www.causes.com Open in urlscan Pro
2600:9000:20eb:9000:15:cdf7:fe00:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.causes.com/articles/47924-petition-promote-vaping-smokers
Submission: On September 21 via manual (September 21st 2021, 1:10:06 pm UTC) from AT — Scanned from DE

Summary HTTP 70 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 18 domains to perform 70 HTTP transactions. The main IP is 2600:9000:20eb:9000:15:cdf7:fe00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.causes.com.
TLS certificate: Issued by Amazon on June 26th 2021. Valid for: a year.

This is the only time www.causes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2600:9000:20e... 2600:9000:20eb:9000:15:cdf7:fe00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:310... 2606:4700:3108::ac42:2908	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.225.78.84 13.225.78.84	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	13.225.78.102 13.225.78.102	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:1e00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
2	52.36.101.223 52.36.101.223	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:f600:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
70	26

16 2600:9000:20eb:9000:15:cdf7:fe00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.causes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:2908 (United States)

ASN13335 (CLOUDFLARENET, US)

ul.causes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-84.fra2.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-102.fra2.r.cloudfront.net

assets.causes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:1e00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.36.101.223 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-101-223.us-west-2.compute.amazonaws.com

collector-web.countable.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:f600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	causes.com www.causes.com ul.causes.com assets.causes.com	1 MB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	176 KB
6	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	151 KB
4	facebook.com www.facebook.com	662 B
4	facebook.net connect.facebook.net	182 KB
4	gstatic.com fonts.gstatic.com	59 KB
3	google.com www.google.com adservice.google.com	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	branch.io cdn.branch.io api2.branch.io	25 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	google.de www.google.de adservice.google.de	1 KB
2	countable.us collector-web.countable.us	730 B
1	nr-data.net bam.nr-data.net	322 B
1	newrelic.com js-agent.newrelic.com	9 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	407 B
1	app.link app.link	568 B
70	18

	Domain	Requested by
16	www.causes.com	www.causes.com
7	pagead2.googlesyndication.com	www.causes.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	www.facebook.com	www.causes.com
4	connect.facebook.net	www.causes.com connect.facebook.net
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.causes.com
3	securepubads.g.doubleclick.net	www.causes.com securepubads.g.doubleclick.net
3	fonts.googleapis.com	www.causes.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	api2.branch.io	www.causes.com
2	www.google.com	www.causes.com tpc.googlesyndication.com
2	collector-web.countable.us	www.causes.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	platform.twitter.com	www.causes.com platform.twitter.com
2	ul.causes.com	www.causes.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.causes.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.causes.com
1	syndication.twitter.com	platform.twitter.com
1	stats.g.doubleclick.net	www.causes.com
1	app.link	cdn.branch.io
1	assets.causes.com	www.causes.com
1	cdn.branch.io	www.causes.com
70	27

This site contains links to these domains. Also see Links.

Domain
play.google.com
help.causes.com
www.countable.com
www.twitter.com
instagram.com
www.facebook.com
vawoo.co.uk
twitter.com

Subject Issuer	Validity	Valid
causes.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-01` - `2021-09-29`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
appipv4.link Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.countable.us Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.newrelic.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
Frame ID: D66FA859DB336282B062A888A52F0F46
Requests: 62 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.causes.com
Frame ID: 19A210AA2D52EDDA374DD15B25DC0821
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20190131/zrt_lookup.html
Frame ID: 24F7A8EE81E3C9BFDE079424DF5EB7E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607106579604041&output=html&adk=1812271804&adf=3025194257&lmt=1632229801&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.causes.com%2Farticles%2F47924-petition-promote-vaping-smokers&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632229801640&bpp=2&bdt=1624&idt=120&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6572154592607&frm=20&pv=2&ga_vid=560020980.1632229802&ga_sid=1632229802&ga_hid=1430589181&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44719339%2C44747620%2C44748552&oid=3&pvsid=1020677548052913&pem=366&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=192
Frame ID: 2709660AF88313FD2E169CC166E5032A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9D0FFC0332F39A39CA739C822980B2AE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0550468D2D4489FF0C2CEE5AE07E73C0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Petition to promote vaping among smokers - Causesbell

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

70
Requests

100 %
HTTPS

73 %
IPv6

18
Domains

27
Subdomains

26
IPs

3
Countries

1872 kB
Transfer

5979 kB
Size

11
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.countable.countableapp&utm_source=countable&utm_medium=banner&utm_campaign=home-app-store

Search URL Search Domain Scan URL

URL: http://help.causes.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://www.countable.com/
Title: Enterprise Tools

Search URL Search Domain Scan URL

URL: https://www.twitter.com/causes

Search URL Search Domain Scan URL

URL: https://instagram.com/causes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/causes

Search URL Search Domain Scan URL

URL: https://vawoo.co.uk/index.php?dispatch=companies.products&company_id=182
Title: Vapor store

Search URL Search Domain Scan URL

URL: https://help.causes.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.countable.com/products-video-testimonials
Title: Video Testimonials

Search URL Search Domain Scan URL

URL: https://www.countable.com/products-lawmaker-messaging
Title: Lawmaker Messaging

Search URL Search Domain Scan URL

URL: https://twitter.com/causes

Search URL Search Domain Scan URL

URL: http://www.countable.com/
Title: Enterprise Tools

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 47924-petition-promote-vaping-smokers Show response
www.causes.com/articles/ 43 KB
11 KB 1366ms
1289ms Document
text/html 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 0b4019029c0b715bd2fa8c24928c016b926a7ebf815c03f073ee6fa01b9b2523

Request headers

:method: GET
:authority: www.causes.com
:scheme: https
:path: /articles/47924-petition-promote-vaping-smokers
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Tue, 21 Sep 2021 13:09:59 GMT
x-powered-by: Express
etag: W/"ab12-L7bGW7ssuViVna0Rl1XBc2uN8lQ"
content-encoding: gzip
x-edge-origin-shield-skipped: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 4IHrYoUpVw2CYi2GGPaluF8FbWkGY9sY57zBpSYUPsntiLS5HsBNvw==

GET
H2 200 vendor-1630453276.css
www.causes.com/assets/ 167 B
511 B 619ms
618ms Stylesheet
text/css 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.causes.com/assets/vendor-1630453276.css
Requested by: Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 76b847eda71c0616243c28a07db7d472d69f8f9e3a73911c34b281a7cf8c1e8d

Request headers

:path: /assets/vendor-1630453276.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.causes.com
referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:00 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
etag: W/"a7-17b9e9c2978"
last-modified: Tue, 31 Aug 2021 23:47:19 GMT
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 167
x-amz-cf-id: Leye5K3JjjZGoLo68B0E64809SsC0jeglpjwYqpM23XJkUI2Cyr9MQ==

GET
H2 200 countable-1630453276.css
www.causes.com/assets/ 477 KB
67 KB 614ms
613ms Stylesheet
text/css 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.causes.com/assets/countable-1630453276.css
Requested by: Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b33c2818c55db62063854cfd6e013533395b6711904c225184819660493c064f

Request headers

:path: /assets/countable-1630453276.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.causes.com
referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:00 GMT
content-encoding: gzip
etag: W/"77489-17b9e9c2d26"
last-modified: Tue, 31 Aug 2021 23:47:20 GMT
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css; charset=UTF-8
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: imrN9QHVVNoElnNjHVSoptHr1pSrAzEFNrq_kHRXYwcOg2eIrQ942Q==

GET
H2 200 app-banner-cancel-1630453276.png
www.causes.com/assets/images/ 259 B
596 B 613ms
613ms Image
image/png 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.causes.com/assets/images/app-banner-cancel-1630453276.png
Requested by: Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b81053beb15a52ffbcc6a688f98228be8d59f7c463aab7bec2b943dc5c4d7213

Request headers

:path: /assets/images/app-banner-cancel-1630453276.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.causes.com
referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:00 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
etag: W/"103-17b9e9bff9c"
last-modified: Tue, 31 Aug 2021 23:47:08 GMT
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 259
x-amz-cf-id: 7epsgTtN9LtKxmkWWOiTjoPBwQQbSMIlqgIJWYjGDjxRQGb3xZHVBQ==

GET
H2 200 causes-logomark-84x84-1630453276.png
www.causes.com/assets/images/ 3 KB
4 KB 604ms
604ms Image
image/png 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.causes.com/assets/images/causes-logomark-84x84-1630453276.png
Requested by: Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 4a3f9b4237bec79f93df8962879bbd02a17c882572299b4be657beb35878f6e1

Request headers

:path: /assets/images/causes-logomark-84x84-1630453276.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.causes.com
referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:00 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
etag: W/"d40-17b9e9c0828"
last-modified: Tue, 31 Aug 2021 23:47:11 GMT
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 3392
x-amz-cf-id: jR6D2YLbxMxyiSrvOqz1Ak_KrMxBNkHh-vqcMA_wrqhi3Cq9DwHBJQ==

GET
H2 200 vawoo-logo.png
ul.causes.com/ul/q_auto/uploads/Wv4QOwBL/6b1816/ 7 KB
8 KB 133ms
89ms Image
image/png 2606:4700:3108::ac42:2908
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ul.causes.com/ul/q_auto/uploads/Wv4QOwBL/6b1816/vawoo-logo.png

Requested by

Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2908 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

addecacfe776e6c50ce316ac0b2ca86e7df09bb4e46fc53b876ecdb2d97bd7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:00 GMT
via: 1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTAWnlAxef%2FbYrDPcmTTUTGVNu4jdvcO7O2SyEUiz94B8oxGNBuh6yJbcY31hqWRwQy9nSbpQOG8Me1%2B1EH8PLVy%2FeKC83OhOS02mtdIexS1%2FCSPQ0MX4ojitp6Ry%2BLXig4VRFq8Kbq9doOO"}],"group":"cf-nel","max_age":604800}
server-timing: fastly;dur=1;cpu=0;start=2021-09-21T10:02:26.411Z;desc=hit,rtt;dur=9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7677
x-ng-cache: MISS
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 21 Sep 2021 07:49:11 GMT
server: cloudflare
etag: "6e5a8013a0f41b86a17399ba3f4bceda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=604800
content-type: image/png
x-request-id: 3dcadf0b4c58da2563cda65d091ca5b7
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 692387fa8c915b4a-FRA
x-amz-cf-id: w3nirstDFAZUp-fWakOTo5FOwum_TwwPgFRoPytU62iErZpunEtD-w==
expires: Wed, 21 Sep 2022 10:02:26 GMT

GET
H2 200 vaping2.png
ul.causes.com/ul/q_auto/uploads/Wv4QOwBL/b5d83b/ 330 KB
331 KB 105ms
61ms Image
image/png 2606:4700:3108::ac42:2908
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ul.causes.com/ul/q_auto/uploads/Wv4QOwBL/b5d83b/vaping2.png

Requested by

Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2908 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac252ccae6cf16234eacd195edcb7c04a594f1c622126c69292e3bb05cd6b92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:00 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Md6Dx7FsZR3zb0FuRscdpviucP0rOHfHPLbD1PjciSxMbcQpVtrzOAM04B3DyS1J%2BAlNFXjuF%2FyX9gmKawpdRkcVS78t8LpAwlk2TGNyy3r%2FmgWFaIWB9J7HZV7s3h4rdMKY4ZdQsudf74mg"}],"group":"cf-nel","max_age":604800}
server-timing: fastly;dur=1;cpu=0;start=2021-09-21T10:00:29.808Z;desc=hit,rtt;dur=8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 337991
x-ng-cache: HIT
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 21 Sep 2021 07:50:20 GMT
server: cloudflare
etag: "1cd29c44249d0713bab054e136d7e158"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=604800
content-type: image/png
x-request-id: 2636ae92899604c144264092f99cb87f
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 692387fa8c945b4a-FRA
x-amz-cf-id: 2gS6N0ygLQ6W8V8ik7aXt2hySLllW2LL2Ke3NIGpvoQllGwzlCknHQ==
expires: Wed, 21 Sep 2022 10:02:26 GMT

GET
H2 200 vendor-1630453276.js Show response
www.causes.com/assets/ 2 MB
374 KB 600ms
599ms Script
application/javascript 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.causes.com/assets/vendor-1630453276.js
Requested by: Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 20c2136290992c24e68c497da4609453feb575ce1045bbb827a2f4025bca3272

Request headers

:path: /assets/vendor-1630453276.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.causes.com
referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:00 GMT
content-encoding: gzip
etag: W/"181b0e-17b9e9c2cea"
last-modified: Tue, 31 Aug 2021 23:47:20 GMT
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: Da-MMCEQ_pYR0HPYOvsHXIEQxMV_dpqq70tYT8BEDEiOMPwSzBWHdw==

GET
H2 200 countable-1630453276.js Show response
www.causes.com/assets/ 1 MB
221 KB 618ms
617ms Script
application/javascript 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.causes.com/assets/countable-1630453276.js
Requested by: Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 8640c6bfbea991e66dee61811c9c5417937fa0060246f5fc291b59debd3dcd73

Request headers

:path: /assets/countable-1630453276.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.causes.com
referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:00 GMT
content-encoding: gzip
etag: W/"132bf3-17b9e9c2d16"
last-modified: Tue, 31 Aug 2021 23:47:20 GMT
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: vUMUzlKBcZeQwMhqmv6cKWZ-P13fTPWjlVrZySEA5Nko2u4mGrxaIA==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/countable-1630453276.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

480f798386877814a7094d08ac074016d15707dd68ee4742f7403ce945ecabc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 11:37:20 GMT
server: ESF
date: Tue, 21 Sep 2021 13:10:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 13:10:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
641 B 48ms
24ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/countable-1630453276.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3f426ed4d3c63c66cd349b0622f7403a9d571b72ec57f737e50290bb74f3fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 12:19:19 GMT
server: ESF
date: Tue, 21 Sep 2021 13:10:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 13:10:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
765 B 49ms
25ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,600,600i,900&display=swap

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/countable-1630453276.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6841f2637c4f8dd95690b3c94cbef718403887deb285083cf4c3505e56e3f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 13:10:00 GMT
server: ESF
date: Tue, 21 Sep 2021 13:10:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 13:10:00 GMT

GET
H2 200 footer-icon-facebook-1630453276.png
www.causes.com/assets/images/ 179 B
537 B 613ms
613ms Image
image/png 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.causes.com/assets/images/footer-icon-facebook-1630453276.png
Requested by: Host: www.causes.com
URL: https://www.causes.com/assets/countable-1630453276.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 49add6a16e432069f0464c7d60be4bd18ae2c6b9754bcbfa4abb2ea72cf6013b

Request headers

:path: /assets/images/footer-icon-facebook-1630453276.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.causes.com
referer: https://www.causes.com/assets/countable-1630453276.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/assets/countable-1630453276.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
etag: W/"b3-17b9e9c269c"
last-modified: Tue, 31 Aug 2021 23:47:18 GMT
x-edge-origin-shield-skipped: 0
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 179
x-amz-cf-id: VwbM3mwdE1NAB2VuZMpPwlnP0knvG3u-k09Ti2DpXakAqumFaRai7w==

GET
H2 200 footer-icon-twitter-1630453276.png
www.causes.com/assets/images/ 433 B
793 B 166ms
165ms Image
image/png 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.causes.com/assets/images/footer-icon-twitter-1630453276.png
Requested by: Host: www.causes.com
URL: https://www.causes.com/assets/countable-1630453276.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 37464ae1a132da9b30f2a552222f8b00b758686fa1875ebd3956765dc5eddbd9

Request headers

:path: /assets/images/footer-icon-twitter-1630453276.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.causes.com
referer: https://www.causes.com/assets/countable-1630453276.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/assets/countable-1630453276.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified: Tue, 31 Aug 2021 23:47:13 GMT
x-edge-origin-shield-skipped: 0
x-powered-by: Express
etag: W/"1b1-17b9e9c133c"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 433
x-amz-cf-id: cqAEg6GnPb78BBQUxNVAwhD9za3QwzWQe8Y4_2OzRWhXIVrMhgXnIA==

GET
H2 200 footer-icon-instagram-1630453276.png
www.causes.com/assets/images/ 479 B
839 B 166ms
165ms Image
image/png 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.causes.com/assets/images/footer-icon-instagram-1630453276.png
Requested by: Host: www.causes.com
URL: https://www.causes.com/assets/countable-1630453276.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 71bcc38093af3244babdd38eb7be0efeb79953774b33235aba8d9049ecfdb02f

Request headers

:path: /assets/images/footer-icon-instagram-1630453276.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.causes.com
referer: https://www.causes.com/assets/countable-1630453276.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/assets/countable-1630453276.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
etag: W/"1df-17b9e9c0f18"
last-modified: Tue, 31 Aug 2021 23:47:12 GMT
x-edge-origin-shield-skipped: 0
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 479
x-amz-cf-id: In9WGxmUIqtTIqojMgNBtaKeqFuwKXRhTszFQGgQOoT0uI7Xu5eMBQ==

GET
H2 200 icomoon-1630453276.ttf
www.causes.com/assets/fonts/ 16 KB
10 KB 304ms
303ms Font
font/ttf 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.causes.com/assets/fonts/icomoon-1630453276.ttf?4bnc9x
Requested by: Host: www.causes.com
URL: https://www.causes.com/assets/countable-1630453276.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 619601c4da3f8f66b79ef1e6595ddf28c32ca03c6b546b39f2630cac4dc4d296

Request headers

:path: /assets/fonts/icomoon-1630453276.ttf?4bnc9x
pragma: no-cache
origin: https://www.causes.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.causes.com
referer: https://www.causes.com/assets/countable-1630453276.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.causes.com/assets/countable-1630453276.css
Origin: https://www.causes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
content-encoding: gzip
etag: W/"40e4-17b9e9c27d4"
last-modified: Tue, 31 Aug 2021 23:47:19 GMT
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: font/ttf
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control: public, max-age=0
x-amz-cf-id: m9OiT4iH218_ivNo-tYIapivPW9T0_XIaCc7JsebOHbX0321QSL04Q==

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
15 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.causes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 14:18:31 GMT
x-content-type-options: nosniff
age: 168690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 14:18:31 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 36ms
11ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.causes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:22:16 GMT
x-content-type-options: nosniff
age: 78465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:40 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 15:22:16 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 41ms
17ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.causes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:00:30 GMT
x-content-type-options: nosniff
age: 364171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 08:00:30 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 39ms
15ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.causes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:05:26 GMT
x-content-type-options: nosniff
age: 79475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15188
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:24:04 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 15:05:26 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 140ms
34ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEF) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 13:10:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (mil/6CEF)
Age: 588
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 41ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: y0MaLvPcxQ9i49QRltoWmV9q34saBfJSdjLBzuB8L8wS9KMENfhIW2iB9g7Mh138gOfi0vefGMfZ6KPduTKuWg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 21 Sep 2021 13:10:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 79 KB
24 KB 50ms
14ms Script
text/javascript 13.225.78.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: www.causes.com
URL: https://www.causes.com/assets/countable-1630453276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-84.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JY0psBu036ThLrIRNRIc72jv8LxR45nr
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 21:28:14 GMT
server: AmazonS3
age: 156
etag: "494b4c270c41c5456742136e682b1007"
x-edge-origin-shield-skipped: 0
content-type: text/javascript
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Tue, 21 Sep 2021 13:07:26 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
content-length: 23861
x-amz-cf-id: 8TEGk78U5M5Q6P5Gwd9prz6vmjmBtoRNLdMSZ45XwyxKSYSVf8Ztgw==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 26ms
15ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/countable-1630453276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6a63a71420a4140ea465571872c0c253e5873cf88e10fdea307f37957703a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7IVm4q4A17yTUl5rmz/7EA==
cross-origin-resource-policy: cross-origin
expires: Tue, 21 Sep 2021 13:18:46 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: S+jnvDmzZv8FbyWnSv+FyIDMXBLwYwUALvlxBtHyDzJtps8Aw9pLVHPkqVQ3qOwaa211HJy0VVtF+uaO9Ji5JA==
x-fb-trip-id: 917726464
x-fb-content-md5: 7eccafccd2a2cc1db2e14eb07f0f825b
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 21 Sep 2021 13:10:01 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "129f2f7924fb380784fe441b4a7f3a0f"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 73 KB
25 KB 62ms
19ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/countable-1630453276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

21f7a81a8763c82e53f8a802172da020ff4d5a5639c3a5965c2829b4a7df3edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "993 / 832 of 1000 / last-modified: 1632222536"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25045
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Sep 2021 13:10:01 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 83ms
45ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/countable-1630453276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

822e17250f1d49f17d3b1c595cbf9d5405902f7b3e9b663f30b6d36c3527864c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49120
x-xss-protection: 0
server: cafe
etag: 5545025796411511653
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 13:10:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/countable-1630453276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1384
date: Tue, 21 Sep 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 21 Sep 2021 14:46:57 GMT

GET
H/1.1 200
OK ks.js Show response
assets.causes.com/kitchensink/ 73 KB
26 KB 242ms
11ms Script
application/javascript 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.causes.com/kitchensink/ks.js
Requested by: Host: www.causes.com
URL: https://www.causes.com/assets/countable-1630453276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12f8c0705cf1f2d8161a4999ac6298c1b7332eb3be07daf0e3f7382c8b96a675

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 03:04:54 GMT
Content-Encoding: gzip
Age: 36307
Transfer-Encoding: chunked
X-Edge-Origin-Shield-Skipped: 0
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 09 Jan 2018 23:09:36 GMT
Server: AmazonS3
ETag: W/"b2157cee79b8b98f5ea177e06817bdec"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
Cache-Control: public,maxage=604800
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: 5R2XEAbPb4DttidMnZxgGjJQxUj141HP0LeaqaH7UNOrafFdWWh7iA==

GET
H2 401 me Show response
www.causes.com/api/users/ 98 B
667 B 166ms
164ms XHR
application/json 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.causes.com/api/users/me

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/vendor-1630453276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx + Phusion Passenger 5.3.7 / Phusion Passenger 5.3.7

Resource Hash

9b0d2e6285502f36f2412d89433a2e3f795f20d0aea3ffd3218a33c24d1e5495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
x-csrf-token
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
:path: /api/users/me
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.causes.com
referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
X-CSRF-Token
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-edge-origin-shield-skipped: 0
x-powered-by: Phusion Passenger 5.3.7
x-cache: Error from cloudfront
status: 401 Unauthorized
x-xss-protection: 1; mode=block
x-request-id: 555e0d42-d1ba-41ed-8077-cb3e65a92bee
x-runtime: 0.002979
referrer-policy: strict-origin-when-cross-origin
server: nginx + Phusion Passenger 5.3.7
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: OoLYo6F5FyOIgkNTTI7CiMYgbiZK6G5oQO8Xb36iok9I6Viw7fmkPQ==

GET
H2 200 weekly_actions Show response
www.causes.com/api/stats/ 24 B
788 B 169ms
169ms XHR
application/json 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.causes.com/api/stats/weekly_actions

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/vendor-1630453276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx + Phusion Passenger 5.3.7 / Phusion Passenger 5.3.7

Resource Hash

fafc8c7a1a25e28e08c637cecc56e0dd3f56d72a00f0497899297014bf5ca6f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
x-csrf-token
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
:path: /api/stats/weekly_actions
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json; charset=utf=8
accept: */*
cache-control: no-cache
:authority: www.causes.com
referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
x-csrf-token
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json; charset=utf=8

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-edge-origin-shield-skipped: 0
x-powered-by: Phusion Passenger 5.3.7
x-cache: Miss from cloudfront
status: 200 OK
set-cookie: _session_id=a4a599add41ae663cafdbfc158152c77; path=/; expires=Thu, 21 Oct 2021 13:10:01 GMT; HttpOnly
x-xss-protection: 1; mode=block
x-request-id: 2c8d26a0-1612-4a78-b019-564f96ffaa0c
x-runtime: 0.011053
referrer-policy: strict-origin-when-cross-origin
server: nginx + Phusion Passenger 5.3.7
etag: W/"fafc8c7a1a25e28e08c637cecc56e0dd"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: max-age=300, private
x-amz-cf-pop: FRA2-C1
csrf-token: TC6HU2DXxQqXZjKPtzbdOSc32MBo96YSt5AxqmyTs6isqrX/TVmm4FaAkrVzfc9jZ9ocQTrC8jCd0HYX9NCrLA==
x-amz-cf-id: 1vNT8QH2J2OMcCEjC4CcfvudGhE32QrkhmGAUjztBl5XTPQbUmzuNw==

GET
H2 200 comments Show response
www.causes.com/api/articles/47924-petition-promote-vaping-smokers/ 23 B
777 B 179ms
179ms XHR
application/json 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.causes.com/api/articles/47924-petition-promote-vaping-smokers/comments

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/vendor-1630453276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx + Phusion Passenger 5.3.7 / Phusion Passenger 5.3.7

Resource Hash

ca0c59dd49635eda0d047e6472efb169f041654494c9d193173996ad6ffcc29f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
x-csrf-token
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
:path: /api/articles/47924-petition-promote-vaping-smokers/comments
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.causes.com
referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
X-CSRF-Token
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-edge-origin-shield-skipped: 0
x-powered-by: Phusion Passenger 5.3.7
x-cache: Miss from cloudfront
status: 200 OK
set-cookie: _session_id=9e6b37234d22912381ca5b69a39bbf48; path=/; expires=Thu, 21 Oct 2021 13:10:01 GMT; HttpOnly
x-xss-protection: 1; mode=block
x-request-id: 05358ab4-5c02-41c7-88f2-c9364333aeb5
x-runtime: 0.013867
referrer-policy: strict-origin-when-cross-origin
server: nginx + Phusion Passenger 5.3.7
etag: W/"ca0c59dd49635eda0d047e6472efb169"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private
x-amz-cf-pop: FRA2-C1
csrf-token: 4JvcfT7p7KeyDa33xVuoC3pR2bsg+kZ3hUgb8U8kbO2c2qb5oP91iait15Un0qnBrBr5SGATPlpa9l/LszPY+Q==
x-amz-cf-id: YSZQnSEavJkAfsmXd8kdWEXx50dmd7yDXZRtTHdXVO4HApIzw2aw6A==

GET
H2 200 snacks Show response
www.causes.com/api/ 21 KB
22 KB 197ms
196ms XHR
application/json 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.causes.com/api/snacks

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/vendor-1630453276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx + Phusion Passenger 5.3.7 / Phusion Passenger 5.3.7

Resource Hash

bc4eef1d392fb3abebcc65e98ff0909c4340454b188b2114ae3ac985e42ce8b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
x-csrf-token
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
:path: /api/snacks
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.causes.com
referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
X-CSRF-Token
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-edge-origin-shield-skipped: 0
x-powered-by: Phusion Passenger 5.3.7
x-cache: Miss from cloudfront
status: 200 OK
set-cookie: _session_id=6beec4ca8e3b89c79124f359407eefbc; path=/; expires=Thu, 21 Oct 2021 13:10:01 GMT; HttpOnly
x-xss-protection: 1; mode=block
x-request-id: 76bbe634-400e-4dff-ab37-b649330773ae
x-runtime: 0.029574
referrer-policy: strict-origin-when-cross-origin
server: nginx + Phusion Passenger 5.3.7
etag: W/"bc4eef1d392fb3abebcc65e98ff0909c"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private
x-amz-cf-pop: FRA2-C1
csrf-token: LCC0sje0MZH1YzzddLEq7uZPZw2sVPCNy4BpKygKDP2TG53yrFQyu+qPGsBAvK4B+4MdYXwteNuqbNwmwTE4bA==
x-amz-cf-id: Eluym35T3H52RLG47keRLXUeOOtTwUHwHq71_0V_JHuSPXUqJLl7zw==

GET
H2 200 874798599262743 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 122ms
121ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/874798599262743?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b37f71f5c160c23dd05fa9ab7879612388307718941a47b3dc626b408034f5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: A2iU7WFlAaJXuUqAYGvQzX0BwuBc5LubZDUCIQvTyjGmGRPdYGjh+nV3WPoYH6AoVAmZFr/edFUIRYPej7ftbw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 21 Sep 2021 13:10:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 19A2 319 KB
103 KB 34ms
34ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.causes.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.causes.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 659427
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 21 Sep 2021 13:10:01 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 223 KB
66 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f66bfdcf2e3d8f39644a81c1e92b53b9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

514bee7889feffcc704dce1fdfe6d0f75f6e06e4e41b75f8bd75ada6861aa1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.causes.com/
Origin: https://www.causes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0oBjh5ikVklkg2oNztB6zg==
cross-origin-resource-policy: cross-origin
expires: Wed, 21 Sep 2022 11:07:29 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 66985
x-fb-rlafr: 0
x-fb-debug: Swqlj+0hE6UZZSu27xxVLbEQxxMUNvCky5KUz2qx8WhkkIc0nIueNoL+e2xT0Hp1chB9SE3pw7oBIK439WXZSw==
x-fb-trip-id: 917726464
x-fb-content-md5: f0ba4a8f08fe591a20cdf86d95aeb265
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 21 Sep 2021 13:10:01 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "56e6f7acea1b5892d27abfcd7fc8a54e"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 _r Show response
app.link/ 90 B
568 B 380ms
324ms Script
text/javascript 2600:9000:20eb:1e00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.3&branch_key=key_live_gobPFi4aphdwJyntW0LpFimcsFjRWbA7&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:1e00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

cd9ac5ff63d367b7f189bb866bf1563754186a39a3734c0c06a004ff66b4672e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 90
etag: W/"5a-/MckppM3X65gsbOhffFgGBDNGUc"
x-amz-cf-id: gDmm93MwHMLXgQc4h5SquodoCL7PLNH_H1eB8kqGmU58uqEFDbFanQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
146 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1430589181&t=event&_s=1&dl=https%3A%2F%2Fwww.causes.com%2Farticles%2F47924-petition-promote-vaping-smokers&ul=en-us&de=UTF-8&dt=Petition%20to%20promote%20vaping%20among%20smokers%20-%20Causes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Article&ea=Article%20Impression&el=Petition%20to%20promote%20vaping%20among%20smokers&_u=IEBAAAABAAAAAC~&jid=72701872&gjid=1448969998&cid=560020980.1632229802&tid=UA-41960852-1&_gid=184147634.1632229802&_r=1&_slc=1&z=842787176

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/vendor-1630453276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.causes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 13:10:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.causes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 8ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1430589181&t=pageview&_s=2&dl=https%3A%2F%2Fwww.causes.com%2Farticles%2F47924-petition-promote-vaping-smokers&dp=%2Farticles%2F47924-petition-promote-vaping-smokers&ul=en-us&de=UTF-8&dt=Petition%20to%20promote%20vaping%20among%20smokers%20-%20Causes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=&gjid=&cid=560020980.1632229802&tid=UA-41960852-1&_gid=184147634.1632229802&z=230297109

Requested by

Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 11:39:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5429
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021091504.js Show response
securepubads.g.doubleclick.net/gpt/ 332 KB
116 KB 18ms
18ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091504.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

f42f55dabbb15175140e8f22510310cbeefe9d766975ce806a9d6f8d9444e66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118865
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 18:36:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Sep 2021 13:10:01 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 196 B
150 B 33ms
18ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.causes.com

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/vendor-1630453276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

cb03ccca0ca41b562ec6b7508f18cfb4089b0dfea29792b180320bf2e763fafc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 13:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125
x-xss-protection: 0
expires: Tue, 21 Sep 2021 13:10:01 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/ 253 KB
94 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6607106579604041&plah=www.causes.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d21c8bd2e8b2f5a56b540807fec034374ae70b88dc022ee1e6db57431e3899c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95714
x-xss-protection: 0
server: cafe
etag: 3232603846146272685
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 13:10:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210916/r20190131/ Frame 24F7 10 KB
5 KB 51ms
14ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210916/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210916/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.causes.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 21 Sep 2021 00:23:02 GMT
expires: Tue, 05 Oct 2021 00:23:02 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 46019
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
433 B 78ms
26ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-41960852-1&cid=560020980.1632229802&jid=72701872&gjid=1448969998&_gid=184147634.1632229802&_u=IEBAAAAAAAAAAC~&z=1200832811

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/vendor-1630453276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.causes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 21 Sep 2021 13:10:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.causes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
collector-web.countable.us/ 43 B
365 B 809ms
235ms Image
image/gif 52.36.101.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-web.countable.us/i?stm=1632229801676&e=ue&ue_px=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy91bnN0cnVjdF9ldmVudC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJzY2hlbWEiOiJpZ2x1OmNvbS5jb3VudGFibGV1cy9nYUNvbXBhdGlibGVEeW5hbWljRXZlbnQvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiY3RhX3R5cGUiOiJjb250YWN0X3JlcHMiLCJhcnRpY2xlX2lkIjoiNDc5MjQiLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwicGFydG5lcl9pZCI6bnVsbCwidmVyc2lvbiI6IjE2MzA0NTMyNzYiLCJwbGF0Zm9ybSI6IndlYiIsImNhdGVnb3J5IjoiQXJ0aWNsZSIsImV2ZW50IjoiQXJ0aWNsZSBJbXByZXNzaW9uIiwibGFiZWwiOiJQZXRpdGlvbiB0byBwcm9tb3RlIHZhcGluZyBhbW9uZyBzbW9rZXJzIn19fQ&tv=js-2.8.2&tna=production&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=d390e3b8-18d4-48ce-96d6-051c3098055f&dtm=1632229801675&vp=1600x1200&ds=1600x2425&vid=1&sid=c0d41048-5916-445f-baeb-7e5a13a03bfd&duid=f4ea2374-84b4-4935-8719-47b5d563ca06&fp=2604279051&url=https%3A%2F%2Fwww.causes.com%2Farticles%2F47924-petition-promote-vaping-smokers
Requested by: Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.101.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-101-223.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 13:10:02 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 45ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2318966938&ev=fb_page_view&dl=https%3A%2F%2Fwww.causes.com%2Farticles%2F47924-petition-promote-vaping-smokers&rl=&if=false&ts=1632229801685&sw=1600&sh=1200&at=

Requested by

Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 21 Sep 2021 13:10:01 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 19A2 288 B
454 B 226ms
191ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a81a7ba388269a2cc3eb74426496f97d2c2de080

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.causes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

9394db09c7d923e754846eb13c2c5178ba4cdb990a0e7c687b02cc1028e9c242

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 13:10:01 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 3ca236fbab6ed1052074f07fc5aa4bcfb751d8557fff484310d6ec5a17561ffe
content-length: 188

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 76ms
38ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-41960852-1&cid=560020980.1632229802&jid=72701872&_u=IEBAAAAAAAAAAC~&z=673963123

Requested by

Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 13:10:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 75ms
38ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-41960852-1&cid=560020980.1632229802&jid=72701872&_u=IEBAAAAAAAAAAC~&z=673963123

Requested by

Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 13:10:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=874798599262743&ev=PageView&dl=https%3A%2F%2Fwww.causes.com%2Farticles%2F47924-petition-promote-vaping-smokers&rl=&if=false&ts=1632229801789&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1632229801788.882210739&it=1632229801590&coo=false&exp=p1&rqm=GET

Requested by

Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 21 Sep 2021 13:10:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=874798599262743&ev=ViewContent&dl=https%3A%2F%2Fwww.causes.com%2Farticles%2F47924-petition-promote-vaping-smokers&rl=&if=false&ts=1632229801794&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1632229801788.882210739&it=1632229801590&coo=false&exp=p1&rqm=GET

Requested by

Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 21 Sep 2021 13:10:01 GMT

GET
H2 200 snacks Show response
www.causes.com/api/ 1 KB
2 KB 180ms
179ms XHR
application/json 2600:9000:20eb:9000:15:cdf7:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.causes.com/api/snacks?profile_id=2232

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/vendor-1630453276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:9000:15:cdf7:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx + Phusion Passenger 5.3.7 / Phusion Passenger 5.3.7

Resource Hash

3761461889aeda4e9d69965e56a486888d0626ddb31b44ba67995a278e8c9704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
x-csrf-token
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: _ga=GA1.2.560020980.1632229802; _gid=GA1.2.184147634.1632229802; _gat=1; _sp_ses.38db=*; _sp_id.38db=f4ea2374-84b4-4935-8719-47b5d563ca06.1632229802.1.1632229802.1632229802.c0d41048-5916-445f-baeb-7e5a13a03bfd; _session_id=6beec4ca8e3b89c79124f359407eefbc; _fbp=fb.1.1632229801788.882210739
:path: /api/snacks?profile_id=2232
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.causes.com
referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
X-CSRF-Token
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-edge-origin-shield-skipped: 0
x-powered-by: Phusion Passenger 5.3.7
x-cache: Miss from cloudfront
status: 200 OK
set-cookie: _session_id=6beec4ca8e3b89c79124f359407eefbc; path=/; expires=Thu, 21 Oct 2021 13:10:01 GMT; HttpOnly
x-xss-protection: 1; mode=block
x-request-id: fdd71380-3318-41e3-9738-ef8e454112b3
x-runtime: 0.016922
referrer-policy: strict-origin-when-cross-origin
server: nginx + Phusion Passenger 5.3.7
etag: W/"3761461889aeda4e9d69965e56a48688"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private
x-amz-cf-pop: FRA2-C1
csrf-token: o6wLDubeEOMW7h9WSb8bjUFERqH8CPfczwQA59U3uDUclyJOfT4TyQkCOUt9sp9iXIg8zSxxf4qu6LXqPAyMpA==
x-amz-cf-id: ZSI7YbmcfKOwg8y_Rbga6HQnsEQ7Vlavb2ABPALr28UOYCJljpxKIg==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
407 B 15ms
15ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.causes.com&callback=_gfp_s_&client=ca-pub-6607106579604041

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6607106579604041&plah=www.causes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8b70d789f17f02e080274254643874a43cb5cba01efaaaf2b5d2c6e5c9515e4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 23ms
22ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.causes.com%2Farticles%2F47924-petition-promote-vaping-smokers&tn=NAV&cls=header-nav%20navbar%20navbar-default%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 13:10:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 40ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.causes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 13:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 60ms
24ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.causes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 13:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2709 9 KB
4 KB 315ms
314ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6607106579604041&output=html&adk=1812271804&adf=3025194257&lmt=1632229801&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.causes.com%2Farticles%2F47924-petition-promote-vaping-smokers&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632229801640&bpp=2&bdt=1624&idt=120&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6572154592607&frm=20&pv=2&ga_vid=560020980.1632229802&ga_sid=1632229802&ga_hid=1430589181&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44719339%2C44747620%2C44748552&oid=3&pvsid=1020677548052913&pem=366&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=192

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95ceb98e69c1a2137c0f3cebcc485f6936916be2a457e3a1653b4e169e7392cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6607106579604041&output=html&adk=1812271804&adf=3025194257&lmt=1632229801&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.causes.com%2Farticles%2F47924-petition-promote-vaping-smokers&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632229801640&bpp=2&bdt=1624&idt=120&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6572154592607&frm=20&pv=2&ga_vid=560020980.1632229802&ga_sid=1632229802&ga_hid=1430589181&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44719339%2C44747620%2C44748552&oid=3&pvsid=1020677548052913&pem=366&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=192
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.causes.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 21 Sep 2021 13:10:02 GMT
server: cafe
content-length: 4053
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Sep-2021 13:25:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 21 Sep 2021 13:10:02 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 57ms
35ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1632137829538267"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Tue, 21 Sep 2021 13:10:01 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 303 B
625 B 225ms
173ms XHR
application/json 2600:9000:21f3:f600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: www.causes.com
URL: https://www.causes.com/assets/vendor-1630453276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 04f4599dc85f1655f5217b4de26b6d9ad95fe75db024d4e7b19bd8d3769dbd7c

Request headers

Referer: https://www.causes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 Sep 2021 13:10:02 GMT
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: e760ad6cfe4f4489b0ff0310e89a2e55-2021092113
content-length: 303
x-amz-cf-id: hsS0yoiXfPiSP-80Fny655r4LtyDcp4tHSTsIgdUwPHjZQ7q8vE4hw==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
386 B 177ms
177ms XHR
application/json 2600:9000:21f3:f600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: www.causes.com
URL: https://www.causes.com/assets/vendor-1630453276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Referer: https://www.causes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 21 Sep 2021 13:10:02 GMT
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: fa8752653fc042a5a3007e98c176e4d8-2021092113
content-length: 29
x-amz-cf-id: 38ISw9rax-rz1X4cXt9kN60irIj97QPnDDaMVoqV2IXvWS0QiXybDg==

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=874798599262743&ev=Microdata&dl=https%3A%2F%2Fwww.causes.com%2Farticles%2F47924-petition-promote-vaping-smokers&rl=&if=false&ts=1632229802295&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Petition%20to%20promote%20vaping%20among%20smokers%20-%20Causes%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Petition%20to%20promote%20vaping%20among%20smokers%22%2C%22twitter%3Atitle%22%3A%22Petition%20to%20promote%20vaping%20among%20smokers%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ful.causes.com%2Ful%2Fq_auto%2Fuploads%2FWv4QOwBL%2Fb5d83b%2Fvaping2.png%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Ful.causes.com%2Ful%2Fq_auto%2Fuploads%2FWv4QOwBL%2Fb5d83b%2Fvaping2.png%22%2C%22og%3Adescription%22%3A%22Read%20more%20at%20Causes%20%E2%86%92%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.causes.com%2Farticles%2F47924-petition-promote-vaping-smokers%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Asite%22%3A%22%40causes%22%2C%22twitter%3Acreator%22%3A%22%40causes%22%2C%22twitter%3Aapp%3Aid%3Aiphone%22%3A%22893853823%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1632229801788.882210739&it=1632229801590&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 21 Sep 2021 13:10:02 GMT

GET
H/1.1 200
OK i
collector-web.countable.us/ 43 B
365 B 170ms
170ms Image
image/gif 52.36.101.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-web.countable.us/i?stm=1632229802488&e=ue&ue_px=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy91bnN0cnVjdF9ldmVudC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJzY2hlbWEiOiJpZ2x1OmNvbS5jb3VudGFibGV1cy9nYUNvbXBhdGlibGVEeW5hbWljRXZlbnQvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsidXJsIjoiaHR0cHM6Ly93d3cuY2F1c2VzLmNvbS9hcnRpY2xlcy80NzkyNC1wZXRpdGlvbi1wcm9tb3RlLXZhcGluZy1zbW9rZXJzIiwibGFiZWwiOiJQZXRpdGlvbiB0byBwcm9tb3RlIHZhcGluZyBhbW9uZyBzbW9rZXJzIC0gQ2F1c2VzIiwiZXZlbnQiOiJwYWdldmlldyIsInBhcnRuZXJfaWQiOm51bGwsInBsYXRmb3JtIjoid2ViIn19fQ&tv=js-2.8.2&tna=production&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=6d732d4a-b59e-4ac9-817e-9e8d18cc1c9d&dtm=1632229801676&vp=1600x1200&ds=1600x2425&vid=1&sid=c0d41048-5916-445f-baeb-7e5a13a03bfd&duid=f4ea2374-84b4-4935-8719-47b5d563ca06&fp=2604279051&url=https%3A%2F%2Fwww.causes.com%2Farticles%2F47924-petition-promote-vaping-smokers
Requested by: Host: www.causes.com
URL: https://www.causes.com/articles/47924-petition-promote-vaping-smokers
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.101.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-101-223.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 13:10:02 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 nr-1016.min.js Show response
js-agent.newrelic.com/ 22 KB
9 KB 36ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1016.min.js
Requested by: Host: www.causes.com
URL: https://www.causes.com/assets/vendor-1630453276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5766d97e9b0c91a002f275667824760ef20a2ba8a8786719bb88b2efc7a44ede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "6111dfa93beb5692edf4d7f3dfecc182"
x-amz-request-id: CXMB98ER22N5AQ21
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 8830
x-amz-id-2: zYNWyZpxY5JmR2c/sFBSy8ZDyn01MBdMwtp+Fg++AxHCYZDfPqK4Ep1OyBKHV8o7jNAc78Jz690=
x-served-by: cache-hhn4076-HHN
last-modified: Wed, 28 Feb 2018 23:33:30 GMT
server: AmazonS3
x-timer: S1632229803.694555,VS0,VE0
date: Tue, 21 Sep 2021 13:10:02 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 32

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 65ms
29ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210916&st=env

Requested by

Host: www.causes.com
URL: https://www.causes.com/assets/vendor-1630453276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6add9562de2596af5c0f7e58170863a4f6cdb16c965ceca29135d84329dd21c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Sep 2021 13:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8491
x-xss-protection: 0

GET
H/1.1 200
OK 34f337ecb5 Show response
bam.nr-data.net/1/ 57 B
322 B 429ms
106ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/34f337ecb5?a=2999183&sa=1&v=1016.8b58850&t=Unnamed%20Transaction&rst=4059&ref=https://www.causes.com/articles/47924-petition-promote-vaping-smokers&be=2642&fe=1373&dc=58&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1632229798645,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:55,%22c%22:55,%22s%22:60,%22ce%22:78,%22rq%22:78,%22rp%22:1367,%22rpe%22:1518,%22dl%22:1371,%22di%22:2699,%22ds%22:2700,%22de%22:2700,%22dc%22:4015,%22l%22:4015,%22le%22:4018%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1016.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 73ms
34ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 21 Sep 2021 13:10:02 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9D0F 12 KB
5 KB 315ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.causes.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 21 Sep 2021 12:15:09 GMT
expires: Wed, 21 Sep 2022 12:15:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0550 783 B
993 B 26ms
26ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

704640cc636ab9ae629097fc5308ec7c72dedfaef20f8b8b8c04103726cd68c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DsTYacCVRZ4/heRXgjm2Ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.causes.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 21 Sep 2021 13:10:02 GMT
date: Tue, 21 Sep 2021 13:10:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-DsTYacCVRZ4/heRXgjm2Ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0550 0
0 40ms
39ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210916&jk=1020677548052913&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 GLSxUS2W--ydrm6iUmadWo1W39e-CGFcESD-FnYGiYg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D0F 35 KB
13 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GLSxUS2W--ydrm6iUmadWo1W39e-CGFcESD-FnYGiYg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b4b1512d96fbec9dae6ea252669d5a8d56dfd7be08615c1120fe1676068988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 23:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 18 Sep 2022 23:30:24 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 40ms
40ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210916&jk=1020677548052913&bg=!x8SlxIDNAAZWaDWkVmg7ACkAdvg8Wp7i3mkoujnKPSgWqj8IYEQzTvc-MLk-PBBm5gSc9cSDn4ijjwIAAABpUgAAAApoAQcKAGeOS5to9lyxLsS8Eob-y2MmF9biP7cmpfun7WXE6pEP6LiXI-H0vVuOmS_RPV3lUWI3fvFlHSpdZsN0a-ITqJ3-yakqnSdo1qhp6C0B7Z7xfSqOdjNEuO32lE0bY24DakNO5yHJDxj8mQJ-3RcBa8Dtxbwx1rsdMVh0Ttr0otnO2W36ZmDWsWfCEHPpMWe3tFSXr-vEEpd6r733rF6cVdjJFDCiEz6Fa38AWKEpqoE4IVTHKmN-S9305LW8hQ3E-CEFT9STAryuV9sLupTYGz7-vnh9PrvnshJEpwSgnm3ixVdi7GWXYk6mjODmPAoCZ0SrRBgnFN7PRLhnIih2h_bj0BZMpG6VrUfh7zF6WjBg9zRU7ujW9rwW2-GcJQmvwfYl5OERjhTfeC_XoeJDYmuIGpvyIX0404y3K_63t47RVTqIwHIk9gftHlTC11lM4uv2f2r-PLYSo4kdaXjr8meeC4uG8ZEzP9RIXHbyKzl0O86lBqA65XGVrp5rdbG7fIKOTtphDNROO6gA-QAFTo3EXr49AYowqfUKkoctnUHyDek7c9jFodTq2aOwwe0efotZknsEClZ20KFV5NlvZ-VDHdSVNLeMxkZedQaTis3ubtOqSdsVcUe9kC3ASA27AGmluRV3r9raY0M80jtiZoh_cnNccLmp36mToJrE2J8EE0DUqv2ByV5_rMCRymIVr7ALnJUHgAgVqcs359WmRD__wRqgYl2dpkjM6_9e1rf00R4AmUl3qgMvdfu0MRYNBK-TI8IKdqsws61raOMaCVe5D7HfK8KOlp7m0dbyPNazdWv0sf_3o0foR7AQApcqy0fd5UHZHONcL_o9CRvSOVGvK-a0WVcy2Vq3W-pp37e6Z18as0smR7EmwYeC4u-ru84NZIzPHjrgf1BdYWf7aY37FK9xk9GtcRk7SgcLjAW4c_noc7b7tHLM35MOQY0EISWIibgJ2Mq-CLrzSFqUAASpZhq4dCmoL04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.causes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.causes.com/	1970-01-20 14:55:01	Name: _ga Value: GA1.2.560020980.1632229802
.causes.com/	1970-01-19 21:25:16	Name: _gid Value: GA1.2.184147634.1632229802
.causes.com/	1970-01-19 21:23:49	Name: _gat Value: 1
www.causes.com/	1970-01-19 21:23:51	Name: _sp_ses.38db Value: *
www.causes.com/	1970-01-20 14:55:01	Name: _sp_id.38db Value: f4ea2374-84b4-4935-8719-47b5d563ca06.1632229802.1.1632229802.1632229802.c0d41048-5916-445f-baeb-7e5a13a03bfd
www.causes.com/	1970-01-19 22:07:01	Name: _session_id Value: 6beec4ca8e3b89c79124f359407eefbc
.causes.com/	1970-01-19 23:33:25	Name: _fbp Value: fb.1.1632229801788.882210739
.causes.com/	1970-01-20 06:45:25	Name: __gads Value: ID=84d2f45ac9644cca-2269400647c900d1:T=1632229801:RT=1632229801:S=ALNI_MaezJUnqguQYxRUCZJHnF5np7vEdA
.app.link/	1970-01-20 06:09:25	Name: _s Value: 6lmP9jqwXIE%2Fw3xP1FkQRzxWKYrSmmxBZerp5FV%2BkIAmmm%2FXrb4j6INmxhgR%2F%2BDp
.doubleclick.net/	1970-01-19 21:23:50	Name: test_cookie Value: CheckForPermission
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: a36b4136562406d6

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.causes.com/api/users/me Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api2.branch.io
app.link
assets.causes.com
bam.nr-data.net
cdn.branch.io
collector-web.countable.us
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
ul.causes.com
www.causes.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.244.42.8
13.225.78.102
13.225.78.84
142.250.185.226
151.101.66.137
162.247.242.19
2600:9000:20eb:1e00:19:9934:6a80:93a1
2600:9000:20eb:9000:15:cdf7:fe00:93a1
2600:9000:21f3:f600:11:f728:3040:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3108::ac42:2908
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c04::9b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
52.36.101.223
04f4599dc85f1655f5217b4de26b6d9ad95fe75db024d4e7b19bd8d3769dbd7c
0b4019029c0b715bd2fa8c24928c016b926a7ebf815c03f073ee6fa01b9b2523
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f8c0705cf1f2d8161a4999ac6298c1b7332eb3be07daf0e3f7382c8b96a675
18b4b1512d96fbec9dae6ea252669d5a8d56dfd7be08615c1120fe1676068988
20c2136290992c24e68c497da4609453feb575ce1045bbb827a2f4025bca3272
21f7a81a8763c82e53f8a802172da020ff4d5a5639c3a5965c2829b4a7df3edb
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
37464ae1a132da9b30f2a552222f8b00b758686fa1875ebd3956765dc5eddbd9
3761461889aeda4e9d69965e56a486888d0626ddb31b44ba67995a278e8c9704
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
480f798386877814a7094d08ac074016d15707dd68ee4742f7403ce945ecabc1
49add6a16e432069f0464c7d60be4bd18ae2c6b9754bcbfa4abb2ea72cf6013b
4a3f9b4237bec79f93df8962879bbd02a17c882572299b4be657beb35878f6e1
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
514bee7889feffcc704dce1fdfe6d0f75f6e06e4e41b75f8bd75ada6861aa1cf
5766d97e9b0c91a002f275667824760ef20a2ba8a8786719bb88b2efc7a44ede
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
619601c4da3f8f66b79ef1e6595ddf28c32ca03c6b546b39f2630cac4dc4d296
6add9562de2596af5c0f7e58170863a4f6cdb16c965ceca29135d84329dd21c1
704640cc636ab9ae629097fc5308ec7c72dedfaef20f8b8b8c04103726cd68c5
71bcc38093af3244babdd38eb7be0efeb79953774b33235aba8d9049ecfdb02f
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
76b847eda71c0616243c28a07db7d472d69f8f9e3a73911c34b281a7cf8c1e8d
822e17250f1d49f17d3b1c595cbf9d5405902f7b3e9b663f30b6d36c3527864c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8640c6bfbea991e66dee61811c9c5417937fa0060246f5fc291b59debd3dcd73
8b37f71f5c160c23dd05fa9ab7879612388307718941a47b3dc626b408034f5d
8b70d789f17f02e080274254643874a43cb5cba01efaaaf2b5d2c6e5c9515e4b
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
9394db09c7d923e754846eb13c2c5178ba4cdb990a0e7c687b02cc1028e9c242
95ceb98e69c1a2137c0f3cebcc485f6936916be2a457e3a1653b4e169e7392cc
9b0d2e6285502f36f2412d89433a2e3f795f20d0aea3ffd3218a33c24d1e5495
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ac252ccae6cf16234eacd195edcb7c04a594f1c622126c69292e3bb05cd6b92f
addecacfe776e6c50ce316ac0b2ca86e7df09bb4e46fc53b876ecdb2d97bd7ed
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1f23d8732d8e2a4f2e983d5bf52c680226ec20d3b3453a7d8de4ef4e28aa7a5
b33c2818c55db62063854cfd6e013533395b6711904c225184819660493c064f
b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f
b6a63a71420a4140ea465571872c0c253e5873cf88e10fdea307f37957703a72
b81053beb15a52ffbcc6a688f98228be8d59f7c463aab7bec2b943dc5c4d7213
bc4eef1d392fb3abebcc65e98ff0909c4340454b188b2114ae3ac985e42ce8b2
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ca0c59dd49635eda0d047e6472efb169f041654494c9d193173996ad6ffcc29f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb03ccca0ca41b562ec6b7508f18cfb4089b0dfea29792b180320bf2e763fafc
cd9ac5ff63d367b7f189bb866bf1563754186a39a3734c0c06a004ff66b4672e
d21c8bd2e8b2f5a56b540807fec034374ae70b88dc022ee1e6db57431e3899c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f426ed4d3c63c66cd349b0622f7403a9d571b72ec57f737e50290bb74f3fc2
e6841f2637c4f8dd95690b3c94cbef718403887deb285083cf4c3505e56e3f72
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42f55dabbb15175140e8f22510310cbeefe9d766975ce806a9d6f8d9444e66f
fafc8c7a1a25e28e08c637cecc56e0dd3f56d72a00f0497899297014bf5ca6f1
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.causes.com Open in urlscan Pro 2600:9000:20eb:9000:15:cdf7:fe00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

100 %HTTPS

73 %IPv6

18 Domains

27 Subdomains

26 IPs

3 Countries

1872 kBTransfer

5979 kBSize

11 Cookies

12 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.causes.com Open in urlscan Pro
2600:9000:20eb:9000:15:cdf7:fe00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

73 %
IPv6

18
Domains

27
Subdomains

26
IPs

3
Countries

1872 kB
Transfer

5979 kB
Size

11
Cookies

70 HTTP transactions
0 data transactions