmZUOThQM19kd29MMHBBR2xrX1lBYko3MDItOEFUbXZ3RE9VRHY2GldDaEFJZ0lYbW5BWVEtOWVtbTVmMTdkSVZFaTBBSV8yVmlPeWt5R19fNm9DQ2tMWkkyeFRzMUFDQ1Y4XzhHU21nWkpIb29oby1pa3dkS0hjWDVIUXNRcjQ&is_vtc=1&ocp_id=wSSaY-3JHced1waQsJqwCg&cid=CAQSKQDq26N9wCNB5nNXDC41iXhwJFbDaeuKDs3_0o8gQ4qTxhNR8x3KPBsMIBM&eitems=ChEIgIXmnAYQkta9xq6Z6bD1ARIdAAFPixri4RRAYAJD0oRmVex7IzB0o1mrwZKniyU&random=4263602495&ipr=y&prhg=0

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1071783566/?random=391899113&cv=11&fst=1671046337368&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.ewg.org%2F&tiba=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&value=0&auid=485289946.1671046337&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0lYbW5BWVEyWVM4b0tXeWdyTTVFaVVBTkx2QzFvSm5LMmZUOThQM19kd29MMHBBR2xrX1lBYko3MDItOEFUbXZ3RE9VRHY2GldDaEFJZ0lYbW5BWVEtOWVtbTVmMTdkSVZFaTBBSV8yVmlPeWt5R19fNm9DQ2tMWkkyeFRzMUFDQ1Y4XzhHU21nWkpIb29oby1pa3dkS0hjWDVIUXNRcjQ&is_vtc=1&ocp_id=wSSaY-3JHced1waQsJqwCg&cid=CAQSKQDq26N9wCNB5nNXDC41iXhwJFbDaeuKDs3_0o8gQ4qTxhNR8x3KPBsMIBM&eitems=ChEIgIXmnAYQkta9xq6Z6bD1ARIdAAFPixri4RRAYAJD0oRmVex7IzB0o1mrwZKniyU&random=4263602495&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/698108002/ 42 B
548 B 136ms
52ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108002/?random=1671046337379&cv=11&fst=1671044400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ewg.org%2F&tiba=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&fmt=3&is_vtc=1&random=987645454&rmt_tld=0&ipr=y

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/698108002/ 42 B
548 B 138ms
57ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698108002/?random=1671046337379&cv=11&fst=1671044400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.ewg.org%2F&tiba=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&fmt=3&is_vtc=1&random=987645454&rmt_tld=1&ipr=y

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
28 KB 42ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: cdn.popt.in
URL: https://cdn.popt.in/pixel.js?id=16f9efd0362a4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8388293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27964
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15d95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFNShPIjkeigClpOYXPUAuGggoin7WqFKRt3A3o3T0v5%2FDV0imov98vDbNqoRQGyXrohZ5510C7c7tDEtPn%2BXFFnLpsJioNHbcpmT9S1erPjY%2B%2BdNsi00YlJkTpk0mxUmuftMHZnOG6eP25A%2BcGCG7Cg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77995d5b8ae89a24-FRA
expires: Mon, 04 Dec 2023 19:32:17 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=676618147&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2F&ul=en-us&de=UTF-8&dt=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABRAAAAEAAI~&jid=&gjid=&cid=990904173.1671046336&tid=UA-296149-25&_gid=1123595738.1671046336&gtm=2wgbu0PPNMZJ&cg2=&cg3=www.ewg.org&z=1777710349

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 12:42:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24576
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=676618147&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ewg.org%2F&ul=en-us&de=UTF-8&dt=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%20Tracking&ea=0%25&el=https%3A%2F%2Fwww.ewg.org%2F&_u=aGDAiEABRAAAAEAAI~&jid=&gjid=&cid=990904173.1671046336&tid=UA-296149-25&_gid=1123595738.1671046336&gtm=2wgbu0PPNMZJ&z=1066427926

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 12:42:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24576
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 116ms
38ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CS21GC49KT&gtm=2oebu0&_p=676618147&cid=990904173.1671046336&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671046337&sct=1&seg=0&dl=https%3A%2F%2Fwww.ewg.org%2F&dt=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&en=page_view&_fv=1&_ss=1&ep.clean_path=%2F
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CS21GC49KT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 at.js Show response
static.everyaction.com/ea-actiontag/ Frame E6A9 816 KB
231 KB 213ms
8ms Script
application/javascript 2600:9000:2490:5400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.js
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:5400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdf8662aaac6a0edfdaccdc363bc65c18e7b69801abd0b1ad9857ddd7de69fca

Request headers

Referer: https://act.ewg.org/
Origin: https://act.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:36:57 GMT
content-encoding: gzip
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 14187
x-cache: Hit from cloudfront
content-length: 235422
last-modified: Tue, 13 Dec 2022 15:35:24 GMT
server: AmazonS3
etag: "be23b9ed3d9bb8dbf615a8aedaf9155e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: Eg62nOKoyAzSCa_xszgkInjdocgBl6iEtqJ85kJfdnpYwJiCXavnEQ==

GET
H2 200 at.min.css
static.everyaction.com/ea-actiontag/ Frame E6A9 59 KB
12 KB 210ms
8ms Stylesheet
text/css 2600:9000:2490:5400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.min.css
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:5400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b21237dada3d7adde0976343bfafcc127b842bfe855782d84d311d113ab81d38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:36:37 GMT
content-encoding: gzip
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 14187
x-cache: Hit from cloudfront
content-length: 11466
last-modified: Tue, 13 Dec 2022 15:35:24 GMT
server: AmazonS3
etag: "a775587cc23d0928c59f489e8ff84d6e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: gf5mh2jTqza2WXK4CE7wVBfEYnpfcNL9DgpJqt8xf1_z_82gUODh1Q==

GET
H2 200 dzc8utw.css
use.typekit.net/ Frame E6A9 5 KB
1 KB 19ms
14ms Stylesheet
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/dzc8utw.css

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2199da76dea7196cec870d463ffcc908c8b9ccb8145900d6ae4eb15461316f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 14 Dec 2022 19:32:17 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 835

GET
H2 200 css2
fonts.googleapis.com/ Frame E6A9 17 KB
1 KB 136ms
47ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09034e7ee35cadb33b2fc5ae388cc95270389f0f71231068275e1e64b75d7809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 18:58:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 19:32:17 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame E6A9 85 KB
30 KB 117ms
39ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 08:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:12:02 GMT

GET
H/1.1 200
OK ga.js Show response
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ Frame E6A9 45 KB
46 KB 546ms
191ms Script
application/x-javascript 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ga.js
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 14 Dec 2022 19:32:17 GMT
Last-Modified: Mon, 05 Aug 2019 21:46:13 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D719EE5622AE57
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: ef6307b9-001e-0037-4ff2-0f95fd000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 46274

GET
H/1.1 200
OK jquery.mailcheck.min.js Show response
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ Frame E6A9 2 KB
3 KB 546ms
178ms Script
application/x-javascript 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/jquery.mailcheck.min.js
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b3b360dc7d412894d4772b986c10a6cfdf06ad89a522135fadf757aa7434ed02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 14 Dec 2022 19:32:17 GMT
Last-Modified: Mon, 05 Aug 2019 21:46:36 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D719EE63CA579A
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 868d2ba6-a01e-003e-4cf2-0fd02e000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 2041

GET
H/1.1 200
OK EWG-logo-white.png
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ Frame E6A9 47 KB
48 KB 101ms
101ms Image
image/png 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/EWG-logo-white.png
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1b97f90a978e28155f5c4d2bad2542c04afdfbae0395f6ac4e96b1eccde2f529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 14 Dec 2022 19:32:17 GMT
Last-Modified: Tue, 06 Nov 2018 20:09:34 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D64423C5660602
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 868d2c8d-a01e-003e-2ef2-0fd02e000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 48250

GET
H/1.1 200
OK email-checker-embed.js Show response
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ Frame E6A9 1 KB
2 KB 103ms
103ms Script
application/x-javascript 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/email-checker-embed.js
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 09c09240791dd7620b5353be9461a38903e62d4f3a9c877480eb286f312ac87b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 14 Dec 2022 19:32:17 GMT
Last-Modified: Wed, 07 Aug 2019 21:09:04 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D71B7B7A97FEB6
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: ef6308ce-001e-0037-4bf2-0f95fd000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 1172

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.14.0/ Frame E6A9 134 KB
44 KB 24ms
8ms Script
application/javascript 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff

Request headers

Referer: https://act.ewg.org/
Origin: https://act.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: uQF6CVoMnT1mOHvFavSn8ur6rXtO9Qh9
Content-Encoding: gzip
Via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 19:31:23 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 57
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2022 01:07:52 GMT
Server: AmazonS3
ETag: W/"2eb620d1b4f90db03c929f89d188cf80"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: mMoGc-1xmUuNC06dCU6-CNQgEOXnbvYVWveEtil0Pr660ah_mhlFSQ==

GET
H2 200 _Incapsula_Resource Show response
act.ewg.org/ Frame E6A9 137 KB
19 KB 72ms
71ms Script
application/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://act.ewg.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=243331946
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 84846bf289825fdf7d361c016f24e927b8ed9d073150a71ec0be8abf746aa3c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/a/2022-deadline?sourceid=1021356
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19824
content-type: application/javascript

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame E6A9 261 KB
87 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13bf043ada562e2138983eae7bd4018696cfc95d780169875cc406dd5361dc54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88546
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Dec 2022 19:32:18 GMT

GET
H2 200 lightbox_inline.js Show response
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ 2 KB
1 KB 93ms
61ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox_inline.js?mb=1671046337894
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f793d0ef8e7b2b0a2f5271e63c4be9cfaefcf746af1b849d353bf75e420d20d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Dec 2022 19:32:17 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: o+td2hMqqGlNUrKlAG8B3A==
age: 157
cf-polished: origSize=2379
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 13 Sep 2022 14:31:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 153b4697-701e-0006-177f-c7ef48000000
x-ms-version: 2009-09-19
cf-ray: 77995d5c0d52926e-FRA

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 109ms
109ms Stylesheet
text/css 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: 5d79290c430e328b4f205a56531d27ed1d506d5317447e51f72b712bb4f7a9c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 14 Dec 2022 19:32:17 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 531ms
204ms Fetch
image/jpeg 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 14 Dec 2022 19:32:18 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H/1.1 200
OK rt
srv.stackadapt.com/ 43 B
497 B 531ms
187ms Image
image/gif 18.214.117.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv.stackadapt.com/rt?sid=pT46Xay2aUZgJC9VGHslbr&url=https%3A%2F%2Fwww.ewg.org%2F&t=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&tip=4vd11K4iHmFUZ0rLYhUbFB4k7eCyTDwj_wUPQTjzgGw
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.117.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-117-136.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 19:32:18 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 p.css
p.typekit.net/ Frame E6A9 5 B
181 B 7ms
6ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=dzc8utw&ht=tk&f=27081.27082.27085.27086.27091.27093&a=5659401&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/dzc8utw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:17 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3 200 367774270429261 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/367774270429261?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

26c3a45b7d8c8246c99eead0639edbc8459a9011b295864bdfc9144bcf41518f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Dec 2022 19:32:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86116
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ltGtpJcaajiQEBd7b9wJFy0itppzXQafFjLR+uaNlAnkFPKVl2ALJR0JraQI1dnLH15DMHchwk3z4fWGsmFbJg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 229ms
196ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=431673573640385&ev=PageView&dl=https%3A%2F%2Fwww.ewg.org%2F&rl=&if=false&ts=1671046337921&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1671046337919.741312750&it=1671046337805&coo=false&rqm=GET

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Dec 2022 19:32:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 16f9efd0362a4 Show response
display.popt.in/APIRequest/ 43 KB
6 KB 507ms
474ms XHR
application/json 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.popt.in/APIRequest/16f9efd0362a4?domain=https%3A%2F%2Fwww.ewg.org%2F&referrer=&previous_url=&cookies=%20poptin_old_user%3Dtrue%20poptin_user_id%3D0.1xrusu84dtm%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&origin_landing_page=https%3A%2F%2Fwww.ewg.org%2F&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Fwww.ewg.org%2F&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e71f9ed76ea8bdeb9296b037c7de69e84a17d1d8af9d3b8581a15d5aa9df2b40

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://bc.popt.in https://.mybigcommerce.com https://.jumpseller.com https://.myshopline.com https://.myshopify.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
content-security-policy: frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyupkjN4bbxyPgz8nxWNjaXoDc7%2B%2F%2BxtzhkDroiUglnMwcZjGXAxO92VFtDLMLEK6oD7INpAJMdM24K3AO7B9G2%2FqoQf5FgTPKNteOCHX5hP%2B49f3NfozBGIB0VuuOTzYS5bfkUfgUNegUmhuE8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, no-store, nocache, private
access-control-allow-credentials: true
cf-ray: 77995d5c4fec4175-HAM
access-control-allow-headers: Origin, Content-Type
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 208ms
208ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367774270429261&ev=PageView&dl=https%3A%2F%2Fwww.ewg.org%2F&rl=&if=false&ts=1671046337958&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1671046337919.741312750&it=1671046337805&coo=false&rqm=GET

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Dec 2022 19:32:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ Frame 29E8 391 B
374 B 38ms
37ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1671046337990&lv=1
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2c4f7994b46baacaf83f6c7d39d04ace2b4d97dc445d5b066308ea44924134c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 14 Dec 2022 19:24:55 GMT
server: cloudflare
age: 443
cf-polished: origSize=399
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 77995d5c9e44926e-FRA

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ Frame 29E8 699 KB
139 KB 45ms
45ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637986762665900297
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1671046337990&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58763733061901ff2cbe41aa5cb11db40f79570634ef694859d0ea3ec551bc70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: zQ7fmcRzxqs5nTKggN/6Lg==
age: 170601
cf-polished: origSize=1171985
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 13 Sep 2022 14:31:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: af1b5632-b01e-0076-6be4-fd9c8c000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 77995d5cdebd926e-FRA
expires: Thu, 14 Dec 2023 19:32:18 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 16ms
16ms Stylesheet
text/css 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637986762665900297
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637986762665900297
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 429631
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 7a5003a0-501e-005e-4809-ebeb33000000
cache-control: public, max-age=2678400
x-ms-version: 2009-09-19
cf-ray: 77995d5d6fd8926e-FRA
expires: Sat, 14 Jan 2023 19:32:18 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/42018/www.ewg.org/jsonp/ 631 B
898 B 420ms
127ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42018/www.ewg.org/jsonp/z?cb=1671046338153&callback=jQuery171010370675331218293_1671046338135&_=1671046338153
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637986762665900297
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a5f9b4c3faedb6d8aefd485f464e53ee5fa579b7a241b97da0049fdb528c6978

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 19:32:18 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
258 B 26ms
25ms Image
image/gif 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1671046338143&h=www.ewg.org&e=p&u=42018
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Dec 2022 19:32:18 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1331383
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 54c2d414-d01e-0029-27cf-116e72000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77995d5d7800926e-FRA

GET
H3 200 css
fonts.googleapis.com/ 4 KB
533 B 125ms
47ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,700&display=swap

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbda618f28d6145a563271f87e191a7717b1824208c49744b6b08c601242f9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 18:41:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 19:32:18 GMT

GET
H3 200 heb-fonts.min.css
cdn.popt.in/css/ 22 KB
3 KB 61ms
45ms Stylesheet
text/css 2606:4700:e4::ac40:ac16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/css/heb-fonts.min.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:ac16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7459dd5ce48ddd21da15f490514af4be07ff85f0b0b6b9e118542d68ff5ec91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
x-amz-version-id: qXd_m_chdhWvR5DNrvI834tklGtnWkb9
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 20029
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 12 Sep 2018 18:05:20 GMT
server: cloudflare
etag: W/"fb58ef8ec15444a0d0cf977973d4f824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEwxXgvPeBmqqsrITNbHjMaMrLxhxlRJktppCK%2F8DJQPMhNX6%2BRawDoLPRhweSFK5%2B%2Fq2erN4RCJuzTJAMtQSy1nzS%2FAqNKq5CxGHt59VqcPzcZHR%2FVBDhryL%2BCuojPjRWG%2F%2FmW6T7tqMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=30672000
cf-ray: 77995d5f9f32b397-MUC
x-amz-cf-id: 9sOolh6FARY04QCFVYOoe84W5of5vix0_8JPy1RLsjatVBj5ggHLyg==

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 31ms
17ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 177403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrP7QolEbbrR7kZk9ep%2B7vCIydCvQL5c3CrMRPhCQv4q4OnclIfALLixw4HXxpuECvbDByc06TkDCXHkL0i0Sz9WqOnlQURNtOzsGM39PDdKCMTn%2BmdfIpckfCJqyMrrveEzN8VIMv0lnpKh%2BEL4DEjj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77995d5f88639000-FRA
expires: Mon, 04 Dec 2023 19:32:18 GMT

GET
H3 200 poptin-style-en.css
cdn.popt.in/css/ 31 KB
6 KB 67ms
51ms Stylesheet
text/css 2606:4700:e4::ac40:ac16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/css/poptin-style-en.css?ver=10
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:ac16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cddd8df6cf340ff7c7fcafe18bb7452eb09cf5fcedde9dc67836215774dbb7e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
x-amz-version-id: oSQdx9dJachHY9j.RLkLfm8wPANk54WJ
via: 1.1 357861888c56b685b34c9fa14a22c3ea.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: HKG62-C2
age: 5621
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Dec 2022 13:58:01 GMT
server: cloudflare
etag: W/"ac98d8b1ca8f8e705a7cbfac942e4a22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DpzU6DLcFEbUu7wxpPLyx4Wiv%2FChkn2MOaECwALEs0p4LgSQJiSUtMK1dzNrJmJf%2FpyEk5BXJuEO7exQDIFs4%2F9qA7ltxEc7gIhmio%2BcDFO8YORfTcd7aQRUBy9qoIVd9V4bcqOkU32oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 77995d5f9f34b397-MUC
x-amz-cf-id: vYYuvkwXnvLrvDMqQlCj3VXvg_GLlXmAnNgzJvdOmlMP9gAByVZONA==

GET
H3 200 poptin-animations.css
cdn.popt.in/css/ 13 KB
2 KB 64ms
50ms Stylesheet
text/css 2606:4700:e4::ac40:ac16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/css/poptin-animations.css?ver=10
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:ac16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e59394b69d811162c6b954e787c0951ea2fea8221230ff7fd61ec7033436577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
x-amz-version-id: 4UrGpzB0dz4zYfg.P7HNPRuJkPo9acwp
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C1
age: 5627
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Dec 2022 13:58:01 GMT
server: cloudflare
etag: W/"1ca18ba515190ee10a437a0362f8b05f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiP5e05jtOMUx0dlhVpjPaD%2Bm4qx3C8bYkG5RYn50jlXrUTyf%2B2zrkPGg8Qi2huxir2iUHeR87aMdOstD8n8AG9nAX14VH7nmfCEUC4ZCZq72J1tAIiWH4nyAO7I8AFKJqjjm5dbRjAXiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 77995d5f9f30b397-MUC
x-amz-cf-id: TdF9BlHgsYoNJW8ji_C6BGsAfIHAZbiPn0sYwHcXZ54RXtmrQbHEfQ==

GET
H2 200 account_9b61648a66fde_poptin_57086350dc63f_2022-08-22_22-26-47_version_13.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 91 KB
42 KB 134ms
8ms XHR
text/html 2600:9000:2251:2000:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_9b61648a66fde_poptin_57086350dc63f_2022-08-22_22-26-47_version_13.html
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2000:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cfea808001e9fc00745d88eae7c9377b8c21afa036302a595745ff43d3a57c5

Request headers

Accept: */*
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: OzBlQEx0Xb9MT1kp5udo8wqxHPrvgt0o
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
date: Wed, 14 Dec 2022 11:20:46 GMT
x-amz-cf-pop: FRA60-P3
age: 29826
x-cache: Hit from cloudfront
last-modified: Fri, 26 Aug 2022 18:57:31 GMT
server: AmazonS3
etag: W/"961f86df353bb34ae43594bc40963838"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: OC5kDscZjKamaJdm4dBq0lUtzRme77hDoK8Huq5mhAPvWK8zPaWqPw==

GET
H2 200 account_9b61648a66fde_poptin_67f5ecd30735e_2022-08-22_21-13-52_version_19.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 118 KB
71 KB 138ms
14ms XHR
text/html 2600:9000:2251:2000:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_9b61648a66fde_poptin_67f5ecd30735e_2022-08-22_21-13-52_version_19.html
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2000:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d488740082013eac12110633b304a9ebb782c9054ffb792d5c276468817a77c2

Request headers

Accept: */*
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: NsMpvOxfjGoCQp4O6nLjFJSsa9C2xDwi
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
date: Wed, 14 Dec 2022 00:57:07 GMT
x-amz-cf-pop: FRA60-P3
age: 66912
x-cache: Hit from cloudfront
last-modified: Fri, 26 Aug 2022 18:56:59 GMT
server: AmazonS3
etag: W/"d34285bcdf1ce47d6cbc9d03a76cdf6f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: xL6uKdvcTbx8Mt5KSGbRmtYcH5NEfKegZlXnJAjeARghcWsqRtqpqA==

GET
H2 200 account_9b61648a66fde_poptin_bf32f525a3d67_2022-08-15_17-59-03_version_35.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 178 KB
110 KB 138ms
16ms XHR
text/html 2600:9000:2251:2000:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_9b61648a66fde_poptin_bf32f525a3d67_2022-08-15_17-59-03_version_35.html
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2000:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d7fe1a21da42528a113212d1c5d32545e771f483464c521e9fec26578040225

Request headers

Accept: */*
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: TuT01Phvk3xn6pgiJCPhAlaT.dSZxKoG
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
date: Wed, 14 Dec 2022 13:15:15 GMT
x-amz-cf-pop: FRA60-P3
age: 22783
x-cache: Hit from cloudfront
last-modified: Thu, 01 Sep 2022 17:54:13 GMT
server: AmazonS3
etag: W/"1d753d064cf40c71199e67e652057a3e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: ABKIaSifkmNDMAqStxrUJDLp-uPXQVQdpvH9K_IMa40KunvlLpjwhg==

GET
H2 200 account_022c669222fa0_poptin_3030449e6ae03_2022-08-22_18-26-49_version_15.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 127 KB
72 KB 141ms
21ms XHR
text/html 2600:9000:2251:2000:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_022c669222fa0_poptin_3030449e6ae03_2022-08-22_18-26-49_version_15.html
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2000:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51c3b11b80685f43fbdb3e41ddde9ee45e15ed80b01ebb6e57678a79c2445e24

Request headers

Accept: */*
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: jcA0BwIbA1rdj7SZSOT4HU_u3zY5RG1S
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
date: Tue, 13 Dec 2022 23:53:25 GMT
x-amz-cf-pop: FRA60-P3
age: 70734
x-cache: Hit from cloudfront
last-modified: Fri, 02 Sep 2022 17:40:26 GMT
server: AmazonS3
etag: W/"834e9b17912890361fb795a696dd3dbf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: kg3EBYvlD1D0vTlH31Bv_cPoRs5JcbezByv9do3xJY8oTDGtstcsfg==

GET
H2 200 account_f1299265f6a20_poptin_f13163b063c83_2022-08-22_16-56-35_version_11.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 69 KB
8 KB 136ms
17ms XHR
text/html 2600:9000:2251:2000:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_f1299265f6a20_poptin_f13163b063c83_2022-08-22_16-56-35_version_11.html
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2000:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9123d68ea269ac53df7145f808e858e89e44afc103c27b7d1881e1a68f113821

Request headers

Accept: */*
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: EDbGNXhyXvprbsZ5FTPAZnGkOya22QPI
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
date: Wed, 14 Dec 2022 05:49:47 GMT
x-amz-cf-pop: FRA60-P3
age: 73919
x-cache: Hit from cloudfront
last-modified: Fri, 02 Sep 2022 17:13:59 GMT
server: AmazonS3
etag: W/"363d75596d7d9beabd942ad5bb57faad"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 3FiXOfksVF4QtVthLVvIffnjQwyvidjITZ7yRI5Nb-66WMbFR7wKmA==

GET
H2 200 account_e96f25e1679a4_poptin_07386fbfb4580_2022-08-26_19-56-39_version_19.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 214 KB
138 KB 133ms
15ms XHR
text/html 2600:9000:2251:2000:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_e96f25e1679a4_poptin_07386fbfb4580_2022-08-26_19-56-39_version_19.html
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2000:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d11f1d895cfbf37ccd8e8c205990ab535a6cfb19bea5b53d1616441b0af42fc

Request headers

Accept: */*
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Hd9cFx4IN71OSd4OlR9DcTLWgc6qoM96
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
date: Wed, 14 Dec 2022 06:00:21 GMT
x-amz-cf-pop: FRA60-P3
age: 48722
x-cache: Hit from cloudfront
last-modified: Tue, 06 Sep 2022 20:18:11 GMT
server: AmazonS3
etag: W/"1679ee3f0495617fe8622e674436075c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: dBMC6p49a2hrduMSXA7ZkjZRzvTfOT6v9Dd74gJdQKXBqJrPj0UMdg==

GET
H2 200 account_9b61648a66fde_poptin_7850a69af2b2e_2022-08-03_17-24-41_version_21.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 164 KB
101 KB 192ms
76ms XHR
text/html 2600:9000:2251:2000:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_9b61648a66fde_poptin_7850a69af2b2e_2022-08-03_17-24-41_version_21.html
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2000:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f89fc3829df3a2cf481aac1f7685c7d6031c430a0353a4d7c03e29923c2c1a2c

Request headers

Accept: */*
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 5GKO6YRRSep.95jQIIZjKyshoIGaQ.bg
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
date: Wed, 14 Dec 2022 06:00:21 GMT
x-amz-cf-pop: FRA60-P3
age: 48722
x-cache: Hit from cloudfront
last-modified: Thu, 01 Sep 2022 17:53:41 GMT
server: AmazonS3
etag: W/"d0956bfd7d24353441ad0d15ee7e68b4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 8g8xfWiomYIU5A-_sJNy0dEcc4LF-PSUOqRqSeLI-x3_DVSPyzqbSw==

GET
H2 200 account_9b61648a66fde_poptin_6fe82e00a481a_2022-08-01_21-14-34_version_67.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 116 KB
60 KB 174ms
59ms XHR
text/html 2600:9000:2251:2000:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_9b61648a66fde_poptin_6fe82e00a481a_2022-08-01_21-14-34_version_67.html
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2000:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab165c7f9dbd8f3699d5a9be4fb68c759625b097806676c8b91f4a29193bc3e8

Request headers

Accept: */*
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: qVP7DVCrSpkgGFnU39JpebBAPEGsDq7J
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
date: Wed, 14 Dec 2022 05:08:27 GMT
x-amz-cf-pop: FRA60-P3
age: 51832
x-cache: Hit from cloudfront
last-modified: Thu, 01 Sep 2022 17:53:00 GMT
server: AmazonS3
etag: W/"e0f8829134da9f9ab99fbdf395b16c8a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: z5-q1e_x8thmcdwnHXlUdTHVgnXQmU5YFASgdhH7Cf8NwRBCTiCCMA==

GET
H2 200 account_9b61648a66fde_poptin_cfa2893692e22_2022-08-02_23-06-01_version_29.html Show response
d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/ 113 KB
60 KB 136ms
23ms XHR
text/html 2600:9000:2251:2000:b:8c20:bf40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lopmpcew67el.cloudfront.net/client_16f9efd0362a4/account_9b61648a66fde_poptin_cfa2893692e22_2022-08-02_23-06-01_version_29.html
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:2000:b:8c20:bf40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9e47f854e6193e3bc038efc62774571e4439c6719e2fd5f816254cb9cf9a90d

Request headers

Accept: */*
Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: F1y.zlIeFBJOa7L.SjIqLqRTQA7hxOb8
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
date: Wed, 14 Dec 2022 06:00:21 GMT
x-amz-cf-pop: FRA60-P3
age: 48722
x-cache: Hit from cloudfront
last-modified: Thu, 01 Sep 2022 17:53:14 GMT
server: AmazonS3
etag: W/"0ebe34bc937cbe98b1f44d293ff134d1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 7GwnkPvkC_pZRBW18p6bOzTFnXXTaYBzjLZOXA8hD8vMXfOU04Mj1A==

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
416 B 109ms
108ms XHR
text/plain 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=_oA6pMGgoNs4jqA5X_sYDQ&is_js=true&landing_url=https%3A%2F%2Fwww.ewg.org%2F&t=Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group&tip=4vd11K4iHmFUZ0rLYhUbFB4k7eCyTDwj_wUPQTjzgGw&host=https://www.ewg.org&sa-user-id-v2=s%253AvU_UPGzxSdFPsKnBpn2HRbnVm6g.VV%252BJOYmf79tvAS8aFLnhaqdVKWvRwMyzVREPhL1W%252B2s&sa-user-id=s%253A0-bd4fd43c-6cf1-49d1-4fb0-a9c1a67d8745.rmm1l7WylrJJdPjx%252FTgHYX1jn24FkES1hWuGIP7%252BJ%252BU
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: 05e8056e4e591fb90a8094434a42c37c201c7367be9613d289508a00c72fdba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 19:32:18 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.ewg.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 116

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 211ms
201ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=431673573640385&ev=Microdata&dl=https%3A%2F%2Fwww.ewg.org%2F&rl=&if=false&ts=1671046338503&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group%22%2C%22meta%3Adescription%22%3A%22The%20Environmental%20Working%20Group%20is%20a%20nonprofit%2C%20nonpartisan%20organization%20dedicated%20to%20helping%20you%20live%20your%20healthiest%20life.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22EWG%22%2C%22og%3Adescription%22%3A%22The%20Environmental%20Working%20Group%20is%20a%20nonprofit%2C%20nonpartisan%20organization%20dedicated%20to%20helping%20you%20live%20your%20healthiest%20life.%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fwww.ewg.org%2Fsites%2Fdefault%2Ffiles%2F2021-02%2Fhomepage_default_1200x600.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1671046337919.741312750&it=1671046337805&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Dec 2022 19:32:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 17ms
8ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367774270429261&ev=Microdata&dl=https%3A%2F%2Fwww.ewg.org%2F&rl=&if=false&ts=1671046338504&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Environmental%20Working%20Group%20%E2%80%93%20Empowering%20%E2%80%A8Healthy%20Choices%20%7C%20Environmental%20Working%20Group%22%2C%22meta%3Adescription%22%3A%22The%20Environmental%20Working%20Group%20is%20a%20nonprofit%2C%20nonpartisan%20organization%20dedicated%20to%20helping%20you%20live%20your%20healthiest%20life.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22EWG%22%2C%22og%3Adescription%22%3A%22The%20Environmental%20Working%20Group%20is%20a%20nonprofit%2C%20nonpartisan%20organization%20dedicated%20to%20helping%20you%20live%20your%20healthiest%20life.%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fwww.ewg.org%2Fsites%2Fdefault%2Ffiles%2F2021-02%2Fhomepage_default_1200x600.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1671046337919.741312750&it=1671046337805&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Dec 2022 19:32:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame E6A9 3 KB
2 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ed2087f5ffca4fe2458fcdc22fc43441cae68c3a449c1d8e5dd1743d7e6b904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 19:32:18 GMT
content-md5: mj+Eswj4Wv6fF7eTDQEncg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: pDNq4i+ug2HEtCphEwpPVOFP3rK3MLsWXPO1C/lOXU6krXUsTVmILzeme4rkuHczeXKnpKN85V27zTT7KAMvoQ==
x-fb-content-md5: 3201f873a62755f8e35391778829fdc1
cross-origin-opener-policy: same-origin-allow-popups
etag: "3f1e68240dc0afc80a48ac6abca6f76b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Wed, 14 Dec 2022 19:49:49 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame E6A9 97 KB
29 KB 62ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 19:32:18 GMT
Content-Encoding: gzip
Age: 167
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29221
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
Server: ECS (frb/674C)
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ Frame E6A9 118 KB
47 KB 40ms
7ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CFD) /
Resource Hash: ac4f3a99557d9c17b6ded0c6d4f0b267f4879cde9baec07a83910ab8c7059f77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: 9j1it/ejcfI34cTV1VuCzA==
age: 1451
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.9.min.js
content-length: 47276
x-ms-lease-status: unlocked
last-modified: Mon, 31 Oct 2022 18:35:27 GMT
server: ECAcc (frc/4CFD)
x-ms-meta-aijssdkver: 2.8.9
etag: 0x8DABB6EAE654DEC
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 2de76353-401e-009e-40ef-0fdde1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Wed, 14 Dec 2022 20:02:18 GMT

GET
H/1.1 200
OK GlovedHeart.png
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/YEA%202022/ Frame E6A9 2 MB
2 MB 209ms
128ms Image
image/png 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/YEA%202022/GlovedHeart.png
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cbcec245a2e3ebe83489341444f67b7ab2d39b5bb6600749b5ba1fb684f258ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 14 Dec 2022 19:32:17 GMT
Last-Modified: Mon, 12 Dec 2022 21:43:08 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DADC89DC22B90F
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: ef63093f-001e-0037-39f2-0f95fd000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 2091575

GET
H2 200 l
use.typekit.net/af/743863/00000000000000007735b531/30/ Frame E6A9 26 KB
26 KB 9ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/743863/00000000000000007735b531/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/dzc8utw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 160f8cc050512a40c6445bc42fac73fe2a1488abda38473c7e6360100268f1e3

Request headers

Referer: https://use.typekit.net/dzc8utw.css
Origin: https://act.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
server: nginx
etag: "0ee0a8547a58a70e50e25ac59f80461aca2a30a5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26512

GET
H2 200 l
use.typekit.net/af/79d08f/00000000000000007735b53c/30/ Frame E6A9 26 KB
26 KB 10ms
10ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/79d08f/00000000000000007735b53c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/dzc8utw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8b6e1621b8ede01def3b5b74dca23d7971e6916d306464ddf550fd3d2f28eb2b

Request headers

Referer: https://use.typekit.net/dzc8utw.css
Origin: https://act.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
server: nginx
etag: "bcb0944739635ca341c49a05e996cc540defe510"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26204

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame E6A9 306 KB
86 KB 33ms
15ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=fc6f8d48ea4f2a889e1879ec913308fa

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11ce496817ef0b6c9ad557c52bff1e1dfd33a806faa51cc9ed7b942880b05382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://act.ewg.org/
Origin: https://act.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 19:32:18 GMT
content-md5: STKQI1K4mcZOgYsK1/eZnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88441
x-fb-rlafr: 0
x-fb-debug: tqPFtbTqEPPFxcYlzgd+F1IQh0U4ftUg1+aKmsdZJYaVIa2ig7Sm0I3m63/N6/puKXCeQqbmfSq444H8K0MFcg==
x-fb-content-md5: 9f416bdad8a885097e9ee0c037cc7147
cross-origin-opener-policy: same-origin-allow-popups
etag: "d8065a3d0785660e497605220eb81404"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Dec 2023 19:11:56 GMT

GET
H3 200 optimize.js Show response
www.googleoptimize.com/ Frame E6A9 130 KB
47 KB 122ms
49ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-PMD7D89

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9877072b1f6c1e6ee445ad267bc3355c513c601a7f593ce1d84320bb57fa67fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 19:32:18 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame E6A9 49 KB
20 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 19:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 461
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 14 Dec 2022 21:24:37 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1071783566/ Frame E6A9 2 KB
1 KB 123ms
48ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1071783566/?random=1671046338603&cv=11&fst=1671046338603&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&ref=https%3A%2F%2Fwww.ewg.org%2F&tiba=Support%20EWG%20with%20a%20Year-End%20Gift!&value=0&bttype=purchase&auid=485289946.1671046337&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

1084fb5d7a6a2737fe701ec8e4f3094c8765e88e9bf56c2665903cc12823aefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame E6A9 38 KB
11 KB 33ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 14 Dec 2022 19:32:17 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07FC3C70FB324148A59D4FC5AC463EB7 Ref B: FRAEDGE1521 Ref C: 2022-12-14T19:32:18Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108002/ Frame E6A9 2 KB
937 B 87ms
87ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108002/?random=1671046338606&cv=11&fst=1671046338606&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&ref=https%3A%2F%2Fwww.ewg.org%2F&tiba=Support%20EWG%20with%20a%20Year-End%20Gift!&auid=485289946.1671046337&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4009aa52ea00d47fd2f396a8b60737e6262c32d1606ad9bdddd58ab7f6268497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 913
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame E6A9 103 KB
27 KB 17ms
14ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ewg.org
URL: https://www.ewg.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

afb1dcad63433cbf8ac857dc57fb92e7023117152c82ce97d5cfeea17400b0b9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Dec 2022 19:32:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27299
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: t/i3eWYUBBsvwRhgVH63recULGasgxy7pYNrh1faDjc9X0LmyHFZlPU+W9x7S0MgQVxArgIEwSk18K46Y6gBqg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ Frame E6A9 17 KB
6 KB 111ms
109ms Script
text/javascript 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: 30dcd2399d4de081191844bafdbc2586eb172bde6f540c058f39bb26193a0407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 14 Dec 2022 19:32:18 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
transfer-encoding: chunked
Content-Type: text/javascript

GET
H3 200 pixel.js Show response
cdn.popt.in/ Frame E6A9 215 KB
48 KB 29ms
27ms Script
text/javascript 2606:4700:e4::ac40:ac16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/pixel.js?id=16f9efd0362a4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:ac16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea9b9ad0a4833d68850222013198bd9e5f6ae19ba856a071823b51ee6c3262f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
x-amz-version-id: dNjIKK.xi13Umkasdey5TxaO1ZOU8two
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 5630
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Dec 2022 13:58:01 GMT
server: cloudflare
etag: W/"1b512cf3fb3d339b5deaccb0808f711f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C27WRxh09d85Yc5BYEgK9C0Yd%2BpEFQvv6pVo%2Fvy%2FLR1v8Ex1fVc2APzJDKlr%2FH4CoWZRnC3D%2FXiUcPK8aITonvOAtBf9rC%2FP3IO9XrYZAy2wQm44BI9%2B9uIX%2B5zf6iem8b3nIE9w0ZU4aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 77995d6058c2b397-MUC
x-amz-cf-id: 4C1KnFpdnGcNtcLVAudH7-hYVm2DnRTeFQzfC3ekzdOQcHZfgD-sqQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame E6A9 220 KB
76 KB 46ms
44ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CS21GC49KT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPNMZJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c7c18b4cedbac846bc71fd9ecf8f4a8370774346b8aa3a08d6ef7c07ee556cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78069
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 19:32:18 GMT

GET
DATA 200
OK truncated
/ 65 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e04ee7a16028fbf8607461fa3629bb65ecc9037de81ed14133baa65ab02eafc3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 80 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b62ce1f6ccb34390aec472b0bdea5d5c37c0315456c2769efe013f34e5a74576

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 102 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a8fef83a8c2600cbd7d6f27ad7fd5b9a16e5a754bee831bd4c8fab6fddb0a76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 65 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b34715488cfcf0d595584214705f8c8b1606eaa8b931ff24555848fa05f49963

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 93 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df3d8b5c71dec6e51ceb2fae0b31ed93cd599fdfa8125b938c61cf6fd5e58a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 _Incapsula_Resource
act.ewg.org/ Frame E6A9 1 B
35 B 16ms
15ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://act.ewg.org/_Incapsula_Resource?SWKMTFSR=1&e=0.08552932885631992
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/a/2022-deadline?sourceid=1021356
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H/1.1 200
OK widget_iframe.644279d1635fd969e87af94a98bd232b.html Show response
platform.twitter.com/widgets/ Frame 01DE 320 KB
104 KB 7ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fact.ewg.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://act.ewg.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 590870
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Wed, 14 Dec 2022 19:32:18 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3 200 /
www.google.com/pagead/1p-user-list/698108002/ Frame E6A9 42 B
64 B 49ms
49ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108002/?random=1671046338606&cv=11&fst=1671044400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&ref=https%3A%2F%2Fwww.ewg.org%2F&tiba=Support%20EWG%20with%20a%20Year-End%20Gift!&fmt=3&is_vtc=1&random=3794037470&rmt_tld=0&ipr=y

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/698108002/ Frame E6A9 42 B
64 B 50ms
50ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698108002/?random=1671046338606&cv=11&fst=1671044400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&ref=https%3A%2F%2Fwww.ewg.org%2F&tiba=Support%20EWG%20with%20a%20Year-End%20Gift!&fmt=3&is_vtc=1&random=3794037470&rmt_tld=1&ipr=y

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 431673573640385 Show response
connect.facebook.net/signals/config/ Frame E6A9 293 KB
84 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/431673573640385?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d32fa260a04d92e7518b819cb3d8914500fb33012210ed5e02b050653e47f37f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Dec 2022 19:32:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86081
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: wuEtSbQ1mIKioCuX6NipxIiks9X2Jc5dtZJwAwX+zqzUnuPeSsMBmSmrR7vrZe/g/sMUr68x1uJh0cb4RbL7Lg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ Frame E6A9 87 KB
28 KB 15ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: cdn.popt.in
URL: https://cdn.popt.in/pixel.js?id=16f9efd0362a4

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 612287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27964
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15d95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AY25HEI9CnFpDXjl7ooHq9r3KzZloLku5HJCscX210JDeEzlat%2F%2BTO%2FMsrAh3GMWzz2yNvrgf5AOREHBGY7NPaCYZ1RkrLvg5Rgx2eGFqDphox4mRMvGG9oWpANjWFPr6%2Blyx89dbjVyZLy%2BOZqLqVTi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77995d620d809000-FRA
expires: Mon, 04 Dec 2023 19:32:18 GMT

GET
H2 200 extra.min.css
static.everyaction.com/ea-actiontag/ Frame E6A9 78 KB
14 KB 8ms
8ms Stylesheet
text/css 2600:9000:2490:5400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:5400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 726300a61f2238d41c7e6264f65c8b2c737ac5f831891e0ce738f6eb95f4dcab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:36:37 GMT
content-encoding: gzip
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 14185
x-cache: Hit from cloudfront
content-length: 14216
last-modified: Tue, 13 Dec 2022 15:35:24 GMT
server: AmazonS3
etag: "583f9c947fb13682a292ac1b47c647a7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: IrVQ3bzUigBT8DKZAcSswB9rOfGgbEfHP6RQHsHUXsAo41RzXytXGA==

GET
H2 200 identity Show response
profile.ngpvan.com/ Frame E6A9 72 B
747 B 104ms
103ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

31bce978d653ff68258bcb3967276dcd50828d7d210cfb690ce2ade7bdeb599f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"48-CNWm3Q9nVAfRXs/AktTnuYWCGgE"
x-powered-by: Express, ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo: 9-177380035-177380037 PNNN RT(1671046335505 2526) q(0 0 0 -1) r(1 1) U5
content-length: 192
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 204 17156808.js Show response
bat.bing.com/p/action/ Frame E6A9 0
118 B 105ms
105ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17156808.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 14 Dec 2022 19:32:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A4C326F31C974BF8A7A8A7FF3062D4BD Ref B: FRAEDGE1521 Ref C: 2022-12-14T19:32:18Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame E6A9 0
119 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17156808&tm=gtm002&Ver=2&mid=87895923-0d14-45ae-8605-f6429f01a9e6&sid=04f9b4007be611edb51de775268080b1&vid=04f9d6707be611ed80fd0d455db360ea&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Support%20EWG%20with%20a%20Year-End%20Gift!&p=https%3A%2F%2Fwww.ewg.org%2F&r=&lt=1906&evt=pageLoad&ifm=1&sv=1&rn=550422

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Dec 2022 19:32:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E7406DA3126945DBAFC5F0C14627A980 Ref B: FRAEDGE1521 Ref C: 2022-12-14T19:32:18Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ Frame E6A9 65 B
292 B 108ms
108ms Stylesheet
text/css 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: 5d79290c430e328b4f205a56531d27ed1d506d5317447e51f72b712bb4f7a9c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 14 Dec 2022 19:32:18 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ Frame E6A9 0
881 B 108ms
108ms Fetch
image/jpeg 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 14 Dec 2022 19:32:18 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H3

200

/
www.google.de/pagead/1p-conversion/1071783566/ Frame E6A9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071783566/?random=1444379519&cv=11&fst=1671046338603&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69i...
https://www.google.com/pagead/1p-conversion/1071783566/?random=1444379519&cv=11&fst=1671046338603&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadse...
https://www.google.de/pagead/1p-conversion/1071783566/?random=1444379519&cv=11&fst=1671046338603&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadser...

42 B
64 B

53ms
53ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1071783566/?random=1444379519&cv=11&fst=1671046338603&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&ref=https%3A%2F%2Fwww.ewg.org%2F&tiba=Support%20EWG%20with%20a%20Year-End%20Gift!&value=0&auid=485289946.1671046337&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0lYbW5BWVEyWVM4b0tXeWdyTTVFaVVBTkx2QzFvSm5LMmZUOThQM19kd29MMHBBR2xrX1lBYko3MDItOEFUbXZ3RE9VRHY2GldDaEFJZ0lYbW5BWVEtOWVtbTVmMTdkSVZFaTBBSV8yVmlLY3VnazdPX2dFYTZRZ1BZMXpzSVhpM1NXNWJUTmUteEZZUkxNUGpYLS01enNWY1A4b0laVGM&is_vtc=1&ocp_id=wiSaY7ujKsStmLAPhtaj2AY&cid=CAQSKQDq26N9yogd43hCRk8lHcNGT_JpbhYatD23hP0-mdF4AFTR9Sx6rNe7IBM&eitems=ChEIgIXmnAYQkta9xq6Z6bD1ARIdAAFPixodiN_MXc9nDJAs7LAAhrT9E5-2pcKZsnc&random=3948542626&ipr=y&prhg=0

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1071783566/?random=1444379519&cv=11&fst=1671046338603&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=Pg0mCKq7vZYBEI69iP8D&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&ref=https%3A%2F%2Fwww.ewg.org%2F&tiba=Support%20EWG%20with%20a%20Year-End%20Gift!&value=0&auid=485289946.1671046337&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0lYbW5BWVEyWVM4b0tXeWdyTTVFaVVBTkx2QzFvSm5LMmZUOThQM19kd29MMHBBR2xrX1lBYko3MDItOEFUbXZ3RE9VRHY2GldDaEFJZ0lYbW5BWVEtOWVtbTVmMTdkSVZFaTBBSV8yVmlLY3VnazdPX2dFYTZRZ1BZMXpzSVhpM1NXNWJUTmUteEZZUkxNUGpYLS01enNWY1A4b0laVGM&is_vtc=1&ocp_id=wiSaY7ujKsStmLAPhtaj2AY&cid=CAQSKQDq26N9yogd43hCRk8lHcNGT_JpbhYatD23hP0-mdF4AFTR9Sx6rNe7IBM&eitems=ChEIgIXmnAYQkta9xq6Z6bD1ARIdAAFPixodiN_MXc9nDJAs7LAAhrT9E5-2pcKZsnc&random=3948542626&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame E6A9 35 B
55 B 38ms
37ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=749287967&t=pageview&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&dr=https%3A%2F%2Fwww.ewg.org%2F&ul=en-us&de=UTF-8&dt=Support%20EWG%20with%20a%20Year-End%20Gift!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SCCAiEABRAAAAAAAI~&jid=&gjid=&cid=990904173.1671046336&tid=UA-296149-25&_gid=1123595738.1671046336&gtm=2wgbu0PPNMZJ&cg2=a&cg3=act.ewg.org&z=191476180

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 12:42:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24577
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame E6A9 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=749287967&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&dr=https%3A%2F%2Fwww.ewg.org%2F&ul=en-us&de=UTF-8&dt=Support%20EWG%20with%20a%20Year-End%20Gift!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%20Tracking&ea=0%25&el=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&_u=SCCAiEABRAAAAAAAI~&jid=&gjid=&cid=990904173.1671046336&tid=UA-296149-25&_gid=1123595738.1671046336&gtm=2wgbu0PPNMZJ&z=1590716455

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 12:42:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24577
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 01DE 1 KB
722 B 155ms
116ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=d3ae6135c5f4103667a970f9ba8c6b535af0b456

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fact.ewg.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

35d05550e6b74af381716ccae2c9d1a5e6eb8ae78eb80c43a4f1d55ecc4d2250

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 110
date: Wed, 14 Dec 2022 19:32:18 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 14 Dec 2022 19:32:19 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 90fca9d295da48dd
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 1d42e27e07a2839b2acd3f121f41fced3cd1597aeea5e0728a6975c237a41898
content-length: 402

GET
H2 200 jIvL-Hync0C71ZAoG43q_g2 Show response
secure.everyaction.com/v1/Forms/ Frame E6A9 19 KB
6 KB 370ms
370ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/v1/Forms/jIvL-Hync0C71ZAoG43q_g2?sourceid=1021356

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

edd69577decf23833d2ea470fb6aec8a6f9213daec5cf9ae57929e7998fd636f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://act.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 14-480205146-480204273 PNNN RT(1671046335591 2530) q(0 0 0 -1) r(3 3) U2
content-length: 6165
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
pragma: no-cache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://act.ewg.org
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
expires: -1

GET
H3 200 367774270429261 Show response
connect.facebook.net/signals/config/ Frame E6A9 293 KB
84 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/367774270429261?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

26c3a45b7d8c8246c99eead0639edbc8459a9011b295864bdfc9144bcf41518f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Dec 2022 19:32:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86116
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ltGtpJcaajiQEBd7b9wJFy0itppzXQafFjLR+uaNlAnkFPKVl2ALJR0JraQI1dnLH15DMHchwk3z4fWGsmFbJg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame E6A9 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=431673573640385&ev=PageView&dl=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&rl=https%3A%2F%2Fwww.ewg.org%2F&if=true&ts=1671046339032&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1671046337919.741312750&it=1671046338885&coo=false&rqm=GET

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Dec 2022 19:32:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 nvtag Show response
profile.ngpvan.com/v2/data/RC9b_3ph7l3fj6Pqzd1GDMwp/ Frame E6A9 2 B
773 B 108ms
108ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/RC9b_3ph7l3fj6Pqzd1GDMwp/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://act.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:19 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by: Express, ASP.NET
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://act.ewg.org
x-iinfo: 13-424982570-424981459 PNNN RT(1671046336118 2040) q(0 0 0 -1) r(1 1) U5
access-control-allow-credentials: true
content-length: 123
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3 200 16f9efd0362a4 Show response
display.popt.in/APIRequest/ Frame E6A9 5 KB
4 KB 285ms
268ms XHR
application/json 2606:4700:e4::ac40:ad16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.popt.in/APIRequest/16f9efd0362a4?domain=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&referrer=https%3A%2F%2Fwww.ewg.org%2F&previous_url=&cookies=%20poptin_old_user%3Dtrue%20poptin_user_id%3D0.c2clltn83sa%20poptin_referrer%3Dhttps%3A%2F%2Fwww.ewg.org%2F%20poptin_previous_url%3Dhttps%3A%2F%2Fwww.ewg.org%2F%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=Support%20EWG%20with%20a%20Year-End%20Gift!&origin_landing_page=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1990d3adef59d603fcd698048ce388899d32630dd702ca04cb906d906ad4ef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://bc.popt.in https://.mybigcommerce.com https://.jumpseller.com https://.myshopline.com https://.myshopify.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://act.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:19 GMT
content-security-policy: frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGp7YfO8ZC8D6ww1Tp0ZSl6oUgEYBjgBQHOdvDUWuwovOPY5kxP4qCkWbuebv4zhLpJHBN2Lxp7M4wO%2BWzKfBQjMOE%2FWWQsMJOTcdFlPgC%2F8MBvSmBfdwqIrvTKCfWA0%2BAYwYqzkgwKu7nA%2F2mI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, no-store, nocache, private
access-control-allow-credentials: true
cf-ray: 77995d633b010e64-AMS
access-control-allow-headers: Origin, Content-Type
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ Frame E6A9 116 B
416 B 108ms
108ms XHR
text/plain 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=_oA6pMGgoNs4jqA5X_sYDQ&is_js=true&landing_url=https%3A%2F%2Fwww.ewg.org%2F&t=Support%20EWG%20with%20a%20Year-End%20Gift!&tip=lEe5rEOfQHwF8H_BxQzjxTVuHQ62UqzxCHHfbGA-Mw4&host=https://act.ewg.org&sa_conv_data_css_value=%20%220-bd4fd43c-6cf1-49d1-4fb0-a9c1a67d8745%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9e8e2705d62fa48dc6ffe77ad409075afb9d59ba8&sa-user-id-v2=s%253AtyI1QrNNRrh9WvSUtqd9UbnVm6g.j5nATcBKtZMUIIHQGl6BX%252BtOXsMDnyL%252Bn90UJrBcFNk&sa-user-id=s%253A0-bd4fd43c-6cf1-49d1-4fb0-a9c1a67d8745.rmm1l7WylrJJdPjx%252FTgHYX1jn24FkES1hWuGIP7%252BJ%252BU
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: 05e8056e4e591fb90a8094434a42c37c201c7367be9613d289508a00c72fdba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 19:32:19 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://act.ewg.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 116

GET
H3 200 /
www.facebook.com/tr/ Frame E6A9 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367774270429261&ev=PageView&dl=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&rl=https%3A%2F%2Fwww.ewg.org%2F&if=true&ts=1671046339065&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1671046337919.741312750&it=1671046338885&coo=false&rqm=GET

Requested by

Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Dec 2022 19:32:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 lightbox_inline.js Show response
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ Frame E6A9 2 KB
1 KB 20ms
20ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox_inline.js?mb=1671046339108
Requested by: Host: www.ewg.org
URL: https://www.ewg.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f793d0ef8e7b2b0a2f5271e63c4be9cfaefcf746af1b849d353bf75e420d20d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Dec 2022 19:32:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: o+td2hMqqGlNUrKlAG8B3A==
age: 159
cf-polished: origSize=2379
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 13 Sep 2022 14:31:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 153b4697-701e-0006-177f-c7ef48000000
x-ms-version: 2009-09-19
cf-ray: 77995d636a26926e-FRA

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ Frame 1B5A 391 B
300 B 26ms
24ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1671046339130&lv=1
Requested by: Host: act.ewg.org
URL: https://act.ewg.org/a/2022-deadline?sourceid=1021356
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2c4f7994b46baacaf83f6c7d39d04ace2b4d97dc445d5b066308ea44924134c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 14 Dec 2022 19:24:55 GMT
server: cloudflare
age: 444
cf-polished: origSize=399
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 77995d63aa6c926e-FRA

GET
H2 204 RC9b_3ph7l3fj6Pqzd1GDMwp Show response
secure.everyaction.com/Databag/Profile/ Frame E6A9 0
458 B 116ms
115ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/RC9b_3ph7l3fj6Pqzd1GDMwp

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://act.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://act.ewg.org
x-iinfo: 14-480205146-480204273 PNNN RT(1671046335591 2687) q(0 0 0 -1) r(1 1) U11
access-control-expose-headers: Request-Context
cache-control: private
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 204 RC9b_3ph7l3fj6Pqzd1GDMwp Show response
secure.ngpvan.com/Databag/Profile/ Frame E6A9 0
519 B 100ms
100ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/RC9b_3ph7l3fj6Pqzd1GDMwp

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://act.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://act.ewg.org
x-iinfo: 9-177380035-177380101 PNNN RT(1671046335505 2773) q(0 0 0 -1) r(1 1) U11
access-control-expose-headers: Request-Context
cache-control: private
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 204 RC9b_3ph7l3fj6Pqzd1GDMwp Show response
act.ewg.org/Databag/Profile/ Frame E6A9 0
317 B 415ms
415ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://act.ewg.org/Databag/Profile/RC9b_3ph7l3fj6Pqzd1GDMwp

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://act.ewg.org/a/2022-deadline?sourceid=1021356
traceparent: 00-ae899399f4aa43c6959d8f6050e8d88f-e9f38faa28bd491a-01
Request-Id: |ae899399f4aa43c6959d8f6050e8d88f.e9f38faa28bd491a
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
x-iinfo: 13-424982647-424982959 NNNN CT(85 194 0) RT(1671046336529 1751) q(0 0 3 -1) r(4 4) U11
access-control-expose-headers: Request-Context
cache-control: private
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/ Frame 1B5A 699 KB
139 KB 36ms
36ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637986762665900297
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/lightbox.js?mb=1671046339130&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58763733061901ff2cbe41aa5cb11db40f79570634ef694859d0ea3ec551bc70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Dec 2022 19:32:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: zQ7fmcRzxqs5nTKggN/6Lg==
age: 170602
cf-polished: origSize=1171985
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 13 Sep 2022 14:31:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: af1b5632-b01e-0076-6be4-fd9c8c000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 77995d63eabc926e-FRA
expires: Thu, 14 Dec 2023 19:32:19 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ Frame E6A9 4 KB
1 KB 37ms
36ms Stylesheet
text/css 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637986762665900297
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637986762665900297
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Dec 2022 19:32:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 429632
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 7a5003a0-501e-005e-4809-ebeb33000000
cache-control: public, max-age=2678400
x-ms-version: 2009-09-19
cf-ray: 77995d64abf8926e-FRA
expires: Sat, 14 Jan 2023 19:32:19 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/42018/act.ewg.org/jsonp/ Frame E6A9 629 B
895 B 134ms
134ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42018/act.ewg.org/jsonp/z?cb=1671046339310&callback=jQuery1710751023041525658_1671046339300&_=1671046339310
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637986762665900297
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ae8d6a9d9012b3df20445c80f9b08060021e80ccc896cec18d15a0fb126b4bcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 19:32:19 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ Frame E6A9 35 B
105 B 34ms
33ms Image
image/gif 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1671046339303&h=act.ewg.org&e=p&u=42018
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Dec 2022 19:32:19 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1331384
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 54c2d414-d01e-0029-27cf-116e72000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 77995d64bc0a926e-FRA

POST
H3 204 rum Show response
www.ewg.org/cdn-cgi/ 0
139 B 30ms
15ms XHR
text/plain 2606:4700:10::ac43:6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewg.org/cdn-cgi/rum?

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/2.b834baef76dc.vendors~sentry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:6f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Wed, 14 Dec 2022 19:32:19 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.ewg.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 77995d64ea389b5b-FRA

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 259ms
17ms Preflight 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://act.ewg.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Wed, 14 Dec 2022 19:32:18 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ Frame E6A9 96 B
281 B 38ms
37ms XHR
application/json 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7acd994005f04a39f775d8d21a566ab63a04cc7c3bfe0f25f0ca50c069cac6b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.ewg.org/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 984CBED0-474A-4F4F-AEF3-F92BE92205B1
strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 19:32:18 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

GET
H2 200 identity Show response
fastaction.ngpvan.com/api/v1/ Frame E6A9 182 B
793 B 415ms
365ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1671046339381=

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

4bf3e45465efe33f9f458b4347852c4fb7862b814448fcc777b260c2f23fffdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"b6-A2C3IqG0yjh9TlWTIHcMqjocVz4"
x-powered-by: Express, ASP.NET
vary: Accept-Encoding,Accept-Encoding
content-type: text/javascript; charset=utf-8
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo: 9-177380035-177380284 NNNN CT(85 175 0) RT(1671046335505 3041) q(0 0 3 1) r(4 4) U4
content-length: 295
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
DATA 200
OK truncated
/ Frame E6A9 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 glyphicons-regular.woff2
static.everyaction.com/ea-actiontag/assets/fonts/ Frame E6A9 94 KB
95 KB 8ms
8ms Font
application/font-woff2 2600:9000:2490:5400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/assets/fonts/glyphicons-regular.woff2
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:5400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Referer: https://static.everyaction.com/ea-actiontag/extra.min.css
Origin: https://act.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 08:14:14 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 40712
x-cache: Hit from cloudfront
content-length: 96388
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "aca35251952e72d9e32d41217f0f97ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: oLK2GjXmADvOQHuNEPZpfWkitwK0plCSVlZywCUksS_EVuRn0Ly5ow==

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.14.0/lib/ Frame 448A 157 KB
50 KB 412ms
412ms Document
text/html 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd1d8cd2907b540b21dcf7beaccf32b9daa22d264957dd35b40163b60bd68990

Request headers

Referer: https://act.ewg.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 14 Dec 2022 19:32:20 GMT
ETag: W/"97f82781c5ac2a3b3eba82e1acd3a414"
Last-Modified: Wed, 08 Jun 2022 01:07:54 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront), 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: vLrRbeXi50YFJLRcBQVZQuhPnofHJglnbwq8ENH9KUK9uEC_63_4gw==
X-Amz-Cf-Pop: FRA60-P3 FRA60-P4
X-Cache: RefreshHit from cloudfront
x-amz-version-id: AYlU8OsANyylDz5dU9HvCSPOdq6NIWUJ

GET
H2 200 l
use.typekit.net/af/b28757/00000000000000007735b52b/30/ Frame E6A9 26 KB
26 KB 10ms
10ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b28757/00000000000000007735b52b/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/dzc8utw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 095a3f5e1632d61f35e9cc72aa73f3838d324ef770938716b4d3cbcf85ee7b69

Request headers

Referer: https://use.typekit.net/dzc8utw.css
Origin: https://act.ewg.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:19 GMT
server: nginx
etag: "24cb1cd883478751f42654367ce698d37d6d503f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26548

GET
H2 200 jIvL-Hync0C71ZAoG43q_g2 Show response
actions.everyaction.com/PayPalClientToken/ Frame E6A9 2 KB
3 KB 670ms
650ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://actions.everyaction.com/PayPalClientToken/jIvL-Hync0C71ZAoG43q_g2

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

373de2da218ab34f7b9bb721118757918432f550fb1d0cec867dbbab8d9cb659

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://act.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 14-480205146-480205792 NNNN CT(84 177 0) RT(1671046335591 2969) q(0 0 3 0) r(7 7) U18
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://act.ewg.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true

GET
H2 200 paypal-logo.png
static.everyaction.com/ea-actiontag/assets/images/ Frame E6A9 3 KB
3 KB 8ms
8ms Image
image/png 2600:9000:2490:5400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/paypal-logo.png
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:5400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.everyaction.com/ea-actiontag/at.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 04:42:44 GMT
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8866176
x-cache: Hit from cloudfront
content-length: 2778
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "459c51e4e024db4720b62513d12edb6a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: fZJSFHx0ICwT37LT_BSIel3JO8YhfkJzGPBOrT2zNP-s4jaRpxr36A==

GET
H2 200 intlTelInput.min.css
static.everyaction.com/ea-actiontag/assets/styles/ Frame E6A9 19 KB
20 KB 8ms
8ms Stylesheet
text/css 2600:9000:2490:5400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:5400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 14:47:47 GMT
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jul 2022 18:06:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 17073
etag: "7e7462900c78bbf73c9dfde6c0b617fc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 19755
x-amz-cf-id: sxV568z8LNBELcDtItMHZ5n5ywBRafgmjbZibk2JTzgenDm21zYkZQ==

GET
H2 200 intlTelInput.js Show response
static.everyaction.com/ea-actiontag/assets/js/ Frame E6A9 87 KB
21 KB 14ms
14ms Script
application/javascript 2600:9000:2490:5400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/assets/js/intlTelInput.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:5400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0038a6e25db3ee0970fc09cffb0fb2b0b81a8f989dcb6b60daaec096c3cf942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 18:06:31 GMT
content-encoding: gzip
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 13915549
x-cache: Hit from cloudfront
content-length: 20855
last-modified: Wed, 06 Jul 2022 18:06:16 GMT
server: AmazonS3
etag: "4e9eea3ebff6224045ec4e2eb462c4f7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: zTdMagzdqKStHfBMIqD1c1gFATjxXvOwP2dbs-D7UDPThhRRRg6LQg==

GET
H2 200 intl-tel.input.utils.js Show response
static.everyaction.com/ea-actiontag/assets/js/ Frame E6A9 245 KB
55 KB 15ms
15ms Script
application/javascript 2600:9000:2490:5400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/assets/js/intl-tel.input.utils.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:5400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 00:31:20 GMT
content-encoding: gzip
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 20458860
x-cache: Hit from cloudfront
content-length: 56004
last-modified: Tue, 12 Apr 2022 14:33:00 GMT
server: AmazonS3
etag: "4b9bf850ee4aa76202eb0e6f5948bfa8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5mmPsJQ2aPeLap92zkTkkDJV4eqxhObReit_zzG1zzcXkCjXbrc6Cg==

GET
DATA 200
OK truncated
/ Frame E6A9 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 collect
www.google-analytics.com/ Frame E6A9 35 B
55 B 38ms
37ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=749287967&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&dr=https%3A%2F%2Fwww.ewg.org%2F&ul=en-us&de=UTF-8&dt=Support%20EWG%20with%20a%20Year-End%20Gift!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ContributionForm&ea=Form%20Load&el=Minimal&ev=25&_u=SDCAiEABRAAAAAAAI~&jid=&gjid=&cid=990904173.1671046336&tid=UA-296149-25&_gid=1123595738.1671046336&gtm=2wgbu0PPNMZJ&z=2139240236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 12:42:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24578
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame E6A9 0
15 B 9ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=431673573640385&ev=ViewContent&dl=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&rl=https%3A%2F%2Fwww.ewg.org%2F&if=true&ts=1671046339399&cd[content_name]=2022%20TRO%201%20-%20Splash&cd[content_category]=ContributionForm&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1671046337919.741312750&it=1671046338885&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Dec 2022 19:32:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ Frame E6A9 0
15 B 10ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367774270429261&ev=ViewContent&dl=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&rl=https%3A%2F%2Fwww.ewg.org%2F&if=true&ts=1671046339400&cd[content_name]=2022%20TRO%201%20-%20Splash&cd[content_category]=ContributionForm&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1671046337919.741312750&it=1671046338885&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Dec 2022 19:32:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK rt
srv.stackadapt.com/ Frame E6A9 43 B
168 B 112ms
110ms Image
image/gif 18.214.117.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv.stackadapt.com/rt?sid=pT46Xay2aUZgJC9VGHslbr&url=https%3A%2F%2Fwww.ewg.org%2F&t=Support%20EWG%20with%20a%20Year-End%20Gift!&tip=lEe5rEOfQHwF8H_BxQzjxTVuHQ62UqzxCHHfbGA-Mw4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.117.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-117-136.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 19:32:19 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 jIvL-Hync0C71ZAoG43q_g2
secure.everyaction.com/v1/Track/ Frame E6A9 0
339 B 114ms
112ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.everyaction.com/v1/Track/jIvL-Hync0C71ZAoG43q_g2?sourceid=1021356&formSessionId=33bcd1aa-a6ed-48e3-8b6b-9e2f2a18b717&bName=chrome&dType=desktop&fUrl=aHR0cHM6Ly9hY3QuZXdnLm9yZy9hLzIwMjItZGVhZGxpbmU%2Fc291cmNlaWQ9MTAyMTM1Ng%3D%3D&fRef=aHR0cHM6Ly93d3cuZXdnLm9yZy8%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Wed, 14 Dec 2022 19:32:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 14-480205146-480204273 PNNN RT(1671046335591 2996) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 200
OK paypal-logo.png
d1aqhv4sn5kxtx.cloudfront.net/images/ Frame E6A9 3 KB
3 KB 9ms
8ms Image
image/png 108.138.24.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/images/paypal-logo.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-138.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 02:47:28 GMT
Via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 9650692
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2778
Last-Modified: Tue, 03 Mar 2020 23:51:55 GMT
Server: AmazonS3
ETag: "459c51e4e024db4720b62513d12edb6a"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Amz-Cf-Id: 6CcpywUrZkQxh1OBNxa8_8uwXC3UvxYbDXLrAzHN4to9PeSpC65A1A==

GET
H/1.1 200
OK 4StarRect.jpg
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ Frame E6A9 21 KB
22 KB 104ms
103ms Image
image/jpeg 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/4StarRect.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1b6d557ed86d8d0be4a0c7620f7319ce7a8aafd7fb85b871e2872a117823fd88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 14 Dec 2022 19:32:18 GMT
Last-Modified: Thu, 08 Aug 2019 19:46:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D71C39275E92EE
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: ef630cd6-001e-0037-16f2-0f95fd000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 21726

GET
H/1.1 200
OK Guidestar-Platinum-2021.png
nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/ Frame E6A9 13 KB
14 KB 106ms
105ms Image
image/png 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/EWG/EWG/1/71381/images/Guidestar-Platinum-2021.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: de8919a325ec4070e12dcb776690fce8f326fa7e6c71b410b6d5d4ffa83a565a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 14 Dec 2022 19:32:18 GMT
Last-Modified: Fri, 30 Jul 2021 17:18:15 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D9537E04927FC0
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 868d3085-a01e-003e-76f2-0fd02e000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 13320

GET
H2 200 fast-action.svg
static.everyaction.com/ea-actiontag/assets/images/ Frame E6A9 9 KB
9 KB 9ms
8ms Image
image/svg+xml 2600:9000:2490:5400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/fast-action.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:5400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:31:06 GMT
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 57674
x-cache: Hit from cloudfront
content-length: 9203
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "babd47dc25531a9faeadc04f1afa1910"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: mV5NaZ-1j0qnQwsZpNL4ypnXiH4_-ijLck6ckNT0W7T2h7P5nNjg4A==

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.14.0/lib/ Frame 165F 157 KB
50 KB 323ms
309ms Document
text/html 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd1d8cd2907b540b21dcf7beaccf32b9daa22d264957dd35b40163b60bd68990

Request headers

Referer: https://act.ewg.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 14 Dec 2022 19:32:20 GMT
ETag: W/"97f82781c5ac2a3b3eba82e1acd3a414"
Last-Modified: Wed, 08 Jun 2022 01:07:54 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront), 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: lkLtK_gAO27b0kIPkEB0cL2_4DFw5DXWjWevO9OWQklcU5My2tSUAA==
X-Amz-Cf-Pop: FRA60-P3 FRA60-P4
X-Cache: Hit from cloudfront
x-amz-version-id: AYlU8OsANyylDz5dU9HvCSPOdq6NIWUJ

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.14.0/lib/ Frame F2E3 157 KB
50 KB 316ms
302ms Document
text/html 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd1d8cd2907b540b21dcf7beaccf32b9daa22d264957dd35b40163b60bd68990

Request headers

Referer: https://act.ewg.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 14 Dec 2022 19:32:20 GMT
ETag: W/"97f82781c5ac2a3b3eba82e1acd3a414"
Last-Modified: Wed, 08 Jun 2022 01:07:54 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront), 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ypWWnZaWEjjJnpjMqhkrQuAa56G_516PJPdRj0JpMU3EvtYBvkt-kw==
X-Amz-Cf-Pop: FRA60-P3 FRA60-P4
X-Cache: Hit from cloudfront
x-amz-version-id: AYlU8OsANyylDz5dU9HvCSPOdq6NIWUJ

GET
H3 200 /
www.facebook.com/tr/ Frame E6A9 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=431673573640385&ev=Microdata&dl=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&rl=https%3A%2F%2Fwww.ewg.org%2F&if=true&ts=1671046339533&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Support%20EWG%20with%20a%20Year-End%20Gift!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1671046337919.741312750&it=1671046338885&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Dec 2022 19:32:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ Frame E6A9 0
15 B 14ms
8ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367774270429261&ev=Microdata&dl=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&rl=https%3A%2F%2Fwww.ewg.org%2F&if=true&ts=1671046339579&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Support%20EWG%20with%20a%20Year-End%20Gift!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1671046337919.741312750&it=1671046338885&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.ewg.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Dec 2022 19:32:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK application.ca8d1b8fa577638f88ac.modern.js Show response
js.verygoodvault.com/vgs-collect/2.14.0/lib/ Frame F2E3 326 KB
106 KB 12ms
11ms Script
application/javascript 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15f75ea000cea233fe12754cffe6bb7643cdef35af66c7da08ae93ac74e08482

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: sVrEgyQ8GQan.AjpxIaVceYuM1BXokjx
Content-Encoding: gzip
Via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 19:32:19 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 46
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2022 01:07:54 GMT
Server: AmazonS3
ETag: W/"8fc37cf0f7978064257597fe8b81fbed"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: Gzpj8J34i68D4FRuGPk44DsF6n1gnHYpeNUK8-4lDazcX4Nsft1R4A==

GET
H/1.1 200
OK application.ca8d1b8fa577638f88ac.modern.js Show response
js.verygoodvault.com/vgs-collect/2.14.0/lib/ Frame 165F 326 KB
106 KB 9ms
8ms Script
application/javascript 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15f75ea000cea233fe12754cffe6bb7643cdef35af66c7da08ae93ac74e08482

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: sVrEgyQ8GQan.AjpxIaVceYuM1BXokjx
Content-Encoding: gzip
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 19:32:19 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 46
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2022 01:07:54 GMT
Server: AmazonS3
ETag: W/"8fc37cf0f7978064257597fe8b81fbed"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: Iv0Edo3qDTkcq3mDANpUL0eDTmxVTXAiqA5lpZgN4GzXkfnf-j7Rvg==

GET
H/1.1 200
OK application.ca8d1b8fa577638f88ac.modern.js Show response
js.verygoodvault.com/vgs-collect/2.14.0/lib/ Frame 448A 326 KB
106 KB 8ms
7ms Script
application/javascript 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15f75ea000cea233fe12754cffe6bb7643cdef35af66c7da08ae93ac74e08482

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: sVrEgyQ8GQan.AjpxIaVceYuM1BXokjx
Content-Encoding: gzip
Via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 19:32:19 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 46
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2022 01:07:54 GMT
Server: AmazonS3
ETag: W/"8fc37cf0f7978064257597fe8b81fbed"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: ZkP15mynL52XJyc7bZQ7ja9upJoDM02wze3Vrd-bN_jzL5PrS3SexQ==

POST
H2 200 vgs Show response
vgs-collect-keeper.apps.verygood.systems/ Frame 448A 0
157 B 346ms
112ms XHR
text/plain 54.88.161.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vgs-collect-keeper.apps.verygood.systems/vgs

Requested by

Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.161.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-161-92.compute-1.amazonaws.com

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.verygoodvault.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.verygoodvault.com
date: Wed, 14 Dec 2022 19:32:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express
content-length: 0
vary: Origin

GET
DATA 200
OK truncated
/ Frame 165F 557 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cf4641497720eff15f2b923bdae3ffafe95044234ab5bf0028cb1f1e9e04186

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK visa.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
1 KB 8ms
7ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/visa.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: H.lNoG4vwL1ej33_03.Q4hw1WNRfkp4C
Content-Encoding: gzip
Via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 03:47:14 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 56753
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"bf0e3c7ebdd4f91c9ef36fefa89822e9"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: Wq_cAc2XRf1kIUXPFyuAaTt2uHxlonGMdxsDpsjgOrx1OXVoAyvM9Q==

GET
H/1.1 200
OK visa-electron.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
2 KB 9ms
7ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/visa-electron.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: MgNF_FMVP1IvFHrPIq8AALFoZu_j7TtV
Content-Encoding: gzip
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 06:04:02 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 48498
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"c962f159de73e843c20331630bc3cd07"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: q_Tty9fQ5VT4z5SrRCjyjY8b6cJLGTy6J6vHiDFLBRobTFo5qGoCww==

GET
H/1.1 200
OK amex.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
1 KB 12ms
10ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/amex.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: ItVZhXC517ZMCtDQ0ErslqkZpDw4TP_K
Content-Encoding: gzip
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 03:25:28 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 58055
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"d76aac2504772a3c74494f11fd18d87f"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: xDuq7qgD9vOEboV_sJLx4SZiimI_L7lB0gvlTHsTZn4xNymkiZKxmQ==

GET
H/1.1 200
OK maestro.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
4 KB 15ms
7ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/maestro.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 1_p31LpzRSjwSiLiTYV71TUVe9IpUn9e
Content-Encoding: gzip
Via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 04:27:21 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 54299
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"3625c25fe4e71c0daa524694d3b3d2e2"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: iErVIxv_VGOzuwZOXTWVak3dP5Mux-3EwIgBRRUj-5qOj6IbaCv8NQ==

GET
H/1.1 200
OK mastercard.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
1 KB 16ms
7ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/mastercard.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: PU9xtdz3b.d2kDLc5M1BB7mi5YpUwVDj
Content-Encoding: gzip
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 05:25:43 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 50797
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"8baef8cd0813bb42fe4bd99adf195035"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: LDvj3Ays1v5S7KXLXKLAWMPiKervzbaN3Kiy6rtVD1wZOULmEzwTIw==

GET
H/1.1 200
OK unionpay.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
5 KB 19ms
7ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/unionpay.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: G6Y4bx8_pMrmOjFIicD1hgmIdROiurIv
Content-Encoding: gzip
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 04:37:38 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 53888
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"01249c1708efa3c5c18a35778f20207b"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: 5e7UdC26hBtJBPnidF6DkzcTCls7zlfIBtEnBOR25BIGEjAKPT2yoQ==

GET
H/1.1 200
OK meeza.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
7 KB 14ms
7ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/meeza.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: fIKvFE1HubfUWhiWGE6EdQYTnLAnJ9MH
Content-Encoding: gzip
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 01:02:58 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 66562
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"07e73ffeb1e07b87f158e34e9900bd96"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: ox6PsDIRbJ5g2nAkXZl4BPtkE05-zFTsq1EhSIMY6XjxRNLXcUL3Qw==

GET
H/1.1 200
OK jcb.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
2 KB 13ms
7ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/jcb.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: QmKwMQRUu5GGnar6U1.XDYKwXr9GTt4E
Content-Encoding: gzip
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 04:54:39 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 52690
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"afc9c9bd9dd25718d84aa1b295e3cd4f"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: w9PEub7nvYYuFm9SytDvKvpKSEZd_diioh4D25zvn33e1dW4-LKizg==

GET
H/1.1 200
OK hipercard.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
3 KB 11ms
7ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/hipercard.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: wESZZuki93YD2Y88rRKC5LDYBxi8XywO
Content-Encoding: gzip
Via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 04:54:40 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 52860
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"39424aebb87e84c688d70ebf51e5cec6"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: MegOt5Udlto6xWwhCYb-jPwbq1LfsFSp02DT-c8LXYE-Kv4TsYezkw==

GET
H/1.1 200
OK forbrugsforeningen.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
2 KB 8ms
8ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/forbrugsforeningen.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: iffR3o1DDLBtfD6DUK07BGzKAQQ9SkB1
Content-Encoding: gzip
Via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 07:27:03 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 43600
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"0e30901c80583be81a54ad19e75340a7"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: W6Huyx2zrM_PV0gCqbJVGz7f2lNOMzo7pt0jAzo9e9ah8nB73XmuQA==

GET
H/1.1 200
OK elo.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
2 KB 7ms
7ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/elo.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: SZ2jJtdJs0WLGiaIwIjXub4ID5pKkMH_
Content-Encoding: gzip
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 05:05:04 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 52267
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"2819c6f92cfc42b73058a840aba885a7"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: nD2GeFr6NS_XGn7kFMBuj76QcvVTlsGpWe-u3ou6r0FdfRbEUuiqYQ==

GET
H/1.1 200
OK discover.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
2 KB 7ms
7ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/discover.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 47gYKG16RG7X_h0fKEEIboeS2mmCMeYz
Content-Encoding: gzip
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 05:48:34 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 49530
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"5bd5bab591da0ad8f328376e0f9ebe29"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: NnK5cPsPeCgYYS3GO--Qth4QqoPJ6BF5dfLqdnMhNRHxjZ0F_II_sA==

GET
H/1.1 200
OK diners-club.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
1 KB 8ms
8ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/diners-club.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: GmZUrCmUOwT9x.EL1h3aTKcLFhZAn.Ls
Content-Encoding: gzip
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 01:17:50 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 65727
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"39a2c40eee9103f96fab5bc8d3dbbeb8"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: YHxax-ZnMlfON8K7vXwSgQ83qeipGKEdgxhwHcUH1ljUXojQDv85oQ==

GET
H/1.1 200
OK dankort.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 165F 0
1 KB 9ms
8ms Other
image/svg+xml 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/dankort.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: L7PgpoDJdtbcwmCNdHkqIlTpNlkZVtdK
Content-Encoding: gzip
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Date: Wed, 14 Dec 2022 03:39:36 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 57275
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"5a58f174478046c4d7105db80bb660f0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: XW0A1xrFDgIqaXPdfSd_Do233MLOXjpFutgAnUP0M4PkG_mwX0hPZg==

POST
H/1.1 200
OK graphql Show response
payments.braintree-api.com/ Frame E6A9 1 KB
1 KB 54ms
54ms XHR
application/json 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

2ea147e3b7ea6b5325f0d9f41efd59063e83f545f115d749f14da93e421a24b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://act.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NzExMzI3MzksImp0aSI6ImI2MzY3YWVhLWFhZDUtNDRhNS05ZWQ5LTZiYWU2YTg5ZDFlZiIsInN1YiI6IjV2MzYydm43MjNoMnA3NnciLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6IjV2MzYydm43MjNoMnA3NnciLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.5kazB_aJYYzbeGQsc6AtxOcXPjo7MXJ-d1JLCYjD26sKxYBv90ZsxyGaVvzLOVzZFn4ItYS0acs27NU2c79aQQ
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:20 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
Content-Type: application/json
access-control-allow-origin: https://act.ewg.org
paypal-debug-id: f234efdb87c14
Cache-Control: no-cache, no-store
X-Frame-Options: DENY
Content-Length: 676

OPTIONS
H/1.1 200
OK graphql
payments.braintree-api.com/ Frame 0
0 90ms
13ms Preflight 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://act.ewg.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://act.ewg.org
access-control-max-age: 1800
date: Wed, 14 Dec 2022 19:32:20 GMT
paypal-debug-id: f0142e6cb8a04
server: nginx
transfer-encoding: chunked

OPTIONS
H/1.1 200
OK 5v362vn723h2p76w
client-analytics.braintreegateway.com/ Frame 0
0 69ms
8ms Preflight 18.194.76.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5v362vn723h2p76w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.76.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-76-248.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://act.ewg.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://act.ewg.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 14 Dec 2022 19:32:20 GMT
Server: nginx

OPTIONS
H/1.1 200
OK 5v362vn723h2p76w
client-analytics.braintreegateway.com/ Frame 0
0 69ms
8ms Preflight 18.194.76.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5v362vn723h2p76w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.76.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-76-248.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://act.ewg.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://act.ewg.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 14 Dec 2022 19:32:20 GMT
Server: nginx

POST
H/1.1 200
OK 5v362vn723h2p76w Show response
client-analytics.braintreegateway.com/ Frame E6A9 0
276 B 12ms
10ms XHR
text/plain 18.194.76.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5v362vn723h2p76w
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.76.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-76-248.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://act.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 14 Dec 2022 19:32:20 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://act.ewg.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK 5v362vn723h2p76w Show response
client-analytics.braintreegateway.com/ Frame E6A9 0
276 B 9ms
9ms XHR
text/plain 18.194.76.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5v362vn723h2p76w
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.76.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-76-248.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://act.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 14 Dec 2022 19:32:20 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://act.ewg.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dispatch-frame.min.html Show response
checkout.paypal.com/web/3.44.2/html/ Frame AD10 8 KB
3 KB 67ms
7ms Document
text/html 52.222.214.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paypal.com/web/3.44.2/html/dispatch-frame.min.html

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-77.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

dedad191cb087f16bc09a89edac8df890dc2a66cec61a3d84f721bedf51df21c

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

Referer: https://act.ewg.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45257
cache-control: max-age=86400
content-encoding: gzip
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Wed, 14 Dec 2022 06:58:03 GMT
etag: W/"63911c29-1e9d"
expires: Thu, 15 Dec 2022 06:58:03 GMT
last-modified: Wed, 07 Dec 2022 23:05:13 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
x-amz-cf-id: hkUoDL0SOgcES9zFM06ST6PZ4eAOITMICqFJlSjQ3Qx9eMc7ufpuDA==
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront

OPTIONS
H/1.1 200
OK 5v362vn723h2p76w
client-analytics.braintreegateway.com/ Frame 0
0 67ms
9ms Preflight 18.194.76.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5v362vn723h2p76w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.76.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-76-248.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://act.ewg.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://act.ewg.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 14 Dec 2022 19:32:20 GMT
Server: nginx

POST
H/1.1 200
OK 5v362vn723h2p76w Show response
client-analytics.braintreegateway.com/ Frame E6A9 0
276 B 11ms
10ms XHR
text/plain 18.194.76.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5v362vn723h2p76w
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.76.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-76-248.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://act.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 14 Dec 2022 19:32:20 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://act.ewg.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK 5v362vn723h2p76w Show response
client-analytics.braintreegateway.com/ Frame E6A9 0
276 B 10ms
9ms XHR
text/plain 18.194.76.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5v362vn723h2p76w
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.76.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-76-248.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://act.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 14 Dec 2022 19:32:20 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://act.ewg.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK 5v362vn723h2p76w
client-analytics.braintreegateway.com/ Frame 0
0 8ms
7ms Preflight 18.194.76.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5v362vn723h2p76w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.76.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-76-248.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://act.ewg.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://act.ewg.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 14 Dec 2022 19:32:20 GMT
Server: nginx

POST
H2 200 vgs Show response
vgs-collect-keeper.apps.verygood.systems/ Frame 448A 0
156 B 110ms
109ms XHR
text/plain 54.88.161.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vgs-collect-keeper.apps.verygood.systems/vgs

Requested by

Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.161.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-161-92.compute-1.amazonaws.com

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.verygoodvault.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.verygoodvault.com
date: Wed, 14 Dec 2022 19:32:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express
content-length: 0
vary: Origin

POST
H3 204 collect
region1.google-analytics.com/g/ Frame E6A9 0
17 B 98ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CS21GC49KT&gtm=2oebu0&_p=749287967&cid=990904173.1671046336&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1671046337&sct=1&seg=1&dl=https%3A%2F%2Fact.ewg.org%2Fa%2F2022-deadline%3Fsourceid%3D1021356&dr=https%3A%2F%2Fwww.ewg.org%2F&dt=Support%20EWG%20with%20a%20Year-End%20Gift!&_s=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CS21GC49KT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://act.ewg.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 19:32:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://act.ewg.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ewg.org/	1970-01-20 08:12:12	Name: _gid Value: GA1.2.1123595738.1671046336
.ewg.org/	1970-01-20 08:10:46	Name: _gat Value: 1
.ewg.org/	1970-01-20 08:10:46	Name: _gat_OldTracker Value: 1
.ewg.org/	1970-01-20 17:46:46	Name: fundraiseup_cid Value: 16710463363644613971
.secure.everyaction.com/	1970-01-20 08:10:49	Name: TiPMix Value: 15.725013705227886
.secure.everyaction.com/	1970-01-20 08:10:49	Name: x-ms-routing-name Value: self
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_823975 Value: jnW0Cyy962HKDTeLxwoUeQAAAACbXVEP4K13POoe2jTXxIJS
.ewg.org/	1969-12-31 23:59:59	Name: testcookie Value: Y
.profile.ngpvan.com/	1970-01-20 08:10:49	Name: TiPMix Value: 34.524597469968775
.profile.ngpvan.com/	1970-01-20 08:10:49	Name: x-ms-routing-name Value: self
profile.ngpvan.com/	1970-01-20 17:46:46	Name: ngpvanuser Value: RC9b_3ph7l3fj6Pqzd1GDMwp
.ewg.org/	1969-12-31 23:59:59	Name: fundraiseup_session Value: {%22t%22:%22.ewg.org%22%2C%22u%22:%22NBcijoYfPwSSRiRO%22%2C%22ua%22:%221671046336861%22%2C%22s%22:%221671046336861%22%2C%22sp%22:1%2C%22p%22:%22wDkgzamOSlCnJWoi%22%2C%22pa%22:%221671046336861%22}
www.ewg.org/	1970-01-20 17:41:00	Name: __atuvc Value: 1%7C50
www.ewg.org/	1970-01-20 08:10:48	Name: __atuvs Value: 639a24c00a4d0374000
.ewg.org/	1970-01-20 08:12:12	Name: ewg_splash_yea_2022_tro Value: Y
.addthis.com/	1970-01-20 17:41:00	Name: uvc Value: 1%7C50
.addthis.com/	1970-01-20 17:41:00	Name: loc Value: MDAwMDBFVURFQlkyMjkzMTkwMTAwNTAwMDBDSA==
.everyaction.com/	1970-01-20 17:46:46	Name: ProfileDatabagId Value: RC9b_3ph7l3fj6Pqzd1GDMwp
.ewg.org/	1970-01-20 08:10:46	Name: _dc_gtm_UA-296149-25 Value: 1
.ewg.org/	1970-01-20 10:20:22	Name: _gcl_au Value: 1.1.485289946.1671046337
.bing.com/	1970-01-20 17:32:22	Name: MUID Value: 01479E01B4106EE900E98C7BB57B6F43
.secure.ngpvan.com/	1970-01-20 08:10:49	Name: TiPMix Value: 88.5432481767425
.secure.ngpvan.com/	1970-01-20 08:10:49	Name: x-ms-routing-name Value: self
.ngpvan.com/	1970-01-20 17:46:46	Name: ProfileDatabagId Value: RC9b_3ph7l3fj6Pqzd1GDMwp
.ewg.org/	1970-01-20 16:55:05	Name: visid_incap_1852917 Value: cWhrinyuQ1a7G5WPY5trKsAkmmMAAAAAQUIPAAAAAACH5oHSR2qGZD7ZotUsttlg
.ewg.org/	1969-12-31 23:59:59	Name: incap_ses_245_1852917 Value: bigcJykkSVa85vop9WpmA8AkmmMAAAAAqQazhTcjKG7tonHQbqKXfw==
.act.ewg.org/	1970-01-20 08:10:49	Name: TiPMix Value: 37.799252806752925
.act.ewg.org/	1970-01-20 08:10:49	Name: x-ms-routing-name Value: self
act.ewg.org/	1970-01-20 08:11:00	Name: SessionKeyCookie Value:
.ewg.org/	1969-12-31 23:59:59	Name: nlbi_1852917 Value: XFvodW4T+iR96Whl5dmbJwAAAABpw2B5jOzLFeV+vTWY9qUK
www.ewg.org/	1970-01-20 08:13:39	Name: poptin_old_user Value: true
www.ewg.org/	1970-01-20 16:56:22	Name: poptin_user_id Value: 0.1xrusu84dtm
.ewg.org/	1970-01-20 08:10:48	Name: __cf_bm Value: tuzxw.CmNB0lStNfpdgRYs3CbRPsWULhVX6VI8NsR9s-1671046337-0-AUnZ9SUclAIqncsk6tMux9pCWcePO+g+uq+zIQc7k2ejQWVUhkSIKLAs1u4vsKkVW38/GYZVccydXiBAzPi1e2Q+34ZCvC71QT2j4+UhSXlz6AV1x9LDvUIpY8iD3Kg05/p9/9a0qS3LFjhVfEsse4Q=
tags.srv.stackadapt.com/	1970-01-20 16:56:22	Name: sa-user-id Value: s%3A0-bd4fd43c-6cf1-49d1-4fb0-a9c1a67d8745.rmm1l7WylrJJdPjx%2FTgHYX1jn24FkES1hWuGIP7%2BJ%2BU
www.ewg.org/	1970-01-20 16:56:22	Name: sa-user-id Value: s%253A0-bd4fd43c-6cf1-49d1-4fb0-a9c1a67d8745.rmm1l7WylrJJdPjx%252FTgHYX1jn24FkES1hWuGIP7%252BJ%252BU
www.ewg.org/	1970-01-20 16:56:22	Name: sa-user-id-v2 Value: s%253AvU_UPGzxSdFPsKnBpn2HRbnVm6g.VV%252BJOYmf79tvAS8aFLnhaqdVKWvRwMyzVREPhL1W%252B2s
.ewg.org/	1970-01-20 10:20:22	Name: _fbp Value: fb.1.1671046337919.741312750
.doubleclick.net/	1970-01-20 17:32:22	Name: IDE Value: AHWqTUmUsBMNfhlyAqG6W_F8bRTRySCCgaXjCPfO2-Q1xoZJgbF_VEy35mzsWmAF
srv.stackadapt.com/	1970-01-20 16:56:22	Name: sa-user-id Value: s%3A0-b7223542-b34d-46b8-7d5a-f494b6a77d51.sNxEWBaHtS8X6%2BQdAicw4RGT3ApqGsZuQBhX4axyj9U
.srv.stackadapt.com/	1970-01-20 16:56:22	Name: sa-user-id-v2 Value: s%3AtyI1QrNNRrh9WvSUtqd9UbnVm6g.j5nATcBKtZMUIIHQGl6BX%2BtOXsMDnyL%2Bn90UJrBcFNk
www.ewg.org/	1970-01-20 16:56:22	Name: poptin_user_ip Value: 2a03:1b20:6:f011::8e
www.ewg.org/	1970-01-20 16:56:22	Name: poptin_user_country_code Value: false
www.ewg.org/	1970-01-20 08:53:58	Name: poptin_session_account_022c669222fa0 Value: true
www.ewg.org/	1970-01-20 08:53:58	Name: poptin_session_account_30866bc303d76 Value: true
www.ewg.org/	1970-01-20 08:10:48	Name: poptin_o_v_57086350dc63f Value: a942a2309ac16
www.ewg.org/	1970-01-20 08:10:48	Name: poptin_o_v_67f5ecd30735e Value: 231b93ecc462a
www.ewg.org/	1970-01-20 08:53:58	Name: poptin_session_account_55c22f12bdb6f Value: true
www.ewg.org/	1970-01-20 08:10:48	Name: poptin_o_v_bf32f525a3d67 Value: 2c793a3622054
www.ewg.org/	1970-01-20 08:53:58	Name: poptin_session_account_9621f0312c969 Value: true
www.ewg.org/	1970-01-20 08:10:48	Name: poptin_o_v_3030449e6ae03 Value: 2246a9a03c52a
www.ewg.org/	1970-01-20 08:53:58	Name: poptin_session_account_9b61648a66fde Value: true
www.ewg.org/	1970-01-20 08:10:48	Name: poptin_o_v_f13163b063c83 Value: 422c9f27fa36a
www.ewg.org/	1970-01-20 08:10:48	Name: poptin_o_v_07386fbfb4580 Value: 563a394239c12
www.ewg.org/	1970-01-20 08:53:58	Name: poptin_session_account_e96f25e1679a4 Value: true
www.ewg.org/	1970-01-20 08:10:48	Name: poptin_o_v_7850a69af2b2e Value: a3c249230386c
www.ewg.org/	1970-01-20 08:53:58	Name: poptin_session_account_f1299265f6a20 Value: true
www.ewg.org/	1970-01-20 08:10:48	Name: poptin_o_v_6fe82e00a481a Value: 6239d6484ca32
www.ewg.org/	1970-01-20 08:10:48	Name: poptin_o_v_cfa2893692e22 Value: a329165c23b44
www.ewg.org/	1970-01-20 08:10:48	Name: poptin_session Value: true
www.ewg.org/	1970-01-20 08:53:58	Name: poptin_c_visitor Value: true
act.ewg.org/	1970-01-20 16:56:22	Name: ai_user Value: EbUF7eFm2f0l8Rr41mZA58\|2022-12-14T19:32:18.575Z
act.ewg.org/	1970-01-20 08:13:39	Name: poptin_old_user Value: true
act.ewg.org/	1970-01-20 16:56:22	Name: poptin_user_id Value: 0.c2clltn83sa
.ewg.org/	1970-01-20 17:46:46	Name: _ga_CS21GC49KT Value: GS1.1.1671046337.1.1.1671046338.0.0.0
.ewg.org/	1970-01-20 08:12:12	Name: _uetsid Value: 04f9b4007be611edb51de775268080b1
.ewg.org/	1970-01-20 17:32:22	Name: _uetvid Value: 04f9d6707be611ed80fd0d455db360ea
act.ewg.org/	1970-01-20 16:56:22	Name: sa-user-id Value: s%253A0-bd4fd43c-6cf1-49d1-4fb0-a9c1a67d8745.rmm1l7WylrJJdPjx%252FTgHYX1jn24FkES1hWuGIP7%252BJ%252BU
act.ewg.org/	1970-01-20 16:56:22	Name: sa-user-id-v2 Value: s%253AtyI1QrNNRrh9WvSUtqd9UbnVm6g.j5nATcBKtZMUIIHQGl6BX%252BtOXsMDnyL%252Bn90UJrBcFNk
.ewg.org/	1970-01-20 17:46:46	Name: _ga Value: GA1.2.990904173.1671046336
act.ewg.org/	1970-01-20 08:10:46	Name: poptin_referrer Value: https://www.ewg.org/
act.ewg.org/	1970-01-20 08:10:46	Name: poptin_previous_url Value: https://www.ewg.org/
act.ewg.org/	1970-01-20 08:10:48	Name: ai_session Value: yltxZhYplxQDkymv8I9rPV\|1671046339046\|1671046339046
act.ewg.org/	1970-01-20 16:56:22	Name: poptin_user_ip Value: 2a03:1b20:6:f011::8e
act.ewg.org/	1970-01-20 16:56:22	Name: poptin_user_country_code Value: false
act.ewg.org/	1970-01-20 08:53:58	Name: poptin_session_account_022c669222fa0 Value: true
act.ewg.org/	1970-01-20 08:10:48	Name: poptin_session Value: true
act.ewg.org/	1970-01-20 08:53:58	Name: poptin_c_visitor Value: true
.act.ewg.org/	1970-01-20 17:46:46	Name: ProfileDatabagId Value: RC9b_3ph7l3fj6Pqzd1GDMwp
.actions.everyaction.com/	1970-01-20 08:10:49	Name: TiPMix Value: 10.381595638380968
.actions.everyaction.com/	1970-01-20 08:10:49	Name: x-ms-routing-name Value: self

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
javascript	warning	URL: https://www.lightboxcdn.com/vendor/a3241e66-5c6a-4d48-8161-225ef2c02084/user.js?cb=637986762665900297(Line 330) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.ewg.org
actions.everyaction.com
ajax.googleapis.com
api-public.addthis.com
az416426.vo.msecnd.net
bat.bing.com
cdn.fundraiseup.com
cdn.popt.in
cdnjs.cloudflare.com
checkout.paypal.com
client-analytics.braintreegateway.com
connect.facebook.net
d1aqhv4sn5kxtx.cloudfront.net
d3lopmpcew67el.cloudfront.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
display.popt.in
fastaction.ngpvan.com
fndrsp.net
fonts.googleapis.com
googleads.g.doubleclick.net
js.verygoodvault.com
lightboxapi.azurewebsites.net
m.addthis.com
nvlupin.blob.core.windows.net
p.typekit.net
payments.braintree-api.com
platform.twitter.com
profile.ngpvan.com
region1.google-analytics.com
s7.addthis.com
secure.everyaction.com
secure.ngpvan.com
sentry.fundraiseup.com
srv.stackadapt.com
static.cloudflareinsights.com
static.everyaction.com
static.ewg.org
static.fundraiseup.com
stats.g.doubleclick.net
syndication.twitter.com
tags.srv.stackadapt.com
use.typekit.net
v1.addthisedge.com
vgs-collect-keeper.apps.verygood.systems
widgets.pinterest.com
www.ewg.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.lightboxcdn.com
z.moatads.com
s7.addthis.com
104.22.0.244
104.244.42.200
104.26.8.138
104.84.56.126
108.138.24.138
13.69.106.215
142.250.185.194
147.135.78.45
151.101.192.84
172.67.15.63
18.194.76.248
18.214.117.136
18.66.147.109
2.18.235.40
20.40.202.0
20.60.58.97
2001:4860:4802:32::36
2600:9000:20eb:e000:12:303c:8700:21
2600:9000:2251:2000:b:8c20:bf40:21
2600:9000:2490:5400:3:1d53:4780:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:174b
2606:4700:10::ac43:6f2
2606:4700::6810:3965
2606:4700::6811:190e
2606:4700::6813:d483
2606:4700:e4::ac40:ac16
2606:4700:e4::ac40:ad16
2620:1ec:c11::200
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
2a00:1450:400c:c1b::9d
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:14a0
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.216.203.91
45.60.33.183
52.222.214.77
54.88.161.92
76.223.13.31
016ff2f1d685a7ebfed54b6103415cfbef8b08e765e3d45a9a406ff13c07fac5
0216c8dc29523e3ff49d1831d3ca3631eb225f80924b590c890c3b24228c7aba
02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
050c9f6306ca79b4b7ea83d820e5e9f836d212c1aba3cc0682184289ba9b12b4
05e8056e4e591fb90a8094434a42c37c201c7367be9613d289508a00c72fdba1
06e9645c9b35870a0d1f97d55e26a3dc525dfa5925c0508bcaa798e4fbfc7ad3
06f708dc1fc5dd3d4df2982eecb6844693afd7ba44d7b46f441754a6d6560456
09034e7ee35cadb33b2fc5ae388cc95270389f0f71231068275e1e64b75d7809
095a3f5e1632d61f35e9cc72aa73f3838d324ef770938716b4d3cbcf85ee7b69
09c09240791dd7620b5353be9461a38903e62d4f3a9c877480eb286f312ac87b
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
107fa82c97e618d8eb31f798e0f15d4fcafe110485ae2b8e3583c49ef8800c1c
1084fb5d7a6a2737fe701ec8e4f3094c8765e88e9bf56c2665903cc12823aefb
117a19c76e08bdb4f23e5ddc93d03109cf930ee2cd29914f0849fa573ef6158f
11ce496817ef0b6c9ad557c52bff1e1dfd33a806faa51cc9ed7b942880b05382
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13bf043ada562e2138983eae7bd4018696cfc95d780169875cc406dd5361dc54
15f5886fe26d9ea0603f8f01cab1312f8936d6c00bb1095423ac674f7aff8862
15f75ea000cea233fe12754cffe6bb7643cdef35af66c7da08ae93ac74e08482
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
160f8cc050512a40c6445bc42fac73fe2a1488abda38473c7e6360100268f1e3
16635f93b1c775b905d12365a7af7806af8acaa34c179c0d4b37a18472b33889
1a27a11b71db3fe967ca53133e088d5fb232975a7063cc263223179005a21e7f
1b6d557ed86d8d0be4a0c7620f7319ce7a8aafd7fb85b871e2872a117823fd88
1b82242ef266747ba64b6c6ee448a6c75524cee59a3279bac34153772ba39556
1b97f90a978e28155f5c4d2bad2542c04afdfbae0395f6ac4e96b1eccde2f529
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cfea808001e9fc00745d88eae7c9377b8c21afa036302a595745ff43d3a57c5
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
2199da76dea7196cec870d463ffcc908c8b9ccb8145900d6ae4eb15461316f08
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26c3a45b7d8c8246c99eead0639edbc8459a9011b295864bdfc9144bcf41518f
28ab4238f1a212bf54de130cc1e4ed0ec4139a4891f0af25e7de7afe82d2d22d
2a019d0278056f7fe4ffd5895fb85ef8c7c20bc729ddb0bbd375cee12ba70d41
2bc157c8a9fc79d846ce1405915407a6b2706c82c625135d8d0f4ec05825c482
2c4f7994b46baacaf83f6c7d39d04ace2b4d97dc445d5b066308ea44924134c3
2d11f1d895cfbf37ccd8e8c205990ab535a6cfb19bea5b53d1616441b0af42fc
2d858c78a87544a1db5828168f44b0bc7838301d2a51ddac357b421fed0583a7
2ea147e3b7ea6b5325f0d9f41efd59063e83f545f115d749f14da93e421a24b3
2fa882103d3e80d371f66e41026bd64380469a5cde972b8407a32667a122b256
30dcd2399d4de081191844bafdbc2586eb172bde6f540c058f39bb26193a0407
31bce978d653ff68258bcb3967276dcd50828d7d210cfb690ce2ade7bdeb599f
34f3b5e0251855d41006378c74794cb5c609e685a49e709a43d5cda4cff94158
35d05550e6b74af381716ccae2c9d1a5e6eb8ae78eb80c43a4f1d55ecc4d2250
373de2da218ab34f7b9bb721118757918432f550fb1d0cec867dbbab8d9cb659
38bc24347c768aaef7bc63487a80f068bf2b1281372104ec3b334d5cad554ed0
3beec46f9408114d0fc684752200e2780f293cda680963dbedb59d55ae9e941c
3d7fe1a21da42528a113212d1c5d32545e771f483464c521e9fec26578040225
3d8c7388d3a2e4bb4ceaee678cc4d01a85183c3cca9605a5546de5e7248e4fb0
3e72879585a21444d9a5097a8c85544ee2e7a641ccc0b2605597947d59abb937
4009aa52ea00d47fd2f396a8b60737e6262c32d1606ad9bdddd58ab7f6268497
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46954197136ba6c46bc950e1bdc5f339be1718a510cb5b9508cb3a965d2a5d4f
4a8fef83a8c2600cbd7d6f27ad7fd5b9a16e5a754bee831bd4c8fab6fddb0a76
4bf3e45465efe33f9f458b4347852c4fb7862b814448fcc777b260c2f23fffdc
517d0e410b6f9bd554ae75aac888166d393ffa09f6d5a796202ef940ce891a2e
51c3b11b80685f43fbdb3e41ddde9ee45e15ed80b01ebb6e57678a79c2445e24
51ceef1666747601f63ea51bf4fd7d806b7c161f54c3e62d1771f5d3e890000a
533748efc94ce8ff8e16f5a5aa29cc37a8d9858f38f02bb5b1e34c9fb05bb5f6
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58763733061901ff2cbe41aa5cb11db40f79570634ef694859d0ea3ec551bc70
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5d79290c430e328b4f205a56531d27ed1d506d5317447e51f72b712bb4f7a9c2
5ed2087f5ffca4fe2458fcdc22fc43441cae68c3a449c1d8e5dd1743d7e6b904
5f793d0ef8e7b2b0a2f5271e63c4be9cfaefcf746af1b849d353bf75e420d20d
6015cbb9de7896e09d2cda9f800a8090c9f8eac9f7cdf0dfa23d13490d7f1130
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6a30178a7b8b29e1756fc62ab676fe5702f287c9e869a386d9a8b8450aacd8b2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dac07583f8d9da0578856ee466052ca232c7c3b89dd0a05fd6c150dd3202ab2
70ece97d44f9b18f4f3ddbb8e9521b3d53b885abb0de8d4cd9658e6d1a913cbb
724c5fa02e478c9fcd25bebd142b626a00c7a89a4325ff1de4e9d52b405d9c6c
726300a61f2238d41c7e6264f65c8b2c737ac5f831891e0ce738f6eb95f4dcab
77e04b8d390412a549fc0a09b4ca07115813c56d8416068256f800a11d6ac7df
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79cd8a92846594b8d292a0910932bc2fe5fc082f793d98646d3a2d49da3e1cd2
7acd994005f04a39f775d8d21a566ab63a04cc7c3bfe0f25f0ca50c069cac6b7
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bf95aaf7602849649f373a52425283baee3dd5f2106b7c8475e5f5b8a9e9467
7cf4641497720eff15f2b923bdae3ffafe95044234ab5bf0028cb1f1e9e04186
80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7
8034a501dab0e4db0e10f7d1f0b3a060683398d112a80128384214776cd5381b
80e7912c0d627299cce6b7b9fce5fd100b7f2321ac5790c054a204d289708ab8
829ff02b7de16de225a6726eab4638e9f9be5d924cadd362ea2c2b8ee1f5ab1e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8438e5b72880045c0274f043315f1a8522074266a74693426f0beccbb6162c05
84846bf289825fdf7d361c016f24e927b8ed9d073150a71ec0be8abf746aa3c0
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d
85e6a7f79fcbc4a01cdd80ae8effe5815c2268d416f22ccf86160fea20c589f9
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88ae3474a9f46e3a4778e41bfaafa9f3074cd203d3e1936f08708aa594ed5f20
8946b615678bc7a69368a15f2cce5e5cad4aaf76f879c1772f88c082b15540e7
8b6e1621b8ede01def3b5b74dca23d7971e6916d306464ddf550fd3d2f28eb2b
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c1990d3adef59d603fcd698048ce388899d32630dd702ca04cb906d906ad4ef
8c954919f90065472cd14f0c455e09666de359675034a81be08c88951c807d58
8e59394b69d811162c6b954e787c0951ea2fea8221230ff7fd61ec7033436577
8e88f1e7d41ab459b48fcdb708225eeab6990e1a0675ca1a2602f740ddef030c
8f0d6c120a0d957d58f20100e2a72c5b3e87134d8758033c1c700e61dab4671f
8fd82bb80083d24034bfa306e18fffd38ec6b77638246a2e4adf10700e46c691
9123d68ea269ac53df7145f808e858e89e44afc103c27b7d1881e1a68f113821
92e4a2d388603732b5cb8115bfcba55b9e807a311a94abbc339410a84f548e22
9600457bb5f0f50e35583e36adfba65fbcd485a1e26f8e388636afd9d153cb81
97e2618e32ad4b988a384ed6633ce8d2311f57cdccb80f82754962ca3e6156f0
9877072b1f6c1e6ee445ad267bc3355c513c601a7f593ce1d84320bb57fa67fc
9c45d3c4105a6884890d0872d9659d764509791de4db496df484d637361366f6
9c7c18b4cedbac846bc71fd9ecf8f4a8370774346b8aa3a08d6ef7c07ee556cb
a0038a6e25db3ee0970fc09cffb0fb2b0b81a8f989dcb6b60daaec096c3cf942
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2a7c75e6f910b1a1635e6a0b5f6c364fd9462a3e8628f268c7d7324748c3535
a46d4ed9c5a0662bff61ec86ede7f94e53ee7215c3c08f3df2396fa27584df58
a5f9b4c3faedb6d8aefd485f464e53ee5fa579b7a241b97da0049fdb528c6978
a6c477075c272f9a8f221223f6b4bf574db7d4b42bcd3c793dac2a61b7cc4ee7
a6e19b09d353c99aaaa290158facf81662ee365e97abd7b89111b40b997f714f
aa43a4913c10cb7474abc18a89888464a3f5a5968661e603368c5bbe578a9e75
aa5c43073aa598314008ce4cd0905eb40692ea9d9c744a5fd264d6fab508f597
ab165c7f9dbd8f3699d5a9be4fb68c759625b097806676c8b91f4a29193bc3e8
ac3d0d0a02889fb01a78157d525af8ddd39c5ec1fcfeeb1c13c18d7153b3a319
ac4f3a99557d9c17b6ded0c6d4f0b267f4879cde9baec07a83910ab8c7059f77
ac7c62fa06c3d8a5401bfc0e16220b09a79176914ae1c9e4fa773df3e8a1efdf
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae8d6a9d9012b3df20445c80f9b08060021e80ccc896cec18d15a0fb126b4bcf
af061dea2a0b8f937879908649f8148dc17701396e50910f514353fb93aa029e
afb1dcad63433cbf8ac857dc57fb92e7023117152c82ce97d5cfeea17400b0b9
afc9b78632f23e96e486e9f8f5a84fa278161a1b9ba70acf4d07065fc785067f
b05d6ca68263cce4745a51021cbfdfe357db38d4843ffc7ba4add7f7ce431720
b21237dada3d7adde0976343bfafcc127b842bfe855782d84d311d113ab81d38
b34715488cfcf0d595584214705f8c8b1606eaa8b931ff24555848fa05f49963
b3901a4cf9af1987f682d2f1b977d8779d462face823978c1ff88861974faeaf
b3b360dc7d412894d4772b986c10a6cfdf06ad89a522135fadf757aa7434ed02
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5185704fa97295ee3ad381100734810bf3cd41f459d609363a680dc8ff0d0de
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
b62ce1f6ccb34390aec472b0bdea5d5c37c0315456c2769efe013f34e5a74576
b8cc521e0a10be2fb375ec0f63a42da53accd0d4fcbd6c0322210f09713551be
ba7b668b5791d8a95fbedf6f068f6de9da86516bfc29986f78e0c5124ff325f7
be5d87a383269519e007c89b1b43ad7cb1f2121e98bdfbd41c742d938113bcf7
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c9091d0dd99de839fc06f7370019d1cbeb57184b6ff5ffda72820e2f076f1f74
c922012cc3e3f066e9730c70ad9b997ad0d3b1386b4310d38793bfdca8b2e9e3
cbcec245a2e3ebe83489341444f67b7ab2d39b5bb6600749b5ba1fb684f258ab
cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff
cc75f722a84f61be2cea98eeb0a9b088aca851abbd3e5ed5be0f0e7d8b1a43c8
cddd8df6cf340ff7c7fcafe18bb7452eb09cf5fcedde9dc67836215774dbb7e1
cdf8662aaac6a0edfdaccdc363bc65c18e7b69801abd0b1ad9857ddd7de69fca
cf014d466c73ad694226ba46973032387bd08ab941c681424b5433e93ac7070a
d16c55ac681ee1f1211caf1d0de636ded0610c0059a043f28831571201709a58
d32fa260a04d92e7518b819cb3d8914500fb33012210ed5e02b050653e47f37f
d488740082013eac12110633b304a9ebb782c9054ffb792d5c276468817a77c2
d7459dd5ce48ddd21da15f490514af4be07ff85f0b0b6b9e118542d68ff5ec91
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
dd1d8cd2907b540b21dcf7beaccf32b9daa22d264957dd35b40163b60bd68990
de8919a325ec4070e12dcb776690fce8f326fa7e6c71b410b6d5d4ffa83a565a
dedad191cb087f16bc09a89edac8df890dc2a66cec61a3d84f721bedf51df21c
df3d8b5c71dec6e51ceb2fae0b31ed93cd599fdfa8125b938c61cf6fd5e58a5c
e042fc1de6d508bef82a6a8f52d043052fe3ca5ad56ac24a1abb759a0f1afd2c
e04ee7a16028fbf8607461fa3629bb65ecc9037de81ed14133baa65ab02eafc3
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e381bcaa479370c3c04e1bf71ecf1d79336612e17daac581eba328e1c95377ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71f9ed76ea8bdeb9296b037c7de69e84a17d1d8af9d3b8581a15d5aa9df2b40
ea9b9ad0a4833d68850222013198bd9e5f6ae19ba856a071823b51ee6c3262f9
ec55dd21fc09d9d8e9eb4916b6b4fd44ad7c38b504c2013ffe640cc326434950
eca77bb85157c863770eac9d6464691a41ad8076f255bd6edef3e05cfaa0908b
edd69577decf23833d2ea470fb6aec8a6f9213daec5cf9ae57929e7998fd636f
eeeaa1e6161e797aba740b6a51d87b0c7342c84736861da1cc1575019ccc4806
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d9f866938a6bdb57f6957269f895926571ff00ae15243ac7a76508c37ae623
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f58078ff438c748a6b2d9eb0d46d7b5c31e33af5e5c3a8fa0f5618155eda6493
f89fc3829df3a2cf481aac1f7685c7d6031c430a0353a4d7c03e29923c2c1a2c
f966a11b9bdc2022fec4790526c4ae400bc5e7dbd204e2b2dfb3ff71ad54fe3c
f9e47f854e6193e3bc038efc62774571e4439c6719e2fd5f816254cb9cf9a90d
fbda618f28d6145a563271f87e191a7717b1824208c49744b6b08c601242f9e1
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

www.ewg.org Open in urlscan Pro 2606:4700:10::ac43:6f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

267 Requests

99 %HTTPS

56 %IPv6

37 Domains

56 Subdomains

48 IPs

5 Countries

7896 kBTransfer

19007 kBSize

80 Cookies

11 Outgoing links

Page URL History

Redirected requests

267 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ewg.org Open in urlscan Pro
2606:4700:10::ac43:6f2 Public Scan

Screenshot
Live screenshot

Full Image

267
Requests

99 %
HTTPS

56 %
IPv6

37
Domains

56
Subdomains

48
IPs

5
Countries

7896 kB
Transfer

19007 kB
Size

80
Cookies

267 HTTP transactions
10 data transactions