sign.moveon.org Open in urlscan Pro
2606:4700:10::ac43:1d35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sign.moveon.org/
Effective URL:
https://sign.moveon.org/
Submission: On December 04 via api (December 4th 2023, 2:18:17 am UTC) from US — Scanned from DE

Summary HTTP 75 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 75 HTTP transactions. The main IP is 2606:4700:10::ac43:1d35, located in United States and belongs to CLOUDFLARENET, US. The main domain is sign.moveon.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2023. Valid for: a year.

This is the only time sign.moveon.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:2661	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 32	2606:4700:10:... 2606:4700:10::ac43:1d35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:ab0... 2a02:26f0:ab00:480::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	108.157.5.209 108.157.5.209	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	184.30.214.197 184.30.214.197	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	35.160.35.184 35.160.35.184	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.22.62.210 52.22.62.210	14618 (AMAZON-AES) (AMAZON-AES)
75	18

1 2606:4700:10::6816:2661 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sign.moveon.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:10::ac43:1d35 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sign.moveon.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.controlshift.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.controlshift.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00:480::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.157.5.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-5-209.dus51.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.214.197 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-214-197.deploy.static.akamaitechnologies.com

a17053551565.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.35.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-35-184.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.62.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-62-210.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	moveon.org 2 redirects sign.moveon.org	317 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	469 KB
8	segment.com cdn.segment.com — Cisco Umbrella Rank: 1681	67 KB
7	controlshift.app static.controlshift.app images.controlshift.app	480 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	43 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	35 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	124 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	257 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 774 a17053551565.cdn.optimizely.com logx.optimizely.com — Cisco Umbrella Rank: 1439	99 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	216 B
1	google.de www.google.de — Cisco Umbrella Rank: 6765	455 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1340	174 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
75	15

	Domain	Requested by
26	sign.moveon.org	2 redirects sign.moveon.org static.cloudflareinsights.com
8	cdn.segment.com	sign.moveon.org cdn.segment.com
6	www.google-analytics.com	cdn.segment.com www.google-analytics.com www.googletagmanager.com
5	static.controlshift.app	sign.moveon.org
4	www.gstatic.com	www.google.com www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.google.com	sign.moveon.org www.gstatic.com www.google.com
3	connect.facebook.net	sign.moveon.org connect.facebook.net
3	www.googletagmanager.com	cdn.segment.com www.googletagmanager.com
2	www.facebook.com	sign.moveon.org
2	stats.g.doubleclick.net	www.google-analytics.com
2	images.controlshift.app	sign.moveon.org
1	logx.optimizely.com	cdn.optimizely.com
1	www.google.de	sign.moveon.org
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	api.segment.io	cdn.segment.com
1	a17053551565.cdn.optimizely.com	cdn.optimizely.com
1	static.cloudflareinsights.com	sign.moveon.org
1	cdn.optimizely.com	sign.moveon.org
1	fonts.googleapis.com	sign.moveon.org
75	20

This site contains links to these domains. Also see Links.

Domain
www.moveon.org
act.moveon.org
front.moveon.org
petitions.moveon.org
facebook.com
www.twitter.com

Subject Issuer	Validity	Valid
sign.moveon.org Cloudflare Inc ECC CA-3	`2023-06-04` - `2024-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
controlshift.app GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2023-02-26` - `2024-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-12` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
logx.optimizely.com Amazon RSA 2048 M01	`2023-06-24` - `2024-07-22`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://sign.moveon.org/
Frame ID: 397F235A935E103A022709DD4CC71DEF
Requests: 65 HTTP requests in this frame

Frame: https://a17053551565.cdn.optimizely.com/client_storage/a17053551565.html
Frame ID: 547A956F456B7319EC6F4AEA0185BDEF
Requests: 1 HTTP requests in this frame

Frame: https://sign.moveon.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: AFA227393422458D395D87F26464A46F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LclPNkZAAAAAGl0JmNEkEgCxgy1bd01rDVle4OH&co=aHR0cHM6Ly9zaWduLm1vdmVvbi5vcmc6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=rw6jdlwb2530
Frame ID: 6447718D895DBE4D4156ACF0C4542BB8
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MoveOn

Page URL History Show full URLs

http://sign.moveon.org/ HTTP 301
https://sign.moveon.org/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

75
Requests

99 %
HTTPS

79 %
IPv6

15
Domains

20
Subdomains

18
IPs

3
Countries

1901 kB
Transfer

4676 kB
Size

11
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.moveon.org/?utm_source=petitions&source=petitions

Search URL Search Domain Scan URL

URL: https://act.moveon.org/donate/pac-petition-fr?donation_type=recurring&recurring=1&source=petition_nav
Title: Donate

Search URL Search Domain Scan URL

URL: https://front.moveon.org/volunteer-with-moveon/?source=petition_nav
Title: Volunteer

Search URL Search Domain Scan URL

URL: https://petitions.moveon.org/campaign_tips.html?source=front_CSL&utm_source=front&utm_content=CSL
Title: Campaign tips

Search URL Search Domain Scan URL

URL: https://petitions.moveon.org/organizations.html?source=petitionshomepage
Title: Click here to learn more about partnering with us.

Search URL Search Domain Scan URL

URL: https://act.moveon.org/signup/signup?utm_source=petitionfooter
Title: Sign Up for Emails

Search URL Search Domain Scan URL

URL: https://front.moveon.org/frequently-asked-questions-and-contact-information-2/?utm_source=petitionfooter
Title: FAQs

Search URL Search Domain Scan URL

URL: https://front.moveon.org/privacy-policy/?utm_source=petitionfooter
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://act.moveon.org/survey/get-texts-moveon?utm_source=petitionfooter
Title: Sign Up For SMS

Search URL Search Domain Scan URL

URL: https://front.moveon.org/frequently-asked-questions/?utm_source=petitionfooter
Title: Petition Inquiries

Search URL Search Domain Scan URL

URL: https://petitions.moveon.org/organizations.html?utm_source=petitionfooter
Title: Partner With Us

Search URL Search Domain Scan URL

URL: https://act.moveon.org/survey/press/?utm_source=petitionfooter
Title: Press Inquiries

Search URL Search Domain Scan URL

URL: https://facebook.com/moveon

Search URL Search Domain Scan URL

URL: https://www.twitter.com/@moveon

Search URL Search Domain Scan URL

URL: https://act.moveon.org/signup/signup?utm_source=petitionfooter.mobile
Title: Sign Up For Emails

Search URL Search Domain Scan URL

URL: https://front.moveon.org/frequently-asked-questions-and-contact-information-2/?utm_source=petitionfooter.mobile
Title: FAQs

Search URL Search Domain Scan URL

URL: https://front.moveon.org/privacy-policy/?source=petitionfooter.mobile
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://act.moveon.org/survey/get-texts-moveon?utm_source=petitionfooter.mobile
Title: Sign Up For SMS

Search URL Search Domain Scan URL

URL: https://petitions.moveon.org/feedback.html?utm_source=petitionfooter.mobile
Title: Petition Inquiries

Search URL Search Domain Scan URL

URL: https://petitions.moveon.org/organizations.html?utm_source=petitionfooter.mobile
Title: Partner With Us

Search URL Search Domain Scan URL

URL: https://act.moveon.org/survey/press/?utm_source=petitionfooter.mobile
Title: Press Inquiries

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sign.moveon.org/ HTTP 301
https://sign.moveon.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://sign.moveon.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://sign.moveon.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sign.moveon.org/
Redirect Chain

http://sign.moveon.org/
https://sign.moveon.org/

30 KB
12 KB

246ms
224ms

Document
text/html

2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sign.moveon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26e3edddb6d07f337b1ccf1352308aed3b1e1763bfa6cdc873e682fc2d17c81e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
cf-cache-status: BYPASS
cf-ray: 83008eb2ca9e9bbc-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 02:18:12 GMT
feature-policy: camera 'none'; gyroscope 'none'; microphone 'none'; usb 'none'; fullscreen 'none'; payment 'none'
link: <https://sign.moveon.org/packs/css/phoenix-200e20dc.css>; rel=preload; as=style; nopush
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 1947aa94-0f7c-4b45-9e29-de7c8d316c3c
x-runtime: 0.095678
x-xss-protection: 0

Redirect headers

CF-Cache-Status: EXPIRED
CF-RAY: 83008eb14c289b8c-FRA
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Dec 2023 02:18:12 GMT
Feature-Policy: camera 'none'; gyroscope 'none'; microphone 'none'; usb 'none'; fullscreen 'none'; payment 'none'
Location: https://sign.moveon.org/
Referrer-Policy: strict-origin-when-cross-origin
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 0b3e58c1-e499-4261-89fe-181ca2f169f2
X-Runtime: 0.007644
X-XSS-Protection: 0

GET
H2 200 phoenix-200e20dc.css
sign.moveon.org/packs/css/ 10 KB
2 KB 18ms
17ms Stylesheet
text/css 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/css/phoenix-200e20dc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 834f40f4845a6829e2d3e948f9efc226eb7be75ac5f614473dd86c66265cefca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 14:17:59 GMT
server: cloudflare
age: 2250074
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 83008eb43bbd9bbc-FRA

GET
H2 200 agra-89c478301c1e5de57e3c2d0d2c0c41c75d5b913355ed6be32f7aac72436b6c34.woff2
sign.moveon.org/assets/agra/ 11 KB
11 KB 22ms
21ms Font
application/octet-stream 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/assets/agra/agra-89c478301c1e5de57e3c2d0d2c0c41c75d5b913355ed6be32f7aac72436b6c34.woff2
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2e146d601231128cf9f2966234fdc597f918905111e5605ded64f4bb867edb

Request headers

Referer: https://sign.moveon.org/
Origin: https://sign.moveon.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 19:32:33 GMT
server: cloudflare
age: 341164
etag: "6421ef51-2a6c"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 83008eb43bc29bbc-FRA
content-length: 10860
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 59ms
23ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&family=Roboto+Condensed&display=swap

Requested by

Host: sign.moveon.org
URL: https://sign.moveon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

701293bbb4e4f47e4d6df90a73302aed675608cf1837842591bbed555f30d5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 01:59:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 02:18:12 GMT

GET
H2 200 application_phoenix-95efa6dce5b44f887418cd66a46f8045f41aad55b80f4152ed569a81de51f2c8.css
sign.moveon.org/assets/organisations/moveon/ 234 KB
37 KB 18ms
18ms Stylesheet
text/css 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/assets/organisations/moveon/application_phoenix-95efa6dce5b44f887418cd66a46f8045f41aad55b80f4152ed569a81de51f2c8.css
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b16b7449f4f876cf5610850bda1bfab2cdf6b4fe71092570ef58343ab4d95ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 15:29:08 GMT
server: cloudflare
age: 344013
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=31556952
accept-ranges: bytes
cf-ray: 83008eb43bc09bbc-FRA
content-length: 38065

GET
H2 200 runtime-094917f8b11846eedbd1.js Show response
sign.moveon.org/packs/js/ 22 KB
11 KB 27ms
24ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/runtime-094917f8b11846eedbd1.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f7b9c541486befc6e81aad9faf2c2f0827a5b9f02f39d0703a4861f8b8c62dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 18:14:01 GMT
server: cloudflare
age: 187487
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb4fc469bbc-FRA

GET
H2 200 4534-1c149d0466d9f13e5ce2.js Show response
sign.moveon.org/packs/js/ 16 KB
6 KB 33ms
31ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/4534-1c149d0466d9f13e5ce2.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a0c0340b4f7fd21efb7cf8dc22ca76a5a390bb1804ed9f1904336c169c9c3ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 14:27:01 GMT
server: cloudflare
age: 1057688
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb4fc499bbc-FRA

GET
H2 200 3650-8f340d32778816fe7c28.js Show response
sign.moveon.org/packs/js/ 236 KB
83 KB 25ms
23ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/3650-8f340d32778816fe7c28.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3d6ad28f17701cfe25336cdf29b147659262af781ad4dd67837f7536794dec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 18:12:52 GMT
server: cloudflare
age: 189446
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb4fc4a9bbc-FRA

GET
H2 200 3241-a3f4b5be1d58f12d904d.js Show response
sign.moveon.org/packs/js/ 9 KB
3 KB 19ms
17ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/3241-a3f4b5be1d58f12d904d.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a329ba2514819799ea9dc291921b8f2305376e9f1d2eae105001c5883d0a8d7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 18:00:27 GMT
server: cloudflare
age: 1710708
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb4fc4c9bbc-FRA

GET
H2 200 6459-51aaab9dcbb27afd8751.js Show response
sign.moveon.org/packs/js/ 371 KB
75 KB 28ms
26ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/6459-51aaab9dcbb27afd8751.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4899deb0401ae6ca6dca316b274ff0b1b7b69117cbc9d48fed8784e993a5fb5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 21:08:00 GMT
server: cloudflare
age: 427076
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb4fc4e9bbc-FRA

GET
H2 200 3699-6b8312ba69258c02fea9.js Show response
sign.moveon.org/packs/js/ 24 KB
8 KB 23ms
22ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/3699-6b8312ba69258c02fea9.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e5bc70675d5b15336c22900569d6c476cd684b4228c15ee1539f5c2cd569dc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 15:29:08 GMT
server: cloudflare
age: 501159
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb4fc509bbc-FRA

GET
H2 200 6558-f83f179867c4d030dcb2.js Show response
sign.moveon.org/packs/js/ 37 KB
10 KB 25ms
23ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/6558-f83f179867c4d030dcb2.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e60ea4b61a98023e0d22a55054bfb85f777a16a5a69f1e8bab54968977eecb70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 15:29:08 GMT
server: cloudflare
age: 249205
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb4fc529bbc-FRA

GET
H2 200 phoenix-c86518dd5c7e9ea61da8.js Show response
sign.moveon.org/packs/js/ 43 KB
15 KB 31ms
29ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/phoenix-c86518dd5c7e9ea61da8.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0452e97c1a2631eea2dfbe463c07c86d9bb3a24734a1ec096e35403e4ad8faeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 18:41:56 GMT
server: cloudflare
age: 257692
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb4fc539bbc-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 64ms
28ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LclPNkZAAAAAGl0JmNEkEgCxgy1bd01rDVle4OH

Requested by

Host: sign.moveon.org
URL: https://sign.moveon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

111b0940e995e0847ed2e2724735d420885c1c002cb778a161c79ff0dc361e33

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 04 Dec 2023 02:18:12 GMT

GET
H2 200 17163910351.js Show response
cdn.optimizely.com/js/ 329 KB
96 KB 55ms
16ms Script
text/javascript 2a02:26f0:ab00:480::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/17163910351.js

Requested by

Host: sign.moveon.org
URL: https://sign.moveon.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:480::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f392a126c8f5a8a217baa8adfdb292d70e113fff6ede62b714c3ccec33c6731

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: SLLw7n763L2d.ImdYjcOQNshTxBAXT_i
content-encoding: gzip
date: Mon, 04 Dec 2023 02:18:12 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: ZJGVY2NE0PFS8MV2
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 7493
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2a02:26f0:ab00:480::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1701656292543_1551554380_226760228_676_1866_6_11_219";dur=1
content-length: 97751
x-amz-id-2: P5mmz4q1ELBmTCn/NmCKCkVcMUQitfLDC8V0/j2IQG5mG8ntQncvUua9v3lCIjNEUAOyZbJqpe0=
last-modified: Thu, 16 Nov 2023 21:40:28 GMT
server: AmazonS3
etag: "0701797716439773f30f63b7ae90cf37"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 home.css
sign.moveon.org/styles/none-none-6b5656697c8ffee89aa6ccda86617be452191cd1/ 7 KB
2 KB 20ms
20ms Stylesheet
text/css 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sign.moveon.org/styles/none-none-6b5656697c8ffee89aa6ccda86617be452191cd1/home.css

Requested by

Host: sign.moveon.org
URL: https://sign.moveon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70918b624b15282f49be1c545a168b201fdd2119652d11a9f3d7fa7f5ec3deb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
x-permitted-cross-domain-policies: none
age: 161785
x-xss-protection: 0
x-request-id: 68d73870-675c-4582-b6dd-d4befad2c30f
x-runtime: 0.091816
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"70918b624b15282f49be1c545a168b20"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31556952, public
cf-ray: 83008eb43bc19bbc-FRA

GET
H2 200 moveon-logo_%281%29.png
static.controlshift.app/organisation_logos/logos/527/ 11 KB
11 KB 90ms
20ms Image
image/png 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.controlshift.app/organisation_logos/logos/527/moveon-logo_%281%29.png?1564772236
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18788e1296fdeaee63bee0924b58fb84681d42a5f37ecff75f376461beb32318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P7
age: 659702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11347
last-modified: Fri, 02 Aug 2019 18:57:17 GMT
server: cloudflare
etag: "ad433e2ce9c50cd5d56b8c7957dbc7d9"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1314000
accept-ranges: bytes
cf-ray: 83008eb4ab6618b3-FRA
x-amz-cf-id: sUDZ6y1J4fBt-05J6MoevRM2KafC9_9G110Q5eUfIQgH33fyPjE1ng==

GET
H2 200 photos-from-corporate-corruption-rally-livonia-michigan--august-10-2010-from-dr-allan-bramson-and-jill-farber-bramson_4882178091_o.jpg
static.controlshift.app/stories/images/843/hero/ 69 KB
69 KB 91ms
21ms Image
image/jpeg 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.controlshift.app/stories/images/843/hero/photos-from-corporate-corruption-rally-livonia-michigan--august-10-2010-from-dr-allan-bramson-and-jill-farber-bramson_4882178091_o.jpg?1662664550
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9472d71c94bd6f712694b78adfd398b36c8a698b478651247d7615c25d644255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C1
age: 386473
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70482
cf-bgj: h2pri
last-modified: Thu, 08 Sep 2022 19:15:51 GMT
server: cloudflare
etag: "5ef96c934f23f92d9317e575d5173871"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1314000
accept-ranges: bytes
cf-ray: 83008eb4ab6718b3-FRA
x-amz-cf-id: VJtFDkfMSuxjo5rg3ucB3NKKt5a4WjxRvXz5f6mG2_d-TToUtgSW4g==

GET
H2 200 climate_crisis_petition.jpg
static.controlshift.app/stories/images/844/hero/ 18 KB
18 KB 24ms
24ms Image
image/jpeg 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.controlshift.app/stories/images/844/hero/climate_crisis_petition.jpg?1662666851
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c846595ac9d13f8fd4786aa58152f35b24da774eef208b58c6e80c6cadae3255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18370
cf-bgj: h2pri
last-modified: Thu, 08 Sep 2022 19:54:12 GMT
server: cloudflare
etag: "cde6b698148b5f63911217b43604255a"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1314000
accept-ranges: bytes
cf-ray: 83008eb4fba518b3-FRA
x-amz-cf-id: lgmyCzF2K-06LpQyAJ_FRyMOBMxRKHNaoOxEjLzC0LvDu4Orx62fUQ==

GET
H2 200 studentdebt.JPG
static.controlshift.app/stories/images/880/hero/ 230 KB
231 KB 26ms
26ms Image
image/jpeg 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.controlshift.app/stories/images/880/hero/studentdebt.JPG?1662666184
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c9ab65332bbbef959488519689858907817726036e9df3dffc503914ed7e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 235921
cf-bgj: h2pri
last-modified: Thu, 08 Sep 2022 19:43:05 GMT
server: cloudflare
etag: "036225c3e4c771e59c5db69f885085f3"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1314000
accept-ranges: bytes
cf-ray: 83008eb4fba618b3-FRA
x-amz-cf-id: cIUvqL7nrFd8nRD5rHQ82gd12QArlgYqLI5gt3c8xDLrKsDtR_1KSg==

GET
H2 200 IMG_9808.jpg
static.controlshift.app/efforts/images/1400/hero/ 26 KB
26 KB 22ms
20ms Image
image/jpeg 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.controlshift.app/efforts/images/1400/hero/IMG_9808.jpg?1689090718
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20eeabc2979d513328b657059be8ea6bde6f5ea0318aaccec59c80368857bd71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
via: 1.1 40fb5e8791e3cb1337e56d76d11ee8fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: AMS58-P3
age: 114695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26867
cf-bgj: h2pri
last-modified: Tue, 11 Jul 2023 15:52:01 GMT
server: cloudflare
etag: "1a41c5ea46baf6472179e6bc40cd2682"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1314000
accept-ranges: bytes
cf-ray: 83008eb4fbab18b3-FRA
x-amz-cf-id: xnffwSroB8uq28dJkm4Bm3t7pYcYahIOjgAdaEPMva-bsrQVy5EWjQ==

GET
H2 200 Screen%20Shot%202023-10-16%20at%205.58.27%20PM.png
images.controlshift.app/rails/active_storage/representations/proxy/eyJfcmFpbHMiOnsiZGF0YSI6Mzg0Nzg5LCJwdXIiOiJibG9iX2lkIn19--593de1ee83bcba41ee9c47a7483ee3a8bb3ef89d/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3J... 97 KB
98 KB 76ms
21ms Image
image/png 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.controlshift.app/rails/active_storage/representations/proxy/eyJfcmFpbHMiOnsiZGF0YSI6Mzg0Nzg5LCJwdXIiOiJibG9iX2lkIn19--593de1ee83bcba41ee9c47a7483ee3a8bb3ef89d/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJwbmciLCJjcm9wIjoiNzE2eDI5NiswKzUzIiwicmVzaXplX3RvX2xpbWl0IjpbMzMwLDMzMF19LCJwdXIiOiJ2YXJpYXRpb24ifX0=--7f626df8356beeb972e143f322b30dd786861e5a/Screen%20Shot%202023-10-16%20at%205.58.27%20PM.png
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a3c86a10b63fa40538bfcb7c9b7d5e351428d7056de614ebaf4e332fef48040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-runtime: 0.112773
date: Mon, 04 Dec 2023 02:18:12 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Jan 2011 00:00:00 GMT
server: cloudflare
age: 378143
etag: W/"390e10bf48695bac2a23d5faf8a14d2d"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=3155695200, public
content-disposition: inline; filename="Screen Shot 2023-10-16 at 5.58.27 PM.png"; filename*=UTF-8''Screen%20Shot%202023-10-16%20at%205.58.27%20PM.png
cf-ray: 83008eb54bd818b3-FRA
x-request-id: 32d2ba17-bd9e-4a51-9353-1e68bbb7bed0

GET
H2 200 jahnavi.jpg
images.controlshift.app/rails/active_storage/representations/proxy/eyJfcmFpbHMiOnsiZGF0YSI6Mzc3OTAwLCJwdXIiOiJibG9iX2lkIn19--8b00466b14c01a46b86cda734adf4d5789ac6013/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3J... 26 KB
26 KB 174ms
120ms Image
image/jpeg 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.controlshift.app/rails/active_storage/representations/proxy/eyJfcmFpbHMiOnsiZGF0YSI6Mzc3OTAwLCJwdXIiOiJibG9iX2lkIn19--8b00466b14c01a46b86cda734adf4d5789ac6013/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJqcGciLCJyZXNpemVfdG9fbGltaXQiOlszMzAsMzMwXX0sInB1ciI6InZhcmlhdGlvbiJ9fQ==--9c979735d9c19dd7312ff25edc4893c23546ccd9/jahnavi.jpg
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c17d3efb133d2bdb7886f8556520eb67b925a7d7e027fcc2dac8a062b6522931

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-runtime: 0.174651
date: Mon, 04 Dec 2023 02:18:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 01 Jan 2011 00:00:00 GMT
server: cloudflare
etag: W/"f46a4fc43251cc1ba2905cf7350bd3de"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=3155695200, public
content-disposition: inline; filename="jahnavi.jpg"; filename*=UTF-8''jahnavi.jpg
cf-ray: 83008eb54bda18b3-FRA
x-request-id: 0d6ffb03-b53d-4f03-90a2-1ac80df6a20b

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 64ms
48ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://sign.moveon.org/
Origin: https://sign.moveon.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83008eb51f8a1c32-FRA

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/ 107 KB
29 KB 65ms
15ms Script
text/javascript 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/analytics.min.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04ef1042ee6d7d0965b6ede55d8e9981464e5744915fc70386b16da558401e38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: KYVIya_ZQB65JFOlOnuEv_O3UalANyaw
content-encoding: br
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
date: Mon, 04 Dec 2023 02:16:57 GMT
x-amz-cf-pop: DUS51-P2
age: 76
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Nov 2023 23:38:17 GMT
server: AmazonS3
etag: W/"7cf43f760a52417b5d40c31b1788284e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: pkBaD_3kTEHi-JyLmMU0W0jm0nuwZONtclCFy_j-aXe6aEUI_uLx-Q==

GET
H2 200 7122-f1d2d3100dfab761708b.chunk.js Show response
sign.moveon.org/packs/js/ 441 B
414 B 18ms
17ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/7122-f1d2d3100dfab761708b.chunk.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/packs/js/runtime-094917f8b11846eedbd1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f9fffae0b7eb902585fb753438257300b96fcb6b4ddac4b367cf88b47072ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 15:49:37 GMT
server: cloudflare
age: 1553284
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb55c7c9bbc-FRA

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 20 KB
20 KB 50ms
16ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&family=Roboto+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sign.moveon.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:23 GMT
x-content-type-options: nosniff
age: 207529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 45ms
12ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&family=Roboto+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sign.moveon.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 132063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
H2 200 a17053551565.html Show response
a17053551565.cdn.optimizely.com/client_storage/ Frame 547A 2 KB
2 KB 173ms
125ms Document
text/html 184.30.214.197
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a17053551565.cdn.optimizely.com/client_storage/a17053551565.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/17163910351.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.214.197 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-214-197.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

ea796b7867eb12b6e9a9c277c35ea1f709595477761a15afcf0ccfd04f5bf336

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://sign.moveon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 858
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 02:18:12 GMT
etag: "1c383ec70372e188b9c3002227fba0f9"
last-modified: Thu, 16 Nov 2023 21:40:10 GMT
server: AmazonS3
server-timing: cdn-cache; desc=REVALIDATE edge; dur=16 origin; dur=98 cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="184.30.214.197";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1701656292755_388358892_1956353163_11415_1807_6_9_255";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: 0zYlqaqvx9yyfsOD0gJKRtnP/U7lIfNBRUar7IkHk/FYR22LKR12zc+f/tCbwep85eWr2BTKidU=
x-amz-meta-pci_enabled: False
x-amz-replication-status: PENDING
x-amz-request-id: M7QJKCSMBCZ0JHBM
x-amz-server-side-encryption: AES256
x-amz-version-id: HtOiXNsp9i6TDRJpRiybsyHo1Hwo4Kfo

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 61ms
25ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LclPNkZAAAAAGl0JmNEkEgCxgy1bd01rDVle4OH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sign.moveon.org/
Origin: https://sign.moveon.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 22:45:52 GMT

GET
H2

200

main.js Show response
sign.moveon.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame AFA2
Redirect Chain

https://sign.moveon.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://sign.moveon.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 KB
4 KB

13ms
13ms

Script
application/javascript

2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sign.moveon.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Requested by

Host: sign.moveon.org
URL: https://sign.moveon.org/

Protocol

Server

2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e28565137a16990fe643598b66af8e547661fbe0a9b2b2a13d50c3ebd83225e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83008eb5acb19bbc-FRA

Redirect headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 83008eb58ca29bbc-FRA

GET
H2 200 290-065799b4168cf533946a.chunk.js Show response
sign.moveon.org/packs/js/ 89 KB
28 KB 28ms
28ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/290-065799b4168cf533946a.chunk.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/packs/js/runtime-094917f8b11846eedbd1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84cdbbb7273eb8ee2ce9923696b2db49279a9f9bfbb69fc2af9326208c52e4b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 15:29:08 GMT
server: cloudflare
age: 430531
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb58ca59bbc-FRA

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/ 2 KB
1 KB 36ms
16ms Fetch
application/json 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f286c014ab790449b296f1cf5e6a1b0b5d58bff816b4d7406df8ae2e8dc84986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: XKMowiCyRcscgfufI7yPUKA64sV9HdWf
content-encoding: br
via: 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
date: Mon, 04 Dec 2023 02:18:12 GMT
x-amz-cf-pop: DUS51-P2
age: 76
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 14 Apr 2023 17:58:23 GMT
server: AmazonS3
etag: W/"a7758820b7795a035d51e90d00aa25d4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: H2M2iKi4QzSsXR1mhbGU4IX6VGj4bQ7YuFGoVmAJSTSW1RzP2TX4jw==

GET
H2 200 1781-faaf563d.css
sign.moveon.org/packs/css/ 1 KB
621 B 17ms
17ms Stylesheet
text/css 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/css/1781-faaf563d.css
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/packs/js/runtime-094917f8b11846eedbd1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 237786e2dd1a3616553769138d75139dbe4af6b697dc310571fd768488bf3d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Oct 2023 11:56:19 GMT
server: cloudflare
age: 427076
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 83008eb5ccc39bbc-FRA

GET
H2 200 ajax-error-toast-e9a5bfd764a6ca3204c5.chunk.js Show response
sign.moveon.org/packs/js/ 4 KB
2 KB 21ms
21ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/ajax-error-toast-e9a5bfd764a6ca3204c5.chunk.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/packs/js/runtime-094917f8b11846eedbd1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbc51cfec3f1ec46f42d2410725fdd0d84c8598067fbdd55629817b3c1ae4ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 15:29:08 GMT
server: cloudflare
age: 427076
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb5ccc49bbc-FRA

GET
H2 200 7575-54387ff3b9311c39732c.chunk.js Show response
sign.moveon.org/packs/js/ 2 KB
1 KB 18ms
18ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/7575-54387ff3b9311c39732c.chunk.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/packs/js/runtime-094917f8b11846eedbd1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 397435ea23568c8198e727a9d2311b49479a75242aaf86386dae0eff9d8f6331

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 15:29:08 GMT
server: cloudflare
age: 418397
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb5ccc89bbc-FRA

GET
H2 200 9788-b8cbfcd27a986cdc208c.chunk.js Show response
sign.moveon.org/packs/js/ 20 KB
6 KB 19ms
19ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/9788-b8cbfcd27a986cdc208c.chunk.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/packs/js/runtime-094917f8b11846eedbd1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df780fdc63064843e3d362eb254d987f5c8dfcc63c02910fc8f30e0ed4682c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 18:47:24 GMT
server: cloudflare
age: 414532
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb5ccc99bbc-FRA

GET
H2 200 5124-8e0a19bc4c55616e0daf.chunk.js Show response
sign.moveon.org/packs/js/ 372 B
328 B 20ms
20ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/5124-8e0a19bc4c55616e0daf.chunk.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/packs/js/runtime-094917f8b11846eedbd1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 885017ad6320c03cf04e6586f6dd84955aed2fb93b5e45fa7e1bc933f8cbf5f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 15:49:37 GMT
server: cloudflare
age: 1983917
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb5ccca9bbc-FRA

GET
H2 200 5693-63e4219bdb28f9976c3d.chunk.js Show response
sign.moveon.org/packs/js/ 652 B
482 B 36ms
36ms Script
application/javascript 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/packs/js/5693-63e4219bdb28f9976c3d.chunk.js
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/packs/js/runtime-094917f8b11846eedbd1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e139ba2537b0ab6476d6c195e0270dff7854007a615c2cbd4b866f4b90523066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 18:00:27 GMT
server: cloudflare
age: 418397
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 83008eb5cccb9bbc-FRA

POST
H2 200 83008eb2ca9e9bbc Show response
sign.moveon.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame AFA2 0
253 B 30ms
30ms XHR
text/plain 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sign.moveon.org/cdn-cgi/challenge-platform/h/b/jsd/r/83008eb2ca9e9bbc
Requested by: Host: sign.moveon.org
URL: https://sign.moveon.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 04 Dec 2023 02:18:12 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 83008eb64d179bbc-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 ajs-destination.bundle.13362ca512563a10e34d.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 10ms
10ms Script
application/javascript 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:48:28 GMT
x-amz-version-id: p6tk_itArJhm1.zmwaH5aXhODx_TUmzt
content-encoding: br
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 1574985
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 Nov 2023 20:12:01 GMT
server: AmazonS3
etag: W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: skMs24rgwBMbX9Nour3xcK4KUppBlkV_8-gELhEPIt_3mhgEX1PPWg==

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6447 59 KB
34 KB 37ms
36ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LclPNkZAAAAAGl0JmNEkEgCxgy1bd01rDVle4OH&co=aHR0cHM6Ly9zaWduLm1vdmVvbi5vcmc6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=rw6jdlwb2530

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91b4002d924baf9af631bc467ace585716b481db03f38d73379fb55812b1b097

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RVJr1UlbALI6sAgcPNDGCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sign.moveon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RVJr1UlbALI6sAgcPNDGCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 02:18:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 10ms
10ms Script
application/javascript 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:37:17 GMT
x-amz-version-id: Q83vlLXgyWB6DuTGnFxHLMCEzu8jknn5
content-encoding: br
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 5359256
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 03 Oct 2023 01:26:38 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: IkSnnZeMRAvA-11trn9gXdvExUOfXadRdwvPwyj1zuYCQndbzORuPw==

GET
H2 200 google-analytics.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 11ms
10ms Script
application/javascript 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:00:41 GMT
content-encoding: gzip
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
x-amz-version-id: K4QGNkPJBd_QhAl8Ep7SDksdcNN7fIa5
x-amz-cf-pop: DUS51-P2
age: 2697451
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4743
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "36786f75981fc0efd629c4a89e1c78ec"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: -9dyMRTp1w-6rs73pDEynM0w-qsCr3p9_XuA8k_BlvWuXny9cDPaiA==

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 12ms
12ms Script
application/javascript 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 23:02:23 GMT
content-encoding: gzip
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
x-amz-version-id: iBgkeROQ82ipYgPNwFnoDehQ.U3dPJg.
x-amz-cf-pop: DUS51-P2
age: 2085350
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1342
last-modified: Wed, 18 Oct 2023 10:36:34 GMT
server: AmazonS3
etag: "a1bed0458702cf863f2d24fb1b9d39ae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 7njkLHGOK283aj-dpuxDvOSwIY2Cy8g_Ky3OeguiUnPCf4OPfmikfA==

GET
H2 200 optimizely.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/optimizely/3.5.1/ 7 KB
3 KB 13ms
13ms Script
application/javascript 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/optimizely/3.5.1/optimizely.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cae962a70d36874622214e00e5f0da33974facafc55fb443757d8615359c413a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:16:06 GMT
content-encoding: gzip
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
x-amz-version-id: s0AbxZuU1njw0FpJQJX8uMl6Hxc1clAs
x-amz-cf-pop: DUS51-P2
age: 6588127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2586
last-modified: Wed, 06 Sep 2023 07:09:31 GMT
server: AmazonS3
etag: "6ac19b71da72b08483644c17ed6a4986"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: -Hti1OX7WYjiwuweVenS2b8XsNR1MEWfmzhtan63UoX1gOkzLFSq_A==

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 11ms
10ms Script
application/javascript 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 13:42:51 GMT
content-encoding: gzip
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
x-amz-version-id: uOfxQOMLwdt.eKHcMs4MBn7QUxA0mLtL
x-amz-cf-pop: DUS51-P2
age: 2291722
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Wed, 18 Oct 2023 10:36:32 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: NIp7SciwIJgAlddcQ3Z3422ih2FZkkPnmkP7pW85oQ1-xdvExbTOOA==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 6447 55 KB
24 KB 62ms
13ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LclPNkZAAAAAGl0JmNEkEgCxgy1bd01rDVle4OH&co=aHR0cHM6Ly9zaWduLm1vdmVvbi5vcmc6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=rw6jdlwb2530

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 23:09:14 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 6447 468 KB
188 KB 74ms
25ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 22:45:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 285 KB
95 KB 67ms
33ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WBC8W2D&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b1485791a31330fb1e4954773cc3cbb8c0290e790a8a666f900fec9ecc8159c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97025
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Dec 2023 02:18:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 46ms
12ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 00:31:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6393
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 02:31:40 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
174 B 537ms
174ms Fetch
application/json 35.160.35.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-35-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sign.moveon.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sign.moveon.org
date: Mon, 04 Dec 2023 02:18:13 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 01:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Dec 2023 02:31:34 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 19ms
19ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=946043016&t=pageview&_s=1&dl=https%3A%2F%2Fsign.moveon.org%2F&dp=%2F&ul=en-us&de=UTF-8&dt=MoveOn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAACgCIAB~&jid=1835215488&gjid=646594535&cid=1732057547.1701656293&tid=UA-219336-2&_gid=455955716.1701656293&_r=1&_slc=1&z=2012643661

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sign.moveon.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 02:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sign.moveon.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-219336-2&cid=1732057547.1701656293&jid=1835215488&gjid=646594535&_gid=455955716.1701656293&_u=aGBAAEAiAAAAACgCIAB~&z=1077656087

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sign.moveon.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Dec 2023 02:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sign.moveon.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6447 2 KB
2 KB 13ms
13ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:21:55 GMT
x-content-type-options: nosniff
age: 222978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 08 Dec 2023 12:21:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6447 15 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 269477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6447 15 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 364606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6447 102 B
135 B 22ms
22ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LclPNkZAAAAAGl0JmNEkEgCxgy1bd01rDVle4OH&co=aHR0cHM6Ly9zaWduLm1vdmVvbi5vcmc6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=rw6jdlwb2530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 04 Dec 2023 02:18:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-75F6DH82Y3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBC8W2D&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef5be41e1c077afb77266a08382b147a88a99ab441579933a97bdad7490c5954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90148
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 02:18:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
74 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10996543832&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBC8W2D&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f2e3faf8f1a0bd7ea7d27005850f5bfacd3dd90c116310b2af1039ae3190831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:18:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75489
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Dec 2023 02:18:13 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 25ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sign.moveon.org
URL: https://sign.moveon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Dec 2023 02:18:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: private
x-fb-debug: bnNOss/n3I1mhCdVCV+LBPxxdrmixpb8FD+O4ifQT7bbZF6ExxL840/t9bT+KXTTg+MWaE8WgmLASTI3rNpBMw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: private
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 359453895797049 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 76ms
75ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/359453895797049?v=2.9.138&r=stable&domain=sign.moveon.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac4a8f6d34b0ffb1c2d2f9d19680021223c1c353a955ac2be695ec55609d8575

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Dec 2023 02:18:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: b7b4G+yEHVA0VOtnYHsZ2qZLEETSG7BYCin85w9MFtDpgJcs1srEnmXCOu2RDnEQFQDz4kVoFYWvPt/j6/82zg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10996543832/ 3 KB
2 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10996543832/?random=1701656293206&cv=11&fst=1701656293206&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9167192223z8812234648&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsign.moveon.org%2F&hn=www.googleadservices.com&frm=0&tiba=MoveOn&auid=679829842.1701656293&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10996543832&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c8d1d55c3f56e5cf22456a2910f09a7ff23f08cc99dd222b72aadd1667043ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 02:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1259
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 418774302312798 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/418774302312798?v=2.9.138&r=stable&domain=sign.moveon.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e44ab982c261e27968def99cfcb51eed4a09b362dda063ddc5e2a84189ef327

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Dec 2023 02:18:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Ticvs7kN4jE16eD+DkxyjadI0/ZfQCOV5Y86T0W1YuAzSv7sA4hq940rKbXhrx/zSjN4favsAQXoMiXEHHoE0g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10996543832/ 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10996543832/?random=1701656293206&cv=11&fst=1701655200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9167192223z8812234648&u_w=1600&u_h=1200&url=https%3A%2F%2Fsign.moveon.org%2F&frm=0&tiba=MoveOn&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNWuzQzEi7RXxsa3lsLAGVF_6GWLPJNg&random=715179255&rmt_tld=0&ipr=y

Requested by

Host: sign.moveon.org
URL: https://sign.moveon.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 02:18:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10996543832/ 42 B
455 B 62ms
26ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10996543832/?random=1701656293206&cv=11&fst=1701655200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9167192223z8812234648&u_w=1600&u_h=1200&url=https%3A%2F%2Fsign.moveon.org%2F&frm=0&tiba=MoveOn&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNWuzQzEi7RXxsa3lsLAGVF_6GWLPJNg&random=715179255&rmt_tld=1&ipr=y

Requested by

Host: sign.moveon.org
URL: https://sign.moveon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 02:18:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=359453895797049&ev=PageView&dl=https%3A%2F%2Fsign.moveon.org%2F&rl=&if=false&ts=1701656293319&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701656293318.1302191402&ler=empty&it=1701656293154&coo=false&rqm=GET

Requested by

Host: sign.moveon.org
URL: https://sign.moveon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Dec 2023 02:18:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 24ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=418774302312798&ev=PageView&dl=https%3A%2F%2Fsign.moveon.org%2F&rl=&if=false&ts=1701656293320&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701656293318.1302191402&ler=empty&it=1701656293154&coo=false&rqm=GET

Requested by

Host: sign.moveon.org
URL: https://sign.moveon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Dec 2023 02:18:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 rum Show response
sign.moveon.org/cdn-cgi/ 0
182 B 18ms
17ms XHR
text/plain 2606:4700:10::ac43:1d35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sign.moveon.org/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1d35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sign.moveon.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

date: Mon, 04 Dec 2023 02:18:13 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sign.moveon.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83008eb98f1c9bbc-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 20ms
20ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=946043016&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsign.moveon.org%2F&ul=en-us&de=UTF-8&dt=MoveOn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25&ev=25&_u=aGDAAEAjAAAAACgCIAD~&jid=307797074&gjid=1548297222&cid=1732057547.1701656293&tid=UA-219336-2&_gid=455955716.1701656293&_r=1&gtm=45He3bt0n81WBC8W2Dv812234648&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1582171557

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sign.moveon.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 02:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sign.moveon.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBC8W2D&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 00:31:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6393
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 02:31:40 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=946043016&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsign.moveon.org%2F&ul=en-us&de=UTF-8&dt=MoveOn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=50%25&ev=50&_u=aGDAAEAjAAAAACgCIAD~&jid=&gjid=&cid=1732057547.1701656293&tid=UA-219336-2&_gid=455955716.1701656293&gtm=45He3bt0n81WBC8W2Dv812234648&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1419190841

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sign.moveon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 21:39:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16703
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-219336-2&cid=1732057547.1701656293&jid=307797074&gjid=1548297222&_gid=455955716.1701656293&_u=aGDAAEAjAAAAACgCIAD~&z=565129439

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sign.moveon.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Dec 2023 02:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sign.moveon.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
658 B 366ms
121ms XHR
text/plain 52.22.62.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/17163910351.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.22.62.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-62-210.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sign.moveon.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 04 Dec 2023 02:18:14 GMT
Via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: https://sign.moveon.org
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
Connection: keep-alive
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 91ee9881-9e34-4266-b05a-a272cd7db9ed

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sign.moveon.org/	1969-12-31 23:59:59	Name: _agra_session Value: T1SzMwrxzT7QoIjlgItsAZjGwB9hfvGS6l6CulKe9Fti5btITKc7NUd%2FEB5r32P7RUytVum9M%2FWL%2Be7TA%2FO6DR28qG4vA2imPTod%2Fkn3lovc%2BbdS18IuBsekkktW89eWf41Aw%2FSdjOok%2Bo7mXNXnPlGNcse2PTUGeDNAsUp0TR9eI0QaFmzrIFJPVpMRZ7WfB5BYEIbXnbWGr9IDIUc6nYu%2BgoEfSZJnUIowjOD%2BmQIMxezm9yDxTXxlT1LhNgtZKPFI%2FOZcdu8g0%2BWHDOiDON%2FaDeUAuAuOO2n6feObS8lN4qxsN193T8AYCpOWhjWSu1FhzVAm%2BX8rwfgV0TtEjxrBSQXjpyD8N1x0Jjzsz4FOsBWQKrzi8tlAxsaqbBgQ4USTVu0%3D--TLAHQc5mWX6fSK%2Bl--OXz2dZ1UFXuqmwJqXNfi6w%3D%3D
.sign.moveon.org/	1970-01-21 01:26:32	Name: cf_clearance Value: 9lJ8S2ovGKzEzsleLGOWQUh29GEvDZYzfcSCoNXF120-1701656292-0-1-de2b1d9e.d31abd51.892a427e-0.2.1701656292
.moveon.org/	1970-01-20 21:00:08	Name: optimizelyEndUserId Value: oeu1701656292911r0.972828416668357
.moveon.org/	1970-01-21 01:26:32	Name: ajs_anonymous_id Value: b7259219-849d-46cf-a587-1b2d68510bec
.moveon.org/	1970-01-21 02:16:56	Name: _ga Value: GA1.2.1732057547.1701656293
.moveon.org/	1970-01-20 16:42:22	Name: _gid Value: GA1.2.455955716.1701656293
.moveon.org/	1970-01-20 16:40:56	Name: _gat Value: 1
.moveon.org/	1970-01-20 18:50:32	Name: _gcl_au Value: 1.1.679829842.1701656293
.doubleclick.net/	1970-01-20 16:40:57	Name: test_cookie Value: CheckForPermission
.moveon.org/	1970-01-20 18:50:32	Name: _fbp Value: fb.1.1701656293318.1302191402
.moveon.org/	1970-01-20 16:40:56	Name: _gat_UA-219336-2 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a17053551565.cdn.optimizely.com
api.segment.io
cdn.optimizely.com
cdn.segment.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.controlshift.app
logx.optimizely.com
sign.moveon.org
static.cloudflareinsights.com
static.controlshift.app
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
108.157.5.209
184.30.214.197
2606:4700:10::6816:2661
2606:4700:10::ac43:1d35
2606:4700::6810:3965
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9d
2a02:26f0:ab00:480::13b8
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
35.160.35.184
52.22.62.210
01c9ab65332bbbef959488519689858907817726036e9df3dffc503914ed7e6e
0452e97c1a2631eea2dfbe463c07c86d9bb3a24734a1ec096e35403e4ad8faeb
04ef1042ee6d7d0965b6ede55d8e9981464e5744915fc70386b16da558401e38
0e44ab982c261e27968def99cfcb51eed4a09b362dda063ddc5e2a84189ef327
111b0940e995e0847ed2e2724735d420885c1c002cb778a161c79ff0dc361e33
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
18788e1296fdeaee63bee0924b58fb84681d42a5f37ecff75f376461beb32318
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20eeabc2979d513328b657059be8ea6bde6f5ea0318aaccec59c80368857bd71
237786e2dd1a3616553769138d75139dbe4af6b697dc310571fd768488bf3d88
26e3edddb6d07f337b1ccf1352308aed3b1e1763bfa6cdc873e682fc2d17c81e
2a2e146d601231128cf9f2966234fdc597f918905111e5605ded64f4bb867edb
30f9fffae0b7eb902585fb753438257300b96fcb6b4ddac4b367cf88b47072ce
397435ea23568c8198e727a9d2311b49479a75242aaf86386dae0eff9d8f6331
3a3c86a10b63fa40538bfcb7c9b7d5e351428d7056de614ebaf4e332fef48040
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4899deb0401ae6ca6dca316b274ff0b1b7b69117cbc9d48fed8784e993a5fb5a
5a0c0340b4f7fd21efb7cf8dc22ca76a5a390bb1804ed9f1904336c169c9c3ef
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e5bc70675d5b15336c22900569d6c476cd684b4228c15ee1539f5c2cd569dc8
5f2e3faf8f1a0bd7ea7d27005850f5bfacd3dd90c116310b2af1039ae3190831
5f7b9c541486befc6e81aad9faf2c2f0827a5b9f02f39d0703a4861f8b8c62dd
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
701293bbb4e4f47e4d6df90a73302aed675608cf1837842591bbed555f30d5e8
70918b624b15282f49be1c545a168b201fdd2119652d11a9f3d7fa7f5ec3deb1
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
7f392a126c8f5a8a217baa8adfdb292d70e113fff6ede62b714c3ccec33c6731
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834f40f4845a6829e2d3e948f9efc226eb7be75ac5f614473dd86c66265cefca
84cdbbb7273eb8ee2ce9923696b2db49279a9f9bfbb69fc2af9326208c52e4b5
885017ad6320c03cf04e6586f6dd84955aed2fb93b5e45fa7e1bc933f8cbf5f6
8b1485791a31330fb1e4954773cc3cbb8c0290e790a8a666f900fec9ecc8159c
8c8d1d55c3f56e5cf22456a2910f09a7ff23f08cc99dd222b72aadd1667043ef
91b4002d924baf9af631bc467ace585716b481db03f38d73379fb55812b1b097
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9472d71c94bd6f712694b78adfd398b36c8a698b478651247d7615c25d644255
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
9b16b7449f4f876cf5610850bda1bfab2cdf6b4fe71092570ef58343ab4d95ec
9cbc51cfec3f1ec46f42d2410725fdd0d84c8598067fbdd55629817b3c1ae4ca
a329ba2514819799ea9dc291921b8f2305376e9f1d2eae105001c5883d0a8d7a
ac4a8f6d34b0ffb1c2d2f9d19680021223c1c353a955ac2be695ec55609d8575
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b3d6ad28f17701cfe25336cdf29b147659262af781ad4dd67837f7536794dec2
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
c17d3efb133d2bdb7886f8556520eb67b925a7d7e027fcc2dac8a062b6522931
c846595ac9d13f8fd4786aa58152f35b24da774eef208b58c6e80c6cadae3255
cae962a70d36874622214e00e5f0da33974facafc55fb443757d8615359c413a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df780fdc63064843e3d362eb254d987f5c8dfcc63c02910fc8f30e0ed4682c40
e139ba2537b0ab6476d6c195e0270dff7854007a615c2cbd4b866f4b90523066
e28565137a16990fe643598b66af8e547661fbe0a9b2b2a13d50c3ebd83225e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60ea4b61a98023e0d22a55054bfb85f777a16a5a69f1e8bab54968977eecb70
e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db
ea796b7867eb12b6e9a9c277c35ea1f709595477761a15afcf0ccfd04f5bf336
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5be41e1c077afb77266a08382b147a88a99ab441579933a97bdad7490c5954
f286c014ab790449b296f1cf5e6a1b0b5d58bff816b4d7406df8ae2e8dc84986
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

sign.moveon.org Open in urlscan Pro 2606:4700:10::ac43:1d35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

99 %HTTPS

79 %IPv6

15 Domains

20 Subdomains

18 IPs

3 Countries

1901 kBTransfer

4676 kBSize

11 Cookies

21 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sign.moveon.org Open in urlscan Pro
2606:4700:10::ac43:1d35 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

99 %
HTTPS

79 %
IPv6

15
Domains

20
Subdomains

18
IPs

3
Countries

1901 kB
Transfer

4676 kB
Size

11
Cookies

75 HTTP transactions
0 data transactions