urlscan.io logo urlscan.io
SecurityTrails logo

www.thepetitionsite.com Open in urlscan Pro
38.99.122.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Submission Tags: falconsandbox
Submission: On May 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 21 domains to perform 58 HTTP transactions. The main IP is 38.99.122.3, located in United States and belongs to COGENT-174, US. The main domain is www.thepetitionsite.com. The Cisco Umbrella rank of the primary domain is 515257.
TLS certificate: Issued by R3 on April 3rd 2023. Valid for: 3 months.
This is the only time www.thepetitionsite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 38.99.122.3 174 (COGENT-174)
14 38.99.122.4 174 (COGENT-174)
2 34.96.102.137 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
4 38.99.122.171 174 (COGENT-174)
1 2 151.139.128.10 20446 (STACKPATH...)
6 2a03:2880:f08... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 146.75.116.157 54113 (FASTLY)
1 3.224.163.117 14618 (AMAZON-AES)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 138.197.155.84 14061 (DIGITALOC...)
58 22
8    38.99.122.3 (United States)

ASN174 (COGENT-174, US)
PTR: lb2-38-99-122-3.care2.com
www.thepetitionsite.com
14    38.99.122.4 (United States)

ASN174 (COGENT-174, US)
PTR: lb3-38-99-122-4.care2.com
dingo.care2.com
www.care2.com
2    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    38.99.122.171 (United States)

ASN174 (COGENT-174, US)
PTR: ip-38-99-122-171.care2.com
matomo.care2.us
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.mouseflow.com
6    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:3500:883::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    3.224.163.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-163-117.compute-1.amazonaws.com
tags.srv.stackadapt.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    138.197.155.84 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: prd-usage-1.tjsint.net
usage.trackjs.com
Apex Domain
Subdomains		 Transfer
14 care2.com
dingo.care2.com — Cisco Umbrella Rank: 392013
www.care2.com — Cisco Umbrella Rank: 425879
qa2qaw1-dingo.care2.com Failed
sb-dingo.care2.com Failed
1 MB
8 thepetitionsite.com
www.thepetitionsite.com — Cisco Umbrella Rank: 515257
22 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
244 KB
4 care2.us
matomo.care2.us — Cisco Umbrella Rank: 657077
133 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 390
13 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 744
133 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
15 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5171
562 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
562 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
2 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 735
20 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
21 KB
2 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 7297
18 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4481
2 KB
1 trackjs.com
usage.trackjs.com — Cisco Umbrella Rank: 3470
229 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 690
395 B
1 t.co
t.co — Cisco Umbrella Rank: 510
378 B
1 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3058
6 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 718
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
52 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
1004 B
58 21
Domain Requested by
12 dingo.care2.com www.thepetitionsite.com
dingo.care2.com
8 www.thepetitionsite.com 1 redirects dingo.care2.com
4 connect.facebook.net dingo.care2.com
connect.facebook.net
4 matomo.care2.us www.thepetitionsite.com
matomo.care2.us
3 bat.bing.com dingo.care2.com
bat.bing.com
www.thepetitionsite.com
2 static.xx.fbcdn.net www.facebook.com
2 www.facebook.com dingo.care2.com
connect.facebook.net
2 www.google.de www.thepetitionsite.com
2 www.google.com www.thepetitionsite.com
2 s.pinimg.com dingo.care2.com
s.pinimg.com
2 www.google-analytics.com dingo.care2.com
www.thepetitionsite.com
2 cdn.mouseflow.com 1 redirects www.thepetitionsite.com
2 dev.visualwebsiteoptimizer.com www.thepetitionsite.com
2 www.care2.com www.thepetitionsite.com
1 usage.trackjs.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net dingo.care2.com
1 analytics.twitter.com www.thepetitionsite.com
1 t.co www.thepetitionsite.com
1 tags.srv.stackadapt.com dingo.care2.com
1 static.ads-twitter.com dingo.care2.com
1 www.googletagmanager.com dingo.care2.com
1 fonts.googleapis.com dingo.care2.com
0 sb-dingo.care2.com Failed www.thepetitionsite.com
0 qa2qaw1-dingo.care2.com Failed www.thepetitionsite.com
58 25
Subject Issuer Validity Valid
thepetitionsite.com
R3		 2023-04-03 -
2023-07-02		 3 months crt.sh
care2.com
R3		 2023-04-03 -
2023-07-02		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2022-07-04 -
2023-08-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
care2.us
R3		 2023-04-03 -
2023-07-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-23 -
2023-05-24		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-08-08		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.trackjs.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-07-28 -
2023-08-11		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Frame ID: 8ECE7CF471FD27C0A0072E590A1BBB16
Requests: 55 HTTP requests in this frame

Frame: https://www.facebook.com/v2.6/plugins/like.php?app_id=482659988595053&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b982174ed2f3%26domain%3Dwww.thepetitionsite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.thepetitionsite.com%252Ff27fecc28c2326%26relation%3Dparent.parent&container_width=1000&href=https%3A%2F%2Fwww.facebook.com%2FCare2&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=false
Frame ID: A5B8C43C42A32A41AA07D1680461D41E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Petition: Elon Musk is Allowing Videos of Animals Being Brutally Tortured on Twitter!

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com

Page Statistics

58
Requests

93 %
HTTPS

52 %
IPv6

21
Domains

25
Subdomains

22
IPs

4
Countries

1962 kB
Transfer

4928 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://cdn.mouseflow.com/projects/38fea81a-3db3-4aeb-b653-86bc55d9cff8.js HTTP 301
  • https://cdn.mouseflow.com/projects/38fea81a-3db3-4aeb-b653-86bc55d9cff8_eu.js
Request Chain 29
  • https://www.thepetitionsite.com/assets/font/care2-icons-2020-09/care2-icons.woff HTTP 301
  • https://dingo.care2.com/assets/font/care2-icons-2020-09/care2-icons.woff

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thepetitionsite.com/de-de/takeaction/386/896/852/ 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.3 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb2-38-99-122-3.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
daf01905e6e8a86ee154a2ac3cd5efde70ebf7887b2970523edcf9d177d61900
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/
content-type
text/html; charset=UTF-8
date
Tue, 16 May 2023 23:06:22 GMT
last-modified
Tue, 16 May 2023 20:18:26 GMT
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
vary
Accept-Encoding
x-cache
REVALIDATE from www.thepetitionsite.com
x-care2-haproxy-be
tps
x-care2-haproxy-fe
www
x-care2-haproxy-fe-host
xlb1
x-care2-haproxy-fe-site
sjc1
x-care2-haproxy-host
xlb1
x-care2-haproxy-site
sjc1
x-care2-host
web2
x-care2-site
sjc1
sign.css
dingo.care2.com/assets/css/petitionsite/ 		522 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
90c059e1785da8244367b375eb4969d0fa3ebd8c2925c7b8b4bc89ce5e3bd78a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:23 GMT
content-encoding
gzip
x-care2-host
web5
age
4
x-care2-haproxy-fe
www
x-cache
HIT from dingo.care2.com
x-care2-haproxy-fe-host
xlb2
x-care2-haproxy-host
xlb2
x-care2-haproxy-fe-site
sjc1
last-modified
Wed, 16 Nov 2022 20:55:52 GMT
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
etag
W/"1400319-82766-5ed9cb2b0654b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
x-care2-site
sjc1
x-care2-haproxy-be
care2
accept-ranges
bytes
x-care2-haproxy-site
sjc1
expires
Wed, 17 May 2023 23:06:19 GMT
viewed.php
www.care2.com/servlets/petitions/ 		43 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.care2.com/servlets/petitions/viewed.php
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:23 GMT
content-security-policy
frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/
x-care2-haproxy-fe-site
sjc1
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
x-care2-host
web3
x-care2-haproxy-fe
www
content-type
image/gif
x-care2-haproxy-fe-host
xlb2
x-care2-site
sjc1
x-care2-haproxy-be
care2
x-care2-haproxy-site
sjc1
content-length
43
x-care2-haproxy-host
xlb2
386896-1684247290-wide.jpg
dingo.care2.com/pictures/petition_images/petition/852/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dingo.care2.com/pictures/petition_images/petition/852/386896-1684247290-wide.jpg
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
3a00bab5740796297333235b45f00d8d20b169b4e043af4d99eef7aac7e3f06c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:23 GMT
x-care2-host
web3
age
31031
x-care2-haproxy-fe
www
x-cache
HIT from dingo.care2.com
x-care2-haproxy-fe-host
xlb2
content-length
26143
x-care2-haproxy-host
xlb2
x-care2-haproxy-fe-site
sjc1
last-modified
Tue, 16 May 2023 14:28:06 GMT
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
etag
"32847c-661f-5fbd0613df5cf"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
x-care2-site
sjc1
x-care2-haproxy-be
care2
accept-ranges
bytes
x-care2-haproxy-site
sjc1
expires
Wed, 17 May 2023 14:29:12 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=698494&u=https%3A%2F%2Fwww.thepetitionsite.com%2Fde-de%2Ftakeaction%2F386%2F896%2F852%2F%3Fz00m%3D33205826%26redirectID%3D3316042717&f=1&vn=1.5
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
9000a2d7647b056593fb58618d18fc5bcd09c64b3bff9c53c7aa8874f3271a21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:22 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
etag
W/"1684235579_EA"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=698494&d=thepetitionsite.com&u=D01107AA12E064D7E747118D4E4BF70D8&h=bff93b429c1ccd9813f31764d9cb26c6&t=false&r=0.45969432787234754
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 23:06:23 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
vendor.js
dingo.care2.com/assets/js/petitionsite/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dingo.care2.com/assets/js/petitionsite/vendor.js?1677607992
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
091d143bce18e34740772714a28b45b132baf3931ed9fb133e496b4fde644ac1

Request headers

Referer
https://www.thepetitionsite.com/
Origin
https://www.thepetitionsite.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:23 GMT
content-encoding
gzip
x-care2-host
web3
age
3
x-care2-haproxy-fe
www
x-cache
HIT from dingo.care2.com
x-care2-haproxy-fe-host
xlb2
x-care2-haproxy-host
xlb2
x-care2-haproxy-fe-site
sjc1
last-modified
Tue, 28 Feb 2023 18:13:12 GMT
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
etag
W/"11cd6-10cc1-5f5c68c74085d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-care2-site
sjc1
x-care2-haproxy-be
care2
accept-ranges
bytes
x-care2-haproxy-site
sjc1
expires
Wed, 17 May 2023 23:06:20 GMT
sign.js
dingo.care2.com/assets/js/petitionsite/ 		2 MB
468 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
ca3df529505b4bf55706c5fdf45c1bf9c54abc60750af5e1a9a31b1ff8b3b3bc

Request headers

Referer
https://www.thepetitionsite.com/
Origin
https://www.thepetitionsite.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:23 GMT
content-encoding
gzip
x-care2-host
web2
age
6
x-care2-haproxy-fe
www
x-cache
HIT from dingo.care2.com
x-care2-haproxy-fe-host
xlb2
x-care2-haproxy-host
xlb2
x-care2-haproxy-fe-site
sjc1
last-modified
Tue, 04 Apr 2023 15:36:43 GMT
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
etag
W/"c280ab-19529d-5f884714f8d1f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-care2-site
sjc1
x-care2-haproxy-be
care2
accept-ranges
bytes
x-care2-haproxy-site
sjc1
expires
Wed, 17 May 2023 23:06:17 GMT
css
fonts.googleapis.com/ 		2 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
80201b8e946ead7b0baafb6fc4ff67a18ce02b0b60bc1d4bab02d0a2ef5bb324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dingo.care2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 23:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 May 2023 21:24:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 May 2023 23:06:23 GMT
matomo.js
matomo.care2.us/ 		132 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.care2.us/matomo.js
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.171 , United States, ASN174 (COGENT-174, US),
Reverse DNS
ip-38-99-122-171.care2.com
Software
Apache/2.4.54 (FreeBSD) PHP/8.1.11 OpenSSL/1.1.1o-freebsd /
Resource Hash
77bfadab52b22b3e95be56a1a4c1c9cba0f921c393ebe790bc5f6ba126b78b14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:24 GMT
x-care2-haproxy-fe-site
iad1
last-modified
Mon, 13 Mar 2023 21:05:01 GMT
server
Apache/2.4.54 (FreeBSD) PHP/8.1.11 OpenSSL/1.1.1o-freebsd
x-care2-host
matomo2
x-care2-haproxy-fe
fe_xindi_external
etag
"20f1c-5f6ce76d83358"
content-type
application/javascript
x-care2-haproxy-fe-host
xlb1
x-care2-site
iad1
x-care2-haproxy-be
matomo
accept-ranges
bytes
x-care2-haproxy-site
iad1
content-length
134940
x-care2-haproxy-host
xlb1
care2-logo-2018.svg
dingo.care2.com/assets/img/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dingo.care2.com/assets/img/care2-logo-2018.svg
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
2a45935bc9cea6e64fab363642958a4c1327624d02c9f60d61b75b8bd4ea354c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:23 GMT
content-encoding
gzip
x-care2-host
web1
age
3
x-care2-haproxy-fe
www
x-cache
HIT from dingo.care2.com
x-care2-haproxy-fe-host
xlb2
x-care2-haproxy-host
xlb2
x-care2-haproxy-fe-site
sjc1
last-modified
Tue, 14 Apr 2020 23:20:25 GMT
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
etag
W/"553fc5-1d1a-5a34871ce1286"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
x-care2-site
sjc1
x-care2-haproxy-be
care2
accept-ranges
bytes
x-care2-haproxy-site
sjc1
expires
Wed, 17 May 2023 23:06:20 GMT
care2-logo-2018-white.svg
dingo.care2.com/assets/img/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dingo.care2.com/assets/img/care2-logo-2018-white.svg
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
3caa853646af7ff46f6f7097d691ed712e207fb9de4d7516f631712c6b0acaf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:23 GMT
content-encoding
gzip
x-care2-host
web5
age
1
x-care2-haproxy-fe
www
x-cache
HIT from dingo.care2.com
x-care2-haproxy-fe-host
xlb2
x-care2-haproxy-host
xlb2
x-care2-haproxy-fe-site
sjc1
last-modified
Tue, 14 Apr 2020 23:20:25 GMT
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
etag
W/"1182eb9-1d1a-5a34871ce1286"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
x-care2-site
sjc1
x-care2-haproxy-be
care2
accept-ranges
bytes
x-care2-haproxy-site
sjc1
expires
Wed, 17 May 2023 23:06:22 GMT
Poppins-Light.ttf
dingo.care2.com/assets/font/Poppins/ 		156 KB
157 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dingo.care2.com/assets/font/Poppins/Poppins-Light.ttf
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
647f014d36822ef7e0413ffbb65598ae0cb57fb798e635c63912c93d94eb356a

Request headers

Referer
https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
Origin
https://www.thepetitionsite.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:23 GMT
x-care2-host
web2
age
14
x-care2-haproxy-fe
www
x-cache
HIT from dingo.care2.com
x-care2-haproxy-fe-host
xlb2
content-length
159892
x-care2-haproxy-host
xlb2
x-care2-haproxy-fe-site
sjc1
last-modified
Mon, 11 Jul 2022 16:44:18 GMT
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
etag
"11800376-27094-5e38a43574649"
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=86400
x-care2-site
sjc1
x-care2-haproxy-be
care2
accept-ranges
bytes
x-care2-haproxy-site
sjc1
expires
Wed, 17 May 2023 23:06:09 GMT
Poppins-SemiBold.ttf
dingo.care2.com/assets/font/Poppins/ 		152 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dingo.care2.com/assets/font/Poppins/Poppins-SemiBold.ttf
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36

Request headers

Referer
https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
Origin
https://www.thepetitionsite.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:23 GMT
x-care2-host
web3
age
6
x-care2-haproxy-fe
www
x-cache
HIT from dingo.care2.com
x-care2-haproxy-fe-host
xlb2
content-length
155232
x-care2-haproxy-host
xlb2
x-care2-haproxy-fe-site
sjc1
last-modified
Mon, 11 Jul 2022 16:44:18 GMT
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
etag
"c0000e3-25e60-5e38a43576589"
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=86400
x-care2-site
sjc1
x-care2-haproxy-be
care2
accept-ranges
bytes
x-care2-haproxy-site
sjc1
expires
Wed, 17 May 2023 23:06:17 GMT
care2-icons.woff
dingo.care2.com/assets/font/care2-icons-2020-09/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dingo.care2.com/assets/font/care2-icons-2020-09/care2-icons.woff
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
4c555c077b6e95ca04b44ecb5ec7eb4d7bfc586cd3577384ef5b866224c59271

Request headers

Referer
https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
Origin
https://www.thepetitionsite.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:23 GMT
x-care2-host
web5
age
3
x-care2-haproxy-fe
www
x-cache
HIT from dingo.care2.com
x-care2-haproxy-fe-host
xlb2
content-length
13716
x-care2-haproxy-host
xlb2
x-care2-haproxy-fe-site
sjc1
last-modified
Thu, 21 Apr 2022 21:41:37 GMT
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
etag
"d000046-3594-5dd30f98131cb"
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=86400
x-care2-site
sjc1
x-care2-haproxy-be
care2
accept-ranges
bytes
x-care2-haproxy-site
sjc1
expires
Wed, 17 May 2023 23:06:20 GMT
Poppins-Regular.ttf
dingo.care2.com/assets/font/Poppins/ 		155 KB
155 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dingo.care2.com/assets/font/Poppins/Poppins-Regular.ttf
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a

Request headers

Referer
https://dingo.care2.com/assets/css/petitionsite/sign.css?1668632152
Origin
https://www.thepetitionsite.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:23 GMT
x-care2-host
web1
age
14
x-care2-haproxy-fe
www
x-cache
HIT from dingo.care2.com
x-care2-haproxy-fe-host
xlb2
content-length
158240
x-care2-haproxy-host
xlb2
x-care2-haproxy-fe-site
sjc1
last-modified
Mon, 11 Jul 2022 16:44:18 GMT
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
etag
"94001b9-26a20-5e38a435761a1"
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=86400
x-care2-site
sjc1
x-care2-haproxy-be
care2
accept-ranges
bytes
x-care2-haproxy-site
sjc1
expires
Wed, 17 May 2023 23:06:09 GMT
matomo.php
matomo.care2.us/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.care2.us/matomo.php?action_name=Petition%3A%20Elon%20Musk%20is%20Allowing%20Videos%20of%20Animals%20Being%20Brutally%20Tortured%20on%20Twitter!&idsite=5&rec=1&r=600754&h=23&m=6&s=24&url=https%3A%2F%2Fwww.thepetitionsite.com%2F386896852&_id=3b2cfce45a45bbd9&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=s69op8&pf_net=352&pf_srv=237&pf_tfr=71&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.care2.us
URL: https://matomo.care2.us/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.171 , United States, ASN174 (COGENT-174, US),
Reverse DNS
ip-38-99-122-171.care2.com
Software
Apache/2.4.54 (FreeBSD) PHP/8.1.11 OpenSSL/1.1.1o-freebsd / PHP/8.1.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thepetitionsite.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Tue, 16 May 2023 23:06:24 GMT
content-encoding
none
x-care2-haproxy-fe-site
iad1
server
Apache/2.4.54 (FreeBSD) PHP/8.1.11 OpenSSL/1.1.1o-freebsd
x-care2-host
matomo2
x-care2-haproxy-fe
fe_xindi_external
x-powered-by
PHP/8.1.11
x-care2-haproxy-fe-host
xlb1
x-care2-site
iad1
x-care2-haproxy-be
matomo
x-care2-haproxy-site
iad1
x-care2-haproxy-host
xlb1
38fea81a-3db3-4aeb-b653-86bc55d9cff8_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • https://cdn.mouseflow.com/projects/38fea81a-3db3-4aeb-b653-86bc55d9cff8.js
  • https://cdn.mouseflow.com/projects/38fea81a-3db3-4aeb-b653-86bc55d9cff8_eu.js
62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/38fea81a-3db3-4aeb-b653-86bc55d9cff8_eu.js
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
595b69c532195283f2d6eb39885858ddff6d0f30fad13d80c9e0211eeadef6d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:25 GMT
content-encoding
gzip
last-modified
Sun, 05 Mar 2023 16:01:05 GMT
server
etag
"39905bb17b4fd91:0"
x-hw
1684278385.cds229.lo4.hn,1684278385.cds218.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
18228

Redirect headers

date
Tue, 16 May 2023 23:06:25 GMT
x-hw
1684278384.cds229.lo4.hn,1684278385.cds300.lo4.c
location
https://cdn.mouseflow.com/projects/38fea81a-3db3-4aeb-b653-86bc55d9cff8_eu.js
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-hw-loc
https://cdn.mouseflow.com/projects/38fea81a-3db3-4aeb-b653-86bc55d9cff8.js
content-length
0
user_login.php
www.thepetitionsite.com/servlets/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thepetitionsite.com/servlets/user_login.php
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.3 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb2-38-99-122-3.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
c5eea96179a8ce5acc57bbb60032306246385a03a7726ab1f8b6d901049f40cd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/

Request headers

Accept
*/*
Referer
https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 16 May 2023 23:06:25 GMT
content-security-policy
frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/
content-encoding
gzip
x-care2-host
web3
x-care2-haproxy-fe
www
x-care2-haproxy-fe-host
xlb1
x-care2-haproxy-host
xlb1
x-care2-haproxy-fe-site
sjc1
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, must-revalidate
x-care2-site
sjc1
x-care2-haproxy-be
tps
x-care2-haproxy-site
sjc1
expires
Mon, 26 Jul 1997 05:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 16 May 2023 23:06:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
m9NH3W54HuZVRAv7iyNXtc3hWiRBryKxUrDuX0Jr63aKYjouiNAfF4Z+SOBpaIzkszuIafcie1GCg24xyJTblw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), gyroscope=(), hid=(), midi=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 16 May 2023 23:06:24 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9E306D8E5843420583321FB9721C488E Ref B: FRAEDGE1815 Ref C: 2023-05-16T23:06:24Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12183
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 23:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
84
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 17 May 2023 01:05:00 GMT
js
www.googletagmanager.com/gtag/ 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1064448610
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13bcddb5429dc04bb4781a9401cb286e6fffacb9b4b5fea4f940872646bf2135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53042
x-xss-protection
0
last-modified
Tue, 16 May 2023 22:08:55 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 May 2023 23:06:24 GMT
core.js
s.pinimg.com/ct/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:883::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9da667a2d06a49f6f7fd0f37de54e6df03de06331fe4b4ced41a52c704e6f9c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"6d16b8fee6eb8c0a28480810db2943f7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
content-length
1449
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:24 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230065-FRA
events.js
tags.srv.stackadapt.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.163.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-163-117.compute-1.amazonaws.com
Software
/
Resource Hash
b7601a86d788555d8dba3a8013b5d38db370fe5f8f0db290e8cc9674b6a53ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 May 2023 23:06:25 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
signatures.php
www.thepetitionsite.com/servlets/petitions/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thepetitionsite.com/servlets/petitions/signatures.php
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.3 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb2-38-99-122-3.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
ec2a57459f8d3823291c702a2df94ed02322c910174babd6672f2d92b9c0a7d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/

Request headers

Accept
*/*
Referer
https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 16 May 2023 23:06:25 GMT
content-security-policy
frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/
x-care2-haproxy-fe-site
sjc1
content-encoding
gzip
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
x-care2-host
web5
x-care2-haproxy-fe
www
vary
Accept-Encoding
content-type
application/json
x-care2-haproxy-fe-host
xlb1
x-care2-site
sjc1
x-care2-haproxy-be
tps
x-care2-haproxy-site
sjc1
x-care2-haproxy-host
xlb1
flags@2x.png
dingo.care2.com/assets/img/ 		170 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dingo.care2.com/assets/img/flags@2x.png
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
8ab4e961a71e2a404aab37e528b0312282c258015d58f5e0eb5dec6aa4ff63d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:25 GMT
x-care2-host
web3
age
7
x-care2-haproxy-fe
www
x-cache
HIT from dingo.care2.com
x-care2-haproxy-fe-host
xlb2
content-length
174369
x-care2-haproxy-host
xlb2
x-care2-haproxy-fe-site
sjc1
last-modified
Tue, 01 Nov 2022 18:41:06 GMT
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
etag
"9b20ff-2a921-5ec6d1124c06c"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
x-care2-site
sjc1
x-care2-haproxy-be
care2
accept-ranges
bytes
x-care2-haproxy-site
sjc1
expires
Wed, 17 May 2023 23:06:17 GMT
flags@2x.png
qa2qaw1-dingo.care2.com/assets/img/ 		0
0
flags@2x.png
sb-dingo.care2.com/assets/img/ 		0
0
care2-icons.woff
dingo.care2.com/assets/font/care2-icons-2020-09/
Redirect Chain
  • https://www.thepetitionsite.com/assets/font/care2-icons-2020-09/care2-icons.woff
  • https://dingo.care2.com/assets/font/care2-icons-2020-09/care2-icons.woff
13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dingo.care2.com/assets/font/care2-icons-2020-09/care2-icons.woff
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
4c555c077b6e95ca04b44ecb5ec7eb4d7bfc586cd3577384ef5b866224c59271

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:25 GMT
x-care2-host
web5
age
5
x-care2-haproxy-fe
www
x-cache
HIT from dingo.care2.com
x-care2-haproxy-fe-host
xlb2
content-length
13716
x-care2-haproxy-host
xlb2
x-care2-haproxy-fe-site
sjc1
last-modified
Thu, 21 Apr 2022 21:41:37 GMT
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
etag
"d000046-3594-5dd30f98131cb"
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=86400
x-care2-site
sjc1
x-care2-haproxy-be
care2
accept-ranges
bytes
x-care2-haproxy-site
sjc1
expires
Wed, 17 May 2023 23:06:20 GMT

Redirect headers

date
Tue, 16 May 2023 23:06:25 GMT
x-care2-haproxy-fe-site
sjc1
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
x-care2-haproxy-fe
www
content-type
text/html; charset=iso-8859-1
location
https://dingo.care2.com/assets/font/care2-icons-2020-09/care2-icons.woff
x-care2-haproxy-fe-host
xlb1
x-care2-haproxy-be
tps
x-care2-haproxy-site
sjc1
content-length
280
x-care2-haproxy-host
xlb1
get_social_counts.php
www.thepetitionsite.com/servlets/ 		176 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thepetitionsite.com/servlets/get_social_counts.php
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.3 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb2-38-99-122-3.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
99cff67ef14e61ae0eb9ff279a4b01a4b801ab3626d491e80773b340588b5d95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/

Request headers

Accept
*/*
Referer
https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 16 May 2023 23:06:25 GMT
content-security-policy
frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/
content-encoding
gzip
x-care2-host
web1
x-care2-haproxy-fe
www
x-care2-haproxy-fe-host
xlb1
x-care2-haproxy-host
xlb1
x-care2-haproxy-fe-site
sjc1
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.thepetitionsite.com
cache-control
no-cache, must-revalidate
x-care2-site
sjc1
x-care2-haproxy-be
tps
vary
Accept-Encoding
x-care2-haproxy-site
sjc1
access-control-allow-headers
Content-Type
expires
Mon, 26 Jul 1997 05:00:00 GMT
main.17ba9c80.js
s.pinimg.com/ct/lib/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.17ba9c80.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:883::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cb9faf471c314cae8238aa5db053490bd50283053008f2c8249f593d30dd1b35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"75f3e62f09148ef2b5935306f2ae4500"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18004
137005710.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/137005710.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 16 May 2023 23:06:24 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9F64A3A105004936976D9A0444A8705C Ref B: FRAEDGE1815 Ref C: 2023-05-16T23:06:25Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137005710&Ver=2&mid=6ac3824d-a7d9-4255-a93f-4254696ea2d3&sid=47f82730f43e11ed87e01b58f3dc0c75&vid=47f82f10f43e11ed84a7615ff78398d2&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Petition%3A%20Elon%20Musk%20is%20Allowing%20Videos%20of%20Animals%20Being%20Brutally%20Tortured%20on%20Twitter!&p=https%3A%2F%2Fwww.thepetitionsite.com%2Fde-de%2Ftakeaction%2F386%2F896%2F852%2F%3Fz00m%3D33205826%26redirectID%3D3316042717&r=&lt=2753&evt=pageLoad&sv=1&rn=790225
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 May 2023 23:06:24 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9D7698D8023340CEA7761D6E1A74A9C2 Ref B: FRAEDGE1815 Ref C: 2023-05-16T23:06:25Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
388957491260477
connect.facebook.net/signals/config/ 		435 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/388957491260477?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b233a99c94dff0b71a653cf43c6568910480c9998835bb03ded203235806bb2e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 16 May 2023 23:06:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
sFgQplQ4EOwYm13HQljVB0nnSAEB/MXLtWuCGBCSLlCg2Emv79dgko6/uSIvHmbHlM+n7NtAUYZDkFXiM+gm8Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
t.co/i/ 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=10d1c4ac-1c5a-4cde-9a26-f8a6b833d6ef&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=229c139d-ab19-47d5-9543-9352d48a4b8c&tw_document_href=https%3A%2F%2Fwww.thepetitionsite.com%2Fde-de%2Ftakeaction%2F386%2F896%2F852%2F%3Fz00m%3D33205826%26redirectID%3D3316042717&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5a40&type=javascript&version=2.3.29
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
116
date
Tue, 16 May 2023 23:06:25 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
d067854d11071898
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
cfdfc324e785dcd6cfc5b306b0a594470927f574672bcc01a7332789a9d4cf4f
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=10d1c4ac-1c5a-4cde-9a26-f8a6b833d6ef&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=229c139d-ab19-47d5-9543-9352d48a4b8c&tw_document_href=https%3A%2F%2Fwww.thepetitionsite.com%2Fde-de%2Ftakeaction%2F386%2F896%2F852%2F%3Fz00m%3D33205826%26redirectID%3D3316042717&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5a40&type=javascript&version=2.3.29
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
117
date
Tue, 16 May 2023 23:06:25 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
5dfb6779e2e6e7ce
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
bfca657d45a19fc8a258542ecb283c4293a300e01832b40695dc2b8094f621e3
content-length
43
collect
stats.g.doubleclick.net/j/ 		4 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-41501525-1&cid=1858177835.1684278385&jid=2079054671&gjid=1693545885&_gid=120659581.1684278385&_u=IGBAgEABAAAAAEAAI~&z=1557201031
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thepetitionsite.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 16 May 2023 23:06:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thepetitionsite.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=804979340&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thepetitionsite.com%2Fde-de%2Ftakeaction%2F386%2F896%2F852%2F%3Fz00m%3D33205826%26redirectID%3D3316042717&ul=en-us&de=UTF-8&dt=Petition%3A%20Elon%20Musk%20is%20Allowing%20Videos%20of%20Animals%20Being%20Brutally%20Tortured%20on%20Twitter!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEABAAAAAAAAI~&jid=2079054671&gjid=1693545885&cid=1858177835.1684278385&tid=UA-41501525-1&_gid=120659581.1684278385&z=75422856
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 05:07:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64741
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1064448610/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064448610/?random=1684278385129&cv=11&fst=1684278385129&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thepetitionsite.com%2Fde-de%2Ftakeaction%2F386%2F896%2F852%2F%3Fz00m%3D33205826%26redirectID%3D3316042717&hn=www.googleadservices.com&frm=0&tiba=Petition%3A%20Elon%20Musk%20is%20Allowing%20Videos%20of%20Animals%20Being%20Brutally%20Tortured%20on%20Twitter!&auid=68665377.1684278385&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1064448610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc08a741dde1ba2da2899049f7959dd3648a54a1dc8e806d2eb75fbf9395e06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 23:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-41501525-1&cid=1858177835.1684278385&jid=2079054671&_u=IGBAgEABAAAAAEAAI~&z=1014184200
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 23:06:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-41501525-1&cid=1858177835.1684278385&jid=2079054671&_u=IGBAgEABAAAAAEAAI~&z=1014184200
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 23:06:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/de_DE/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/sdk.js
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9dada1bc21ef57c4159a13febdab94568f3850f73b21bb251cd08cf7e8dae858
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 23:06:25 GMT
content-md5
nMc8Sp8ApLTCoa1qKf9NkA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
1UxpPJHUX69VJroua979iPvGQHGl1JSsYuAI8Xq7+qaCKVs1ZWN0rPvbt36aWKwrLyNA9eTTHtdm4JzH0hek4g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
ea3b17e181cb42dcf2206e29a8578389
cross-origin-opener-policy
same-origin-allow-popups
etag
"68f4bc28bb03f3160785a3b238e02a33"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), hid=(), idle-detection=(), magnetometer=(), screen-wake-lock=(), serial=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 16 May 2023 23:11:38 GMT
petitions_seen.php
www.thepetitionsite.com/servlets/petitions/ 		0
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thepetitionsite.com/servlets/petitions/petitions_seen.php
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.3 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb2-38-99-122-3.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/

Request headers

Accept
*/*
Referer
https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 16 May 2023 23:06:25 GMT
content-security-policy
frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/
x-care2-haproxy-fe-site
sjc1
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
x-care2-host
web5
x-care2-haproxy-fe
www
content-type
text/html; charset=UTF-8
x-care2-haproxy-fe-host
xlb1
x-care2-site
sjc1
x-care2-haproxy-be
tps
x-care2-haproxy-site
sjc1
content-length
0
x-care2-haproxy-host
xlb1
matomo.php
matomo.care2.us/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.care2.us/matomo.php?idgoal=47&idsite=5&rec=1&r=990096&h=23&m=6&s=25&url=https%3A%2F%2Fwww.thepetitionsite.com%2F386896852&_id=3b2cfce45a45bbd9&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=s69op8&uadata=%7B%22brands%22%3A%5B%5D%2C%22platform%22%3A%22%22%7D
Requested by
Host: matomo.care2.us
URL: https://matomo.care2.us/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.171 , United States, ASN174 (COGENT-174, US),
Reverse DNS
ip-38-99-122-171.care2.com
Software
Apache/2.4.54 (FreeBSD) PHP/8.1.11 OpenSSL/1.1.1o-freebsd / PHP/8.1.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thepetitionsite.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Tue, 16 May 2023 23:06:25 GMT
content-encoding
none
x-care2-haproxy-fe-site
iad1
server
Apache/2.4.54 (FreeBSD) PHP/8.1.11 OpenSSL/1.1.1o-freebsd
x-care2-host
matomo3
x-care2-haproxy-fe
fe_xindi_external
x-powered-by
PHP/8.1.11
x-care2-haproxy-fe-host
xlb1
x-care2-site
iad1
x-care2-haproxy-be
matomo
x-care2-haproxy-site
iad1
x-care2-haproxy-host
xlb1
optinInfo
www.thepetitionsite.com/ws/optins/ 		653 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thepetitionsite.com/ws/optins/optinInfo
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.3 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb2-38-99-122-3.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
d47e2935b6e37b2e136510f37bfc70e727caccf65fdf1a81013760a094deb6dc

Request headers

Accept
*/*
Referer
https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 16 May 2023 23:06:25 GMT
x-care2-haproxy-fe-site
sjc1
content-encoding
gzip
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
x-care2-host
web5
x-care2-haproxy-fe
www
vary
Accept-Encoding
content-type
application/json
x-care2-haproxy-fe-host
xlb1
x-care2-site
sjc1
x-care2-haproxy-be
wstps
x-care2-haproxy-site
sjc1
x-care2-haproxy-host
xlb1
/
www.google.com/pagead/1p-user-list/1064448610/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1064448610/?random=1684278385129&cv=11&fst=1684278000000&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thepetitionsite.com%2Fde-de%2Ftakeaction%2F386%2F896%2F852%2F%3Fz00m%3D33205826%26redirectID%3D3316042717&frm=0&tiba=Petition%3A%20Elon%20Musk%20is%20Allowing%20Videos%20of%20Animals%20Being%20Brutally%20Tortured%20on%20Twitter!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2616234119&rmt_tld=0&ipr=y
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 23:06:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1064448610/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1064448610/?random=1684278385129&cv=11&fst=1684278000000&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thepetitionsite.com%2Fde-de%2Ftakeaction%2F386%2F896%2F852%2F%3Fz00m%3D33205826%26redirectID%3D3316042717&frm=0&tiba=Petition%3A%20Elon%20Musk%20is%20Allowing%20Videos%20of%20Animals%20Being%20Brutally%20Tortured%20on%20Twitter!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2616234119&rmt_tld=1&ipr=y
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 23:06:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/de_DE/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/sdk.js?hash=a562abd2523723a43bf66b57333ee413
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b2fae427bc09b6f92cc6fc8c5dbb8055c3bfb368fe590fdd265c50a1afcf7350
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.thepetitionsite.com/
Origin
https://www.thepetitionsite.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 May 2023 23:06:25 GMT
content-md5
47HdXI7irFHm7P3lpVWjdQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88702
x-fb-rlafr
0
x-fb-debug
yzxzEfeJpQZB4dGHqxEzY8GikUZqtinyNNCfyc+8S2CV87awfKdk+OvuZ/NYmtkNEYb1BepnMDkIZ76ZNOrjag==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
926346f19de23ec65c2d71464e6d5aa8
cross-origin-opener-policy
same-origin-allow-popups
etag
"9546e2fc8ced4e50da71b3c1fbbcfc52"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), gyroscope=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 May 2024 20:44:04 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=482659988595053&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.thepetitionsite.com%2Fde-de%2Ftakeaction%2F386%2F896%2F852%2F%3Fz00m%3D33205826%26redirectID%3D3316042717&sdk=joey&wants_cookie_data=true
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Tue, 16 May 2023 23:06:25 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
7xS27GBVgNVROAglxMt87C3VYPHUK/ybzSp1I/TQx6qm/j6T96cxNUIRAzPvBOaqpYL6mw+XmeYTasOJuj+Pmg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thepetitionsite.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), hid=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
optinServed
www.thepetitionsite.com/ws/optins/ 		20 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thepetitionsite.com/ws/optins/optinServed
Requested by
Host: dingo.care2.com
URL: https://dingo.care2.com/assets/js/petitionsite/sign.js?1680622603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.3 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb2-38-99-122-3.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept
*/*
Referer
https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 16 May 2023 23:06:25 GMT
x-care2-haproxy-fe-site
sjc1
content-encoding
gzip
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
x-care2-host
web5
x-care2-haproxy-fe
www
vary
Accept-Encoding
content-type
application/json
x-care2-haproxy-fe-host
xlb1
x-care2-site
sjc1
x-care2-haproxy-be
wstps
x-care2-haproxy-site
sjc1
x-care2-haproxy-host
xlb1
viewed.php
www.care2.com/servlets/petitions/ 		43 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.care2.com/servlets/petitions/viewed.php?petitionID=386896852&redirectID=3316042717&z00m=33205826&signed=0
Requested by
Host: www.thepetitionsite.com
URL: https://www.thepetitionsite.com/de-de/takeaction/386/896/852/?z00m=33205826&redirectID=3316042717
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.4 , United States, ASN174 (COGENT-174, US),
Reverse DNS
lb3-38-99-122-4.care2.com
Software
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:25 GMT
content-security-policy
frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/
x-care2-haproxy-fe-site
sjc1
server
Apache/2.4.41 (IUS) OpenSSL/1.0.2k-fips mod_perl/2.0.10 Perl/v5.16.3
x-care2-host
web1
x-care2-haproxy-fe
www
content-type
image/gif
x-care2-haproxy-fe-host
xlb2
x-care2-site
sjc1
x-care2-haproxy-be
care2
x-care2-haproxy-site
sjc1
content-length
43
x-care2-haproxy-host
xlb2
like.php
www.facebook.com/v2.6/plugins/ Frame A5B8 		36 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.6/plugins/like.php?app_id=482659988595053&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b982174ed2f3%26domain%3Dwww.thepetitionsite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.thepetitionsite.com%252Ff27fecc28c2326%26relation%3Dparent.parent&container_width=1000&href=https%3A%2F%2Fwww.facebook.com%2FCare2&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=a562abd2523723a43bf66b57333ee413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a5c6983cc007aede53eb467255ff6b98168c9323172eb38ee2c81752487c147f
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thepetitionsite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Tue, 16 May 2023 23:06:25 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v11.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Nz1l4KlFGli4pkwA6qytdkqQ//lDBYI2LKAV9+CpFaEhEUL8VQRzpy9WrmQIJNqkK0o8FAfG7rtY1nSPolyAkw==
x-fb-rlafr
0
x-xss-protection
0
usage.gif
usage.trackjs.com/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usage.trackjs.com/usage.gif?token=4a9bb5467d9b475fb055de8365a94001&correlationId=52b6c00d-ce80-4176-8214-09edbf070c45&application=petitionsite-prod&x=f57d57f7-bbc0-4230-9507-c6d30c867631&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.197.155.84 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prd-usage-1.tjsint.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thepetitionsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 23:06:26 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame A5B8 		299 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?app_id=482659988595053&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b982174ed2f3%26domain%3Dwww.thepetitionsite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.thepetitionsite.com%252Ff27fecc28c2326%26relation%3Dparent.parent&container_width=1000&href=https%3A%2F%2Fwww.facebook.com%2FCare2&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:26 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
lTSJbP+p5bpBBqYZLvIG4MQPLKbmf9phnAhQiFOXkPlpXFhmdGruWWdqiR1YySj9YJWWZloRas6pKwbo/bJ+xw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Thu, 09 May 2024 22:19:55 GMT
633eVJPTkU2.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yL/l/de_DE/ Frame A5B8 		513 KB
133 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yL/l/de_DE/633eVJPTkU2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?app_id=482659988595053&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b982174ed2f3%26domain%3Dwww.thepetitionsite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.thepetitionsite.com%252Ff27fecc28c2326%26relation%3Dparent.parent&container_width=1000&href=https%3A%2F%2Fwww.facebook.com%2FCare2&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
21f488e904aaea8392cf4eaa0d9f03aa62558e13d26d6f322304859800b6c41e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 23:06:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
TPSSvsmT8xjHfnUOcC/T7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
135817
x-fb-rlafr
0
x-fb-debug
eD2n5Pk3WtdQuBvmyu/eyE1HryCMMPFL7PiEt1kUDiGAWoDQ+7bmbKMcyeMO5IqO63r9LKjeo6u2N5Mku0hjSA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), hid=(), screen-wake-lock=(), serial=()
timing-allow-origin
*
priority
u=1,i
expires
Wed, 15 May 2024 05:47:11 GMT
matomo.php
matomo.care2.us/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.care2.us/matomo.php?fa_vid=dTPWaX&fa_id=petition-sign-form&fa_name=petition-sign-form&fa_fv=1&ca=1&idsite=5&rec=1&r=928018&h=23&m=6&s=25&url=https%3A%2F%2Fwww.thepetitionsite.com%2F386896852&_id=3b2cfce45a45bbd9&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=s69op8&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.care2.us
URL: https://matomo.care2.us/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.99.122.171 , United States, ASN174 (COGENT-174, US),
Reverse DNS
ip-38-99-122-171.care2.com
Software
Apache/2.4.54 (FreeBSD) PHP/8.1.11 OpenSSL/1.1.1o-freebsd / PHP/8.1.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thepetitionsite.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Tue, 16 May 2023 23:06:27 GMT
content-encoding
none
x-care2-haproxy-fe-site
iad1
server
Apache/2.4.54 (FreeBSD) PHP/8.1.11 OpenSSL/1.1.1o-freebsd
x-care2-host
matomo3
x-care2-haproxy-fe
fe_xindi_external
x-powered-by
PHP/8.1.11
x-care2-haproxy-fe-host
xlb1
x-care2-site
iad1
x-care2-haproxy-be
matomo
x-care2-haproxy-site
iad1
x-care2-haproxy-host
xlb1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
qa2qaw1-dingo.care2.com
URL
https://qa2qaw1-dingo.care2.com/assets/img/flags@2x.png
Domain
sb-dingo.care2.com
URL
https://sb-dingo.care2.com/assets/img/flags@2x.png

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless number| settings_timer number| _vwo_settings_timer object| _vwo_code undefined| vwo_e number| _vwo_j_e string| _vwo_mt string| _vwo_tm string| _vwo_cookieDomain string| g object| vwo_iehack_queue object| _paq function| care2tpsauth string| cookieString object| element object| care2IntlNumberFormat object| translationStrings object| petitionParams string| care2Stage string| systemCode object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| webpackChunkwebsite function| $ function| jQuery string| mouseflowPath object| _mfq object| EF object| _trackJs function| fbq function| _fbq object| uetq string| GoogleAnalyticsObject function| ga object| dataLayer function| pintrk function| twq function| saq function| _saq object| intlTelInputGlobals object| intlTelInputUtils object| mainPetition object| petitionSignForm object| initializationDeffereds object| $deferredLoadUserData object| $deferredLoadPetitionFromStatus function| UET function| UET_init function| UET_push object| ueto_84febae521 object| regeneratorRuntime object| twttr object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| GooglebQhCsO function| getParameterByName boolean| mouseflowPreferStorageApi object| mouseflowHeatmap object| mouseflow function| fbAsyncInit object| FB object| __buffer

26 Cookies

Domain/Path Name / Value
www.thepetitionsite.com/de-de/takeaction/386/896/852 Name: swimlane
Value: 451
.thepetitionsite.com/ Name: z00mc
Value: 33205826
www.thepetitionsite.com/ Name: c2_user_state
Value: 4617b5b931a705cd530e98b3bf326aa5%3A0
dev.visualwebsiteoptimizer.com/ Name: uuid
Value: DE0DBB86091BE63A0A329190E13CBC0CC
.thepetitionsite.com/ Name: _vwo_uuid_v2
Value: D01107AA12E064D7E747118D4E4BF70D8|bff93b429c1ccd9813f31764d9cb26c6
dev.visualwebsiteoptimizer.com/ Name: _vwo_ssm
Value: 1
www.thepetitionsite.com/ Name: _pk_id.5.cf13
Value: 3b2cfce45a45bbd9.1684278384.
www.thepetitionsite.com/ Name: _pk_ses.5.cf13
Value: 1
www.thepetitionsite.com/ Name: c2_session
Value: {%22sessionID%22:%2294e0d674-c08d-4a4d-8718-46ca2df945fa%22%2C%22sessionSequence%22:1%2C%22sessionTimestamp%22:1684278384}
.thepetitionsite.com/ Name: _uetsid
Value: 47f82730f43e11ed87e01b58f3dc0c75
.thepetitionsite.com/ Name: _uetvid
Value: 47f82f10f43e11ed84a7615ff78398d2
.thepetitionsite.com/ Name: _ga
Value: GA1.2.1858177835.1684278385
.thepetitionsite.com/ Name: _gid
Value: GA1.2.120659581.1684278385
.thepetitionsite.com/ Name: _gat
Value: 1
.bing.com/ Name: MUID
Value: 267B9540E47E6C97127F8653E57E6DAC
.thepetitionsite.com/ Name: _gcl_au
Value: 1.1.68665377.1684278385
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.thepetitionsite.com/ Name: c2_user_state
Value: 4617b5b931a705cd530e98b3bf326aa5%3A0
www.thepetitionsite.com/ Name: C2_CNOTICE
Value: 1
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8e23aa45-a375-578f-54d8-5b968446e65c.p7WLs4xv6vuTbL8sIlBic9oGI7IJzX0fSLEOPaNHTXU
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjiOqRaN1V49U2FuWhEbmXNlAlwo.WDp0xMlSheoMuZ2ZZIWA%2BFuPT8GvCwctwzq8thkqk1U
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjiOqRaN1V49U2FuWhEbmXNlAlwo.WDp0xMlSheoMuZ2ZZIWA%2BFuPT8GvCwctwzq8thkqk1U
www.thepetitionsite.com/ Name: sa-user-id
Value: s%253A0-8e23aa45-a375-578f-54d8-5b968446e65c.p7WLs4xv6vuTbL8sIlBic9oGI7IJzX0fSLEOPaNHTXU
www.thepetitionsite.com/ Name: sa-user-id-v2
Value: s%253AjiOqRaN1V49U2FuWhEbmXNlAlwo.WDp0xMlSheoMuZ2ZZIWA%252BFuPT8GvCwctwzq8thkqk1U
.t.co/ Name: muc_ads
Value: cafdcf9e-658e-4796-b622-dd3a59ee76d0
.twitter.com/ Name: personalization_id
Value: "v1_N+nnIGJrxNKGnjl3yFlPzg=="

4 Console Messages

Source Level URL
Text
network error URL: https://sb-dingo.care2.com/assets/img/flags@2x.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://qa2qaw1-dingo.care2.com/assets/img/flags@2x.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://www.care2.com https://www.thepetitionsite.com https://earthworm.care2.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
bat.bing.com
cdn.mouseflow.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
dingo.care2.com
fonts.googleapis.com
googleads.g.doubleclick.net
matomo.care2.us
qa2qaw1-dingo.care2.com
s.pinimg.com
sb-dingo.care2.com
static.ads-twitter.com
static.xx.fbcdn.net
stats.g.doubleclick.net
t.co
tags.srv.stackadapt.com
usage.trackjs.com
www.care2.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.thepetitionsite.com
qa2qaw1-dingo.care2.com
sb-dingo.care2.com
104.244.42.3
104.244.42.69
138.197.155.84
146.75.116.157
151.139.128.10
2620:1ec:c11::200
2a00:1450:4001:803::2004
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:810::2002
2a00:1450:4001:827::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9c
2a02:26f0:3500:883::1931
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.224.163.117
34.96.102.137
38.99.122.171
38.99.122.3
38.99.122.4
091d143bce18e34740772714a28b45b132baf3931ed9fb133e496b4fde644ac1
13bcddb5429dc04bb4781a9401cb286e6fffacb9b4b5fea4f940872646bf2135
21f488e904aaea8392cf4eaa0d9f03aa62558e13d26d6f322304859800b6c41e
248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36
2a45935bc9cea6e64fab363642958a4c1327624d02c9f60d61b75b8bd4ea354c
3a00bab5740796297333235b45f00d8d20b169b4e043af4d99eef7aac7e3f06c
3caa853646af7ff46f6f7097d691ed712e207fb9de4d7516f631712c6b0acaf6
4c555c077b6e95ca04b44ecb5ec7eb4d7bfc586cd3577384ef5b866224c59271
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
595b69c532195283f2d6eb39885858ddff6d0f30fad13d80c9e0211eeadef6d2
647f014d36822ef7e0413ffbb65598ae0cb57fb798e635c63912c93d94eb356a
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a
77bfadab52b22b3e95be56a1a4c1c9cba0f921c393ebe790bc5f6ba126b78b14
80201b8e946ead7b0baafb6fc4ff67a18ce02b0b60bc1d4bab02d0a2ef5bb324
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ab4e961a71e2a404aab37e528b0312282c258015d58f5e0eb5dec6aa4ff63d2
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
9000a2d7647b056593fb58618d18fc5bcd09c64b3bff9c53c7aa8874f3271a21
90c059e1785da8244367b375eb4969d0fa3ebd8c2925c7b8b4bc89ce5e3bd78a
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
99cff67ef14e61ae0eb9ff279a4b01a4b801ab3626d491e80773b340588b5d95
9da667a2d06a49f6f7fd0f37de54e6df03de06331fe4b4ced41a52c704e6f9c1
9dada1bc21ef57c4159a13febdab94568f3850f73b21bb251cd08cf7e8dae858
a5c6983cc007aede53eb467255ff6b98168c9323172eb38ee2c81752487c147f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b233a99c94dff0b71a653cf43c6568910480c9998835bb03ded203235806bb2e
b2fae427bc09b6f92cc6fc8c5dbb8055c3bfb368fe590fdd265c50a1afcf7350
b7601a86d788555d8dba3a8013b5d38db370fe5f8f0db290e8cc9674b6a53ebe
c5eea96179a8ce5acc57bbb60032306246385a03a7726ab1f8b6d901049f40cd
ca3df529505b4bf55706c5fdf45c1bf9c54abc60750af5e1a9a31b1ff8b3b3bc
cb9faf471c314cae8238aa5db053490bd50283053008f2c8249f593d30dd1b35
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d47e2935b6e37b2e136510f37bfc70e727caccf65fdf1a81013760a094deb6dc
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
daf01905e6e8a86ee154a2ac3cd5efde70ebf7887b2970523edcf9d177d61900
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ec2a57459f8d3823291c702a2df94ed02322c910174babd6672f2d92b9c0a7d0
ecc08a741dde1ba2da2899049f7959dd3648a54a1dc8e806d2eb75fbf9395e06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629