www.change.org Open in urlscan Pro
104.17.89.51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://chng.it/fCNjjqkmH4
Effective URL:
https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-host...
Submission: On November 09 via manual (November 9th 2022, 7:07:08 pm UTC) from US — Scanned from IT

Summary HTTP 74 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 15 domains to perform 74 HTTP transactions. The main IP is 104.17.89.51, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is www.change.org. The Cisco Umbrella rank of the primary domain is 77603.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2022. Valid for: a year.

This is the only time www.change.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.32.27.69 13.32.27.69	16509 (AMAZON-02) (AMAZON-02)
23	104.17.89.51 104.17.89.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:883::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.216.62.72 52.216.62.72	16509 (AMAZON-02) (AMAZON-02)
5	104.17.88.51 104.17.88.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14d0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.16.90.50 104.16.90.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
1	23.206.209.10 23.206.209.10	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2016	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	52.4.164.137 52.4.164.137	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:20:... 2606:4700:20::681a:6b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:ca00:3:9a1f:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::200d	15169 (GOOGLE) (GOOGLE)
74	24

1 13.32.27.69 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-69.fra56.r.cloudfront.net

chng.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.17.89.51 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

www.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-fe.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:883::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.62.72 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.88.51 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

static.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14d0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

client.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.90.50 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn.embedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-pxnslc0hv5.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.209.10 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-209-10.deploy.static.akamaitechnologies.com

a11391265293.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.4.164.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-164-137.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6b4 (United States)

ASN13335 (CLOUDFLARENET, US)

browser-update.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:ca00:3:9a1f:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

notifier-configs.airbrake.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	change.org www.change.org — Cisco Umbrella Rank: 77603 assets-fe.change.org — Cisco Umbrella Rank: 273157 assets.change.org — Cisco Umbrella Rank: 90730 static.change.org — Cisco Umbrella Rank: 121694	4 MB
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 94	850 KB
8	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 349 maps.googleapis.com — Cisco Umbrella Rank: 629	212 KB
6	google.com www.google.com — Cisco Umbrella Rank: 17 apis.google.com — Cisco Umbrella Rank: 172 accounts.google.com — Cisco Umbrella Rank: 126	74 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	82 KB
4	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 844 a11391265293.cdn.optimizely.com — Cisco Umbrella Rank: 266838 logx.optimizely.com — Cisco Umbrella Rank: 1616	459 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 static.doubleclick.net — Cisco Umbrella Rank: 421	1 KB
3	px-cloud.net client.px-cloud.net — Cisco Umbrella Rank: 8370 collector-pxnslc0hv5.px-cloud.net — Cisco Umbrella Rank: 160334	75 KB
2	airbrake.io notifier-configs.airbrake.io — Cisco Umbrella Rank: 9443	496 B
1	browser-update.org browser-update.org — Cisco Umbrella Rank: 9207	5 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 106	45 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 202	4 KB
1	embedly.com cdn.embedly.com — Cisco Umbrella Rank: 16222	99 KB
1	amazonaws.com s3.amazonaws.com	4 KB
1	chng.it 1 redirects chng.it — Cisco Umbrella Rank: 245548	423 B
74	15

	Domain	Requested by
11	www.youtube.com	cdn.embedly.com www.youtube.com
11	assets.change.org	www.change.org
10	www.change.org	www.change.org assets-fe.change.org
5	static.change.org	www.change.org assets-fe.change.org
4	maps.googleapis.com	assets-fe.change.org maps.googleapis.com
4	jnn-pa.googleapis.com	www.youtube.com
3	accounts.google.com	apis.google.com www.change.org www.gstatic.com
3	www.gstatic.com	www.youtube.com www.gstatic.com accounts.google.com
2	notifier-configs.airbrake.io	assets-fe.change.org
2	apis.google.com	assets-fe.change.org apis.google.com
2	logx.optimizely.com	cdn.optimizely.com assets-fe.change.org
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	collector-pxnslc0hv5.px-cloud.net	client.px-cloud.net assets-fe.change.org
2	assets-fe.change.org	www.change.org
1	browser-update.org	www.change.org
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	a11391265293.cdn.optimizely.com	cdn.optimizely.com
1	cdn.embedly.com	www.change.org
1	client.px-cloud.net	www.change.org
1	s3.amazonaws.com	www.change.org
1	cdn.optimizely.com	www.change.org
1	chng.it	1 redirects
74	26

This site contains links to these domains. Also see Links.

Domain
change.org
gogetfunding.com
www.facebook.com
twitter.com
www.youtube.com
help.change.org
guide.change.org
www.instagram.com
policies.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
client.botchk.net R3	`2022-08-30` - `2022-11-28`	3 months	crt.sh
*.embedly.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-15` - `2023-09-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2022-08-30` - `2023-09-29`	a year	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-06-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
logx.optimizely.com Amazon	`2022-07-24` - `2023-08-22`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.airbrake.io SSL.com RSA SSL subCA	`2021-11-18` - `2022-11-18`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
Frame ID: F17D872F22797BDBBCF9EB93AE120163
Requests: 44 HTTP requests in this frame

Frame: https://cdn.embedly.com/widgets/media.html?&display_name=YouTube&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2Fi0_jMcqcONo%2Fhqdefault.jpg&key=5c079241a1be4ecca8a6fe57387c4985&schema=youtube&src=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fi0_jMcqcONo%3Ffeature%3Doembed&type=text%2Fhtml&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3Di0_jMcqcONo&wmode=opaque
Frame ID: B0355D73909E4D1C00A204A5032EEF92
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Frame ID: A695443F37964846DDD2193A3F384510
Requests: 21 HTTP requests in this frame

Frame: https://a11391265293.cdn.optimizely.com/client_storage/a11391265293.html
Frame ID: 6603BE3A7BAF307E1314F34F0C581999
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 2E08BDDA8AABFAE7DC58E6D71D8B139B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aggiornamento sulla petizione · Suffering from another severe Gallstone Attack! · Change.org

Page URL History Show full URLs

https://chng.it/fCNjjqkmH4 HTTP 301
https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-impriso... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

74
Requests

99 %
HTTPS

67 %
IPv6

15
Domains

26
Subdomains

24
IPs

3
Countries

5634 kB
Transfer

20505 kB
Size

14
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://change.org/HostageOfEurope/
Title: https://change.org/HostageOfEurope/

Search URL Search Domain Scan URL

URL: https://gogetfunding.com/hostageofeurope/
Title: https://gogetfunding.com/hostageofeurope/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HostageOfEurope/
Title: https://www.facebook.com/HostageOfEurope/

Search URL Search Domain Scan URL

URL: https://twitter.com/AnwarNillufary/
Title: https://twitter.com/AnwarNillufary/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AnwarNillufary/
Title: https://www.youtube.com/user/AnwarNillufary/

Search URL Search Domain Scan URL

URL: https://help.change.org/s/?language=it
Title: Aiuto

Search URL Search Domain Scan URL

URL: https://guide.change.org/home-italia
Title: Guide

Search URL Search Domain Scan URL

URL: https://twitter.com/ChangeItalia
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Change.orgItalia
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/change.org_italia
Title: Instagram

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Informativa sulla Privacy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Termini di servizio

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://chng.it/fCNjjqkmH4 HTTP 301
https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

74 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 30330862
www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/
Redirect Chain

https://chng.it/fCNjjqkmH4
https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_mediu...

7 MB
2 MB

2489ms
2127ms

Document
text/html

104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: 'unsafe-inline' 'unsafe-eval' d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net .change.org change-production.s3.amazonaws.com change-public-stuff.s3.amazonaws.com .google.ca .googleadservices.com .youtube.com .doubleclick.net .google.com .googleapis.com .googletagmanager.com .google-analytics.com .gstatic.com .recaptcha.net .ytimg.com .facebook.com .facebook.net .fbcdn.net fbrpc:// fb-messenger://* .twitter.com .twimg.com .ads-twitter.com vk.com .vk.com ajax.cdnjs.com cdnjs.cloudflare.com service.force.com .salesforceliveagent.com .braintreegateway.com .paypalobjects.com .paypal.com .stripe.com .dlocal.com .optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com px-cdn.net .px-cdn.net .px-client.net .px-cloud.net pxchk.net .pxchk.net .hotjar.com:* .hotjar.io wss://.hotjar.com p2a.co .profitwell.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net .messagebird.com .pushnotifications.pusher.com js.pusher.com secure.everyaction.com d3rse9xjbp8270.cloudfront.net .ngpvan.com js2.verygoodvault.com code.jquery.com cdn.embedly.com player.vimeo.com bat.bing.com soundcloud.com .soundcloud.com www.instagram.com www.flickr.com .staticflickr.com .voteamerica.com .jotform.com actionnetwork.org .airbrake.io browser-update.org .tiktok.com .bannerbear.com us-central1-niftic-agency.cloudfunctions.net/openai/generate-draft d2yyd1h5u9mauk.cloudfront.net web.delighted.com cdn.iframe.ly change.my.salesforce.com help.change.org; font-src 'self' data: .change.org d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net fonts.gstatic.com .hotjar.com .hotjar.io d3rse9xjbp8270.cloudfront.net; img-src * blob: data:; form-action 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7678d413f979bb00-MXP
content-encoding: gzip
content-security-policy: default-src 'self' blob: 'unsafe-inline' 'unsafe-eval' d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net *.change.org change-production.s3.amazonaws.com change-public-stuff.s3.amazonaws.com *.google.ca *.googleadservices.com *.youtube.com *.doubleclick.net *.google.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.recaptcha.net *.ytimg.com *.facebook.com *.facebook.net *.fbcdn.net fbrpc://* fb-messenger://* *.twitter.com *.twimg.com *.ads-twitter.com vk.com *.vk.com ajax.cdnjs.com cdnjs.cloudflare.com service.force.com *.salesforceliveagent.com *.braintreegateway.com *.paypalobjects.com *.paypal.com *.stripe.com *.dlocal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com px-cdn.net *.px-cdn.net *.px-client.net *.px-cloud.net pxchk.net *.pxchk.net *.hotjar.com:* *.hotjar.io wss://*.hotjar.com p2a.co *.profitwell.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.messagebird.com *.pushnotifications.pusher.com js.pusher.com secure.everyaction.com d3rse9xjbp8270.cloudfront.net *.ngpvan.com js2.verygoodvault.com code.jquery.com cdn.embedly.com player.vimeo.com bat.bing.com soundcloud.com *.soundcloud.com www.instagram.com www.flickr.com *.staticflickr.com *.voteamerica.com *.jotform.com actionnetwork.org *.airbrake.io browser-update.org *.tiktok.com *.bannerbear.com us-central1-niftic-agency.cloudfunctions.net/openai/generate-draft d2yyd1h5u9mauk.cloudfront.net web.delighted.com cdn.iframe.ly change.my.salesforce.com help.change.org; font-src 'self' data: *.change.org d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net fonts.gstatic.com *.hotjar.com *.hotjar.io d3rse9xjbp8270.cloudfront.net; img-src * blob: data:; form-action 'self'
content-type: text/html; charset=utf-8
date: Wed, 09 Nov 2022 19:06:57 GMT
permissions-policy: fullscreen=(), geolocation=(*), microphone=(), camera=()
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: sameorigin
x-request-id: 26d9988f-6ee6-4f8f-a276-d61d65b67632

Redirect headers

content-length: 0
date: Wed, 09 Nov 2022 19:06:56 GMT
location: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
server: AmazonS3
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-cf-id: QAkl9cMTtNK5Ky8Y5SgKTltPkRYJZdzzFOE3gZKiYpYjWJzMxjx1cQ==
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront

GET
H2 200 11391265293.js Show response
cdn.optimizely.com/js/ 1 MB
457 KB 174ms
58ms Script
text/javascript 2a02:26f0:3500:883::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/11391265293.js

Requested by

Host: www.change.org
URL: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f174fccbcf5d396d82a4742899309a6e5ed1650247827dfec50ab78013613d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: .YL0zitON7ZzPsBST5RRdjGVwJM1Lj8v
content-encoding: gzip
date: Wed, 09 Nov 2022 19:06:58 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: WTD41DJBW8Z37AVZ
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 43948
x-amz-replication-status: PENDING
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="55";dur=0,cdnip;desc="2a02:26f0:3500:883::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
content-length: 466368
x-amz-id-2: EtoNYV/ju6YLa7T5oDkbgpbltDeDVpTWl91Dbkpp6c07EEoKRShIzApKRQ8ZHINvuRqGc+mNBlo=
last-modified: Wed, 09 Nov 2022 14:46:43 GMT
server: AmazonS3
etag: "2c0242c249df3378984d1e3eed665ef5"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 rendr-03iU3I1KY-pxGvDoR5a4kTuhVNdPTX-lLhQAinBifGU.css
assets-fe.change.org/fe/css/ 172 KB
51 KB 174ms
72ms Stylesheet
text/css 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-fe.change.org/fe/css/rendr-03iU3I1KY-pxGvDoR5a4kTuhVNdPTX-lLhQAinBifGU.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d37894dc8d4a63ea711af0e84796b8913ba154d74f4d7fa52e14008a70627c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 15:30:42 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 10332
etag: W/"883544cc9ebec2e06f2bd4527c1b6597"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1314000
cf-ray: 7678d4220c17bb29-MXP
expires: Fri, 25 Nov 2022 00:06:58 GMT

GET
H2 200 changeAssets-f9a2555e8b0a880a96d2.js Show response
assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/ 6 MB
1 MB 123ms
49ms Script
application/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c04fff8a5b228a2bc9ef97de8c9083753c63fee2458bdd2977d51caa30892a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 10332
last-modified: Wed, 09 Nov 2022 15:33:36 GMT
server: cloudflare
etag: W/"e03103104644421a5decdbea01f00e89-2"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=1314000
cf-ray: 7678d42369b3bae7-MXP
expires: Fri, 25 Nov 2022 00:06:58 GMT

GET
H2 200 f1a5168baa1320dcef18b1962fb082e42f82dc4f79e39c7badcc8d30575518ed_729e2a3dc808f81a0e142b553678d5fc1e85f06a.js Show response
www.change.org/api-proxy/-/locale_data/rendr-fe/it-IT/ 542 KB
136 KB 262ms
261ms Script
application/x-javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/locale_data/rendr-fe/it-IT/f1a5168baa1320dcef18b1962fb082e42f82dc4f79e39c7badcc8d30575518ed_729e2a3dc808f81a0e142b553678d5fc1e85f06a.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11bf79a73bff578b6e80a198b49fcf948507e426482343ad105d2ffe90535e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
etag: W/"878d3-JKX5TpTFuTW6vRMPB31Gyedc4AQ"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 7678d422ffc3bb00-MXP
x-request-id: 311a31f5-7226-498c-acea-3204136bf5b6

GET
H/1.1 200
OK Icon_google.png
s3.amazonaws.com/change-assets/iconography/ 3 KB
4 KB 887ms
310ms Image
image/png 52.216.62.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/change-assets/iconography/Icon_google.png
Requested by: Host: www.change.org
URL: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.62.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2f22aaf2e8367b02152b442ef28df7084601e0ded40c7d8f7b6f24be66b326fb

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Wed, 09 Nov 2022 19:07:00 GMT
x-amz-version-id: qQUwThkyHB.uliIE2wlK0jg7nLP7XyC0
Last-Modified: Thu, 05 Jul 2018 18:28:51 GMT
Server: AmazonS3
x-amz-request-id: KYVBK9P93BSZDXNA
ETag: "369517fb3742230ce26a804ab17c7566"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3333
x-amz-id-2: sWhO+GDGv0kyXKMWUJQ1uJu9g577MCKc+FRNJQn7tjMdqGMCKEfWUPMs1GVpii3ftN3P/NmD29s=

GET
H2 200 imuDcDfdciafHZc-128x128-noPad.jpg
assets.change.org/photos/4/ud/cd/ 3 KB
4 KB 646ms
564ms Image
image/jpeg 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/4/ud/cd/imuDcDfdciafHZc-128x128-noPad.jpg?1509558761

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9647ba2bcf1f60767c74a12f152b36ebe47da78b0c8fb9d7e4f6fa9aba7fd9cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:06:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 01 Nov 2017 17:52:42 GMT
server: cloudflare
etag: "b527cf53f84d881156a28d77711e3a08"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7678d4239814bb09-MXP
content-length: 3515
expires: Wed, 16 Nov 2022 19:06:59 GMT

GET
H2 200 cc-badges-ppmcvdam.png
static.change.org/payment-options/ 10 KB
11 KB 169ms
70ms Image
image/webp 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.change.org/payment-options/cc-badges-ppmcvdam.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1109f06575461e12506210604c6bc3327909e9d62c43ba26bfbbfc134aa72993

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:06:58 GMT
x-amz-version-id: N4SI4WlBSLPCu5KnXbnJ4LlSaYTRizPe
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 1752
cf-polished: origFmt=png, origSize=15330
content-disposition: inline; filename="cc-badges-ppmcvdam.webp"
content-length: 10516
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Dec 2017 23:43:50 GMT
server: cloudflare
etag: "c6235f4a9b54cfecaa26270f58b57aa0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1382400
accept-ranges: bytes
cf-ray: 7678d4239f8f59bf-MXP
expires: Fri, 25 Nov 2022 19:06:58 GMT

GET
H2 200 green-buzzworthy.svg
static.change.org/images/ 657 B
574 B 177ms
77ms Image
image/svg+xml 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.change.org/images/green-buzzworthy.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bf9f54a9d46d53a2e8506a9d305edd01518a4cf855b45d5ce710dc5dd9f927

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:06:58 GMT
x-amz-version-id: giIHttNBhlkVdhDoL0IZkFLMdoOglwdn
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 26 Aug 2019 23:09:30 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1359
etag: W/"2dadfe0285595186dc958c9b6079c7c1"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: gzip
cache-control: public, max-age=1382400
cf-ray: 7678d4239f8459bf-MXP
expires: Fri, 25 Nov 2022 19:06:58 GMT

GET
H2 200 main.min.js Show response
client.px-cloud.net/PXNsLC0Hv5/ 168 KB
74 KB 222ms
51ms Script
application/javascript 2a02:26f0:3500:11::215:14d0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://client.px-cloud.net/PXNsLC0Hv5/main.min.js
Requested by: Host: www.change.org
URL: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d3ce3bf0df34fe1d406391eb20c9ac4f23bb854291ddf734518843450df52664

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:06:58 GMT
content-encoding: gzip
etag: "29e95-ML+2pdDiGFRRV0KJT2GGipghW3k"
x-px-hash: NGRkZWNmZDU1ODMwZDA3MmFhMDBhZGY3Y2ExYjM5M2M3MzhmMmYzY2UxOGJkZmIzMTE4ZTk2ZmYxY2Y1ZGIyZQ==
vary: Accept-Encoding
active-cdn: Akamai
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: active-cdn,x-served-by,Akamai-Request-BC
cache-control: max-age=600,stale-while-revalidate=86400,stale-if-error=3600
content-length: 75297

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d57b3c19380541f2d7fd3eb500da925eeff601029c8ef4f7f4cc773926077e17

Request headers

Referer
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK media.html Show response
cdn.embedly.com/widgets/ Frame B035 395 KB
99 KB 148ms
53ms Document
text/html 104.16.90.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.embedly.com/widgets/media.html?&display_name=YouTube&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2Fi0_jMcqcONo%2Fhqdefault.jpg&key=5c079241a1be4ecca8a6fe57387c4985&schema=youtube&src=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fi0_jMcqcONo%3Ffeature%3Doembed&type=text%2Fhtml&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3Di0_jMcqcONo&wmode=opaque
Requested by: Host: www.change.org
URL: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.90.50 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ead7843320183348f39fc18a9f9fd7ef275bab6e195e60ffcac93a7f3e737004

Request headers

Referer: https://www.change.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

CF-Cache-Status: HIT
CF-RAY: 7678d423ad0e3753-MXP
Cache-Control: public, max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Nov 2022 19:06:58 GMT
Expires: Wed, 09 Nov 2022 19:11:58 GMT
Last-Modified: Wed, 28 Sep 2022 12:23:48 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: AhdggTmPRNOlEDeId2J2bAUyHCvOkviOmRnK3jQnE0L8bxGZzgZydv8Ix02FLWTF7jMQ6CD5A94=
x-amz-request-id: D9BEYY4DSA3103ZT
x-amz-version-id: bG.ZZH2d0M2QrDAIIMAYKmZFWF.F2B9p

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame B035 992 B
2 KB 179ms
72ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.embedly.com
URL: https://cdn.embedly.com/widgets/media.html?&display_name=YouTube&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2Fi0_jMcqcONo%2Fhqdefault.jpg&key=5c079241a1be4ecca8a6fe57387c4985&schema=youtube&src=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fi0_jMcqcONo%3Ffeature%3Doembed&type=text%2Fhtml&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3Di0_jMcqcONo&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

874e87fa935e7bccb5fa562bb4796cb9016ffda5fe036c748cd6458de421bf67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn.embedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:06:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 09 Nov 2022 19:06:58 GMT

POST
H2 200 collector Show response
collector-pxnslc0hv5.px-cloud.net/api/v2/ 354 B
607 B 141ms
67ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxnslc0hv5.px-cloud.net/api/v2/collector
Requested by: Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXNsLC0Hv5/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: a6582b06c4bbc7077ecd0ad0be561b14819a5022099e1917b4445165c26a7b9d

Request headers

Referer: https://www.change.org/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Nov 2022 19:06:58 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.change.org
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 354

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/c4225c42/www-widgetapi.vflset/ Frame B035 161 KB
53 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c64fcbaf5909fcab9ad263ef654d029a486aac70414f6504a0c7d3f04a93fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn.embedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 17:08:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53867
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Nov 2023 17:08:05 GMT

GET
H3 200 i0_jMcqcONo Show response
www.youtube.com/embed/ Frame A695 69 KB
28 KB 133ms
133ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

412faf9fc1b2f92f3924326775fe15e2aca4dcfe238c1f953967d6cf6064dd3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.embedly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 09 Nov 2022 19:06:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 a11391265293.html Show response
a11391265293.cdn.optimizely.com/client_storage/ Frame 6603 2 KB
1 KB 179ms
62ms Document
text/html 23.206.209.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a11391265293.cdn.optimizely.com/client_storage/a11391265293.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/11391265293.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.209.10 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-209-10.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

78a9f1e0feea988604f1a5c7b98941351c12b125cfe9d5cd5e6ef2510939cf2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.change.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 827
content-type: text/html; charset=utf-8
date: Wed, 09 Nov 2022 19:06:59 GMT
etag: "aeb7db025282947be0370a8a6e43d4ff"
last-modified: Wed, 09 Nov 2022 14:46:09 GMT
server: AmazonS3
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="48";dur=0,cdnip;desc="23.206.209.10";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: EBz91QNoaMC5V3MygLRu6cpo0gz8Hv50aeXJsndsxrkm/KGDT/onLSrs9DmhWUTbkiCgmHCMp/w=
x-amz-meta-pci_enabled: False
x-amz-replication-status: PENDING
x-amz-request-id: APJFR2ZFGFAH7YBN
x-amz-server-side-encryption: AES256
x-amz-version-id: uXPym4FBjLQwiFKpXOwwTJYYSv0OepBa

GET
H3 200 www-player.css
www.youtube.com/s/player/c4225c42/ Frame A695 359 KB
49 KB 49ms
49ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49779
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A695 15 KB
16 KB 158ms
50ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 85532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:21:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A695 15 KB
15 KB 170ms
62ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 86831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Nov 2023 18:59:48 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/ Frame A695 309 KB
96 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 06:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46820
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98145
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Nov 2023 06:06:39 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/it_IT/ Frame A695 2 MB
576 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/it_IT/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77ca2606aab7acb1d1e446795d1cdb3bf131286b3cab2d7b6a1b3646f208d735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589575
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:16 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/ Frame A695 9 KB
3 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 19:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 08 Nov 2023 19:26:01 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame A695
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

162ms
59ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cdc5485014bab016a4414668eca7f7dee41526cfbb69b05172c766d5de6fb04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 09 Nov 2022 19:06:59 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A695 29 B
588 B 157ms
50ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 18:54:12 GMT
x-content-type-options: nosniff
age: 767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Nov 2022 19:09:12 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 193ms
58ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 09 Nov 2022 19:06:59 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A695 66 KB
30 KB 171ms
68ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d206856bd14f16f164b3ed38c7a447afc07e5686bf9595c143df085b92539527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 09 Nov 2022 19:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30946
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/it_IT/ Frame A695 118 KB
36 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/it_IT/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d605ea363d4862fafface9359fb56761a6c231ea23ea232a58ad3963f2beb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:52:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37197
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:52:21 GMT

GET
H2 200 gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js Show response
www.google.com/js/th/ Frame A695 36 KB
15 KB 159ms
50ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/it_IT/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80cb07f384d0ba20c455faf5042b46e7171d37bddbe1d5411e99c6a8d1e76a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 08:09:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14294
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 08:09:17 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/it_IT/ Frame A695 26 KB
8 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/it_IT/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef4cc3793edccc83cfb263af4739caa64fb570a6c9dcb6f5cf822c11caf21fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 18:03:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 176603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8282
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 18:03:36 GMT

GET
DATA 200
OK truncated
/ Frame A695 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 aGkG7XrdVgep5V7aPnT8yjtaGxU7_ff3mOmPXZ9l8mhN7jmRej0_QXR89Tp7gjKOyv_1aAbEjw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame A695 3 KB
4 KB 171ms
61ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/aGkG7XrdVgep5V7aPnT8yjtaGxU7_ff3mOmPXZ9l8mhN7jmRej0_QXR89Tp7gjKOyv_1aAbEjw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fb77eda11e28f20f04003e966b8e7dbfb7a0ed13914cf7b25268f0c94a98b69f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:06:59 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3410
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Nov 2022 07:11:04 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/i0_jMcqcONo/ Frame A695 44 KB
45 KB 271ms
126ms Image
image/webp 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/i0_jMcqcONo/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f859b0a221c4204ed90bf0912c46e300bc8291f8a376706b70d1b024ac5b0bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:06:59 GMT
x-content-type-options: nosniff
server: sffe
etag: "1647291994"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45530
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 09 Nov 2022 21:06:59 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A695 4 KB
3 KB 171ms
63ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/it_IT/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:06:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 19:06:59 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame A695 0
10 B 49ms
49ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?KYXOFA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:06:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame A695 52 KB
15 KB 151ms
50ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 08:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 10 Nov 2022 08:09:33 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A695 90 B
134 B 62ms
62ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03382a5c6713af99401c4afec84e82a17606f3f4f87da015ec83764ce6189a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 09 Nov 2022 19:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 59ms
58ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 09 Nov 2022 19:07:00 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
359 B 526ms
130ms XHR
text/plain 52.4.164.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/11391265293.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.164.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-164-137.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.change.org/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 09 Nov 2022 19:07:00 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.change.org
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: c9270303-4964-4f48-9c93-8856409a4134

GET
H2 200 update.min.js Show response
browser-update.org/ 9 KB
5 KB 179ms
87ms Script
application/javascript 2606:4700:20::681a:6b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-update.org/update.min.js
Requested by: Host: www.change.org
URL: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd9e04afdafe426ce893f20a2bf4d80d88c8230487e74acea10e2a1deff69859

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Oct 2022 08:29:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1507067
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUNe0RzWVdhc%2FTs9t2ABqa3AoUOLKbw8srBOoo8aJzHKz8gWKTonfNEqxCVRtKXP61hHHPuvgTqxoXzD4Y6QVp8Yl3W9ka26396P00gk%2BFrawazuyvXG6D%2BWHUB3tJVFO0fqLnr2z8cI1uXRPG%2BJRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
content-disposition: inline; filename=update.min.js
cf-ray: 7678d4383b3383ba-MXP
expires: Mon, 24 Oct 2022 08:29:14 GMT

GET
H2 200 csrf-token
www.change.org/api-proxy/-/ 0
0 271ms
270ms Fetch 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/csrf-token?cb=1668020821735

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
x-csrf-token: b09416726f3306f22e0a0f5100eb4c16
last-modified: Wed, 09 Nov 2022 19:07:01 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7678d437fa7ebb00-MXP
content-length: 0
x-request-id: 1e733f5a-6c9f-40b4-ae9a-6fe6c96a1875

GET
H2 200 cookie_prefs Show response
www.change.org/api-proxy/-/ 81 B
365 B 248ms
248ms Fetch
application/json 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/cookie_prefs?cb=1

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84c5d8fd28e2b0539d2d1f35c0bb6beebeeec5d66bb0328af998b16945851031

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
etag: W/"51-qsdJRvmS5s0GQNl+mRCaFag0AKc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 7678d43a0f5cbb00-MXP
x-request-id: 74915486-cdff-4e0b-86d4-3042ba1828fd

GET
H2 200 Change-Calibre-Regular.woff2
static.change.org/fonts/ 30 KB
31 KB 170ms
82ms Font
application/octet-stream 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.change.org/fonts/Change-Calibre-Regular.woff2

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/css/rendr-03iU3I1KY-pxGvDoR5a4kTuhVNdPTX-lLhQAinBifGU.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

552426fa67711398e49423a732526e763187afd768567b87e139fec853820809

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets-fe.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:02 GMT
x-amz-version-id: kWNZjdaKXPzoQBC5TZ48DMAGUj.3kpR3
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 2771
content-length: 30956
last-modified: Tue, 19 Apr 2016 05:44:47 GMT
server: cloudflare
etag: "58b40d8b77ba9c43a803a9779a22f8c7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: https://www.change.org
content-type: application/octet-stream
cache-control: public, max-age=1382400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7678d43acea583b4-MXP
expires: Fri, 25 Nov 2022 19:07:02 GMT

GET
H2 200 Change-Calibre-Bold.woff2
static.change.org/fonts/ 31 KB
31 KB 197ms
109ms Font
application/octet-stream 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.change.org/fonts/Change-Calibre-Bold.woff2

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/css/rendr-03iU3I1KY-pxGvDoR5a4kTuhVNdPTX-lLhQAinBifGU.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets-fe.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:02 GMT
x-amz-version-id: 3jrU_Dju8RrOkM9darm4OVCeQ.ZT6UeB
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 4809
content-length: 32028
last-modified: Tue, 19 Apr 2016 05:45:19 GMT
server: cloudflare
etag: "682c36331f52784f4ea0b00d69b95d2b"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: https://www.change.org
content-type: application/octet-stream
cache-control: public, max-age=1382400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7678d43acea983b4-MXP
expires: Fri, 25 Nov 2022 19:07:02 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 169ms
60ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af788498d8b2bfa626b3a8af1d0a9d17e457ab7f6877e696eb6e0358ae566b16

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 09 Nov 2022 19:07:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20986
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "17bf89514fddb71a"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Nov 2022 19:07:02 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 170 KB
56 KB 204ms
75ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBwot59Cgi_SoxwakkTkAvni7930r0eJs4&libraries=places&sensor=false&callback=__loadGooglePlaces

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

ecf742d08c301a23f844020794dd9afe802872e2a884e1b20c581e8e475a91d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:02 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=15
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56949
x-xss-protection: 0
expires: Wed, 09 Nov 2022 19:37:02 GMT

GET
H2 200 comments Show response
www.change.org/api-proxy/-/ 45 B
180 B 964ms
964ms XHR
application/json 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/comments?commentable_type=PetitionUpdate&commentable_id=30330862&limit=3&offset=0

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfb4f5b998d87defe365a82d3f0b131eafa73e79ee253a4601f688408e4c7b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
X-CSRF-Token: b09416726f3306f22e0a0f5100eb4c16
X-Requested-With: jquery
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
etag: W/"2d-ehamZYGYuk7NYPA4a+/1vv02a8w"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 7678d43af99ebb00-MXP
x-request-id: 3049f4a3-43c7-47cd-9f4d-f2782d1fa528

GET
H2 200 green-buzzworthy.svg
static.change.org/images/ 657 B
513 B 155ms
155ms Image
image/svg+xml 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.change.org/images/green-buzzworthy.svg

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bf9f54a9d46d53a2e8506a9d305edd01518a4cf855b45d5ce710dc5dd9f927

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:02 GMT
x-amz-version-id: giIHttNBhlkVdhDoL0IZkFLMdoOglwdn
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 26 Aug 2019 23:09:30 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1363
etag: W/"2dadfe0285595186dc958c9b6079c7c1"
vary: Accept-Encoding
content-type: image/svg+xml
content-encoding: gzip
cache-control: public, max-age=1382400
cf-ray: 7678d43b0fe559bf-MXP
expires: Fri, 25 Nov 2022 19:07:02 GMT

GET
H2 200 it-IT Show response
www.change.org/api-proxy/-/petitions/promoted/ 121 KB
26 KB 533ms
533ms XHR
application/json 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/petitions/promoted/it-IT?country_code=IT&min_petitions=9&ip_country_code=IT&ip_city=Milan&ip_region=25&ip_postal_code=20153&channel=update_footer&petition_id=26511206

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59b222fabd5f7d50a0ef8c3b2b74990f55c005f978e72f771f6da63b3f7ec7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
X-CSRF-Token: b09416726f3306f22e0a0f5100eb4c16
X-Requested-With: jquery
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
etag: W/"1e380-wyqt1XnuVFGTdad6wDUskVsyMyk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 7678d43b3a8abb00-MXP
x-request-id: 9b1a9497-019c-40d1-8e64-83266a166737

GET
H2 200 imuDcDfdciafHZc-48x48-noPad.jpg
assets.change.org/photos/4/ud/cd/ 1 KB
1 KB 1043ms
1043ms Image
image/jpeg 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/4/ud/cd/imuDcDfdciafHZc-48x48-noPad.jpg?1509558761

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab294cb0ebb5837eda1c009fc76ac683e5fec73979be76bd7334d3a61ff9b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 01 Nov 2017 17:52:42 GMT
server: cloudflare
etag: "8f389b4c71a97dd482efb1497dda65a9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7678d43b6bbbbb09-MXP
content-length: 1161
expires: Wed, 16 Nov 2022 19:07:03 GMT

POST
H2 200 store Show response
www.change.org/api-proxy/-/longlinks/ 71 B
215 B 868ms
867ms XHR
application/json 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/longlinks/store

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8119082a573abb29544b5e116200e88ccaadf0a0df08c6e047dd44355449fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
X-Requested-With: axios
X-CSRF-Token: b09416726f3306f22e0a0f5100eb4c16
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Nov 2022 19:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
etag: W/"47-vLKh9h3a3OYCAmo3dqAQiHegj+A"
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 7678d43b6ae5bb00-MXP
x-request-id: 5da8ea41-3330-4c3b-8647-6c1ac7394983

POST
H2 200 event_tracker
www.change.org/api-proxy/-/ 2 B
87 B 269ms
268ms Ping
application/json 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/event_tracker?_csrf=b09416726f3306f22e0a0f5100eb4c16

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Nov 2022 19:07:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 7678d43b6ae6bb00-MXP
content-length: 2
x-request-id: e130b05c-55fc-4f99-bc76-d37ecbd150d3

POST
H2 200 event_tracker
www.change.org/api-proxy/-/ 2 B
118 B 261ms
261ms Ping
application/json 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/event_tracker?_csrf=b09416726f3306f22e0a0f5100eb4c16

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Nov 2022 19:07:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 7678d43b6ae9bb00-MXP
content-length: 2
x-request-id: e99bc6f1-dc0b-412b-925d-269b2eb4c4dd

GET
H2 200 config.json Show response
notifier-configs.airbrake.io/2020-06-18/config/122982/ 126 B
496 B 62ms
61ms XHR
binary/octet-stream 2600:9000:206f:ca00:3:9a1f:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notifier-configs.airbrake.io/2020-06-18/config/122982/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.7&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36&language=JavaScript
Requested by: Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:3:9a1f:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d44f17274699b16cb9886433221d59082f8f89f628ad153cfb6f3693ea0ef5a8

Request headers

accept: application/json
cache-control: no-cache,no-store
Referer: https://www.change.org/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 22:35:45 GMT
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 11:12:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 73878
etag: "799c19a790b06a798ee290ffa4aed1ce"
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 126
x-amz-cf-id: cHLrU81YUUOIPYvsFAXHDmWWz0Jf6tLjsh7Qpbej6D6P_3C1yDYmjQ==

OPTIONS
H2 200 config.json
notifier-configs.airbrake.io/2020-06-18/config/122982/ Frame 0
0 316ms
155ms Preflight 2600:9000:206f:ca00:3:9a1f:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notifier-configs.airbrake.io/2020-06-18/config/122982/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.7&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36&language=JavaScript
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:3:9a1f:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://www.change.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: cache-control
access-control-allow-methods: GET
access-control-allow-origin: *
content-length: 0
date: Wed, 09 Nov 2022 19:07:03 GMT
server: AmazonS3
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-id: 4YUX15OHSlilN4nsC-xK8XnQI6zuFFTWVlwsVwjPr5cxZFAltStTCw==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A695 28 B
54 B 65ms
65ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
X-Goog-Request-Time: 1668020822312
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/i0_jMcqcONo?wmode=opaque&widget_referrer=https%3A%2F%2Fwww.change.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtwLURnVlRQWFhTZyjT9K-bBg%3D%3D
X-YouTube-Ad-Signals: dt=1668020819550&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C326&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 09 Nov 2022 19:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 09 Nov 2022 19:07:02 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.it.lGGeQQLi2yo.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-a-H5_LWasPUqCta-nadXeO0VUBA/ 109 KB
36 KB 178ms
53ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.it.lGGeQQLi2yo.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-a-H5_LWasPUqCta-nadXeO0VUBA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f59517834ebdc3bf76a9544e6ae7d0c0a5f4963d5d6dfa2dbd1fb39f175a157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36749
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 16:41:06 GMT

POST
H2 200 event_tracker
www.change.org/api-proxy/-/ 2 B
87 B 252ms
252ms Ping
application/json 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/event_tracker?_csrf=b09416726f3306f22e0a0f5100eb4c16

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Nov 2022 19:07:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 7678d43c0c32bb00-MXP
content-length: 2
x-request-id: b28463cf-1d8f-4f9f-acb8-1f02dc27dd02

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 176ms
71ms XHR
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.change.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

POST
H3 200 collector Show response
collector-pxnslc0hv5.px-cloud.net/api/v2/ 419 B
437 B 157ms
83ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxnslc0hv5.px-cloud.net/api/v2/collector
Requested by: Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 8546bc51ac82844c88d350d11a888a2cc758796e39bfa55d5703c63df358a3b9

Request headers

Referer: https://www.change.org/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Nov 2022 19:07:02 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.change.org
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 419

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 2E08 280 B
1 KB 190ms
64ms Document
text/html 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.it.lGGeQQLi2yo.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-a-H5_LWasPUqCta-nadXeO0VUBA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

153d099a8c748c551f0147a716d2d23983705fdde57c4cec060fec789a99f132

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-qfUm2hj9dH_tgQwC0PsQfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-qfUm2hj9dH_tgQwC0PsQfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 19:07:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 2E08 2 KB
848 B 174ms
69ms Other
text/html 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d70b96057696fbcb05a054c0bf7aea4819d945eeac1e5aae5ff8500fbb9890a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 19:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.it._wdrCPqrjD0.es5.O/d=1/rs=AOaEmlEl7fJ9XVzOW_QQ2Own4skWjZXL2A/ Frame 2E08 99 KB
34 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.it._wdrCPqrjD0.es5.O/d=1/rs=AOaEmlEl7fJ9XVzOW_QQ2Own4skWjZXL2A/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87550fd4559de53630e08db20c3d2ba7c80ca77a0414fdf3686cc68c29fece4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 21:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 509360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34810
x-xss-protection: 0
last-modified: Sun, 30 Oct 2022 14:40:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 21:37:42 GMT

GET
H2 200 IKuRZwvMSyRbrkv-400x225-noPad.jpg
assets.change.org/photos/8/ur/zw/ 17 KB
17 KB 111ms
109ms Image
image/jpeg 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/8/ur/zw/IKuRZwvMSyRbrkv-400x225-noPad.jpg?1661931592

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b21453ab94e44456b8d2eb7659ed0302193c837ed34472fac500843a6a9cd32f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 193764
cf-polished: origSize=17960, status=webp_bigger
content-length: 17276
cf-bgj: imgq:100,h2pri
last-modified: Wed, 31 Aug 2022 07:39:53 GMT
server: cloudflare
etag: "b319dded84d30a253fb40c1317d0b370"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7678d43fadecbb09-MXP
expires: Wed, 16 Nov 2022 19:07:03 GMT

GET
H2 200 EZtqoytsRRcAsnx-400x225-noPad.jpg
assets.change.org/photos/9/tq/oy/ 17 KB
17 KB 69ms
67ms Image
image/jpeg 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/9/tq/oy/EZtqoytsRRcAsnx-400x225-noPad.jpg?1664535727

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a8dadc2af4c34891a31169d6a0b5f8c403cd77e9ab457a44ea3b3227f176587

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 438634
cf-polished: origSize=18029, status=webp_bigger
content-length: 17654
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 11:02:08 GMT
server: cloudflare
etag: "db8b83413e94b9209c50ed9727a4a5c8"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7678d43fadedbb09-MXP
expires: Wed, 16 Nov 2022 19:07:03 GMT

GET
H2 200 UcRFYsfLHqXwCTr-400x225-noPad.jpg
assets.change.org/photos/4/rf/ys/ 12 KB
12 KB 107ms
106ms Image
image/jpeg 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/4/rf/ys/UcRFYsfLHqXwCTr-400x225-noPad.jpg?1664033554

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

542f53a05891b0f2a33afd48fc534a97e5d34686e567e58f411c0c1ea157e787

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 562422
cf-polished: origSize=12713, status=webp_bigger
content-length: 12308
cf-bgj: imgq:100,h2pri
last-modified: Sat, 24 Sep 2022 15:32:35 GMT
server: cloudflare
etag: "459937c06f864f2c50b14a57c021d7ba"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7678d43fadeebb09-MXP
expires: Wed, 16 Nov 2022 19:07:03 GMT

GET
H2 200 XnDPdZZTCKThtmf-400x225-noPad.jpg
assets.change.org/photos/8/dp/dz/ 13 KB
13 KB 65ms
63ms Image
image/jpeg 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/8/dp/dz/XnDPdZZTCKThtmf-400x225-noPad.jpg?1662391906

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9c614b2e8b9f10a89194f528958b3f437a6181e41f9800a1d63aa340c9e05ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 423757
cf-polished: origSize=13667, status=webp_bigger
content-length: 12830
cf-bgj: imgq:100,h2pri
last-modified: Mon, 05 Sep 2022 15:31:47 GMT
server: cloudflare
etag: "693346603696802466c528f356975967"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7678d43fadf1bb09-MXP
expires: Wed, 16 Nov 2022 19:07:03 GMT

GET
H2 200 foOjSpXsohLLSHs-400x225-noPad.jpg
assets.change.org/photos/3/oj/sp/ 21 KB
21 KB 57ms
56ms Image
image/jpeg 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/3/oj/sp/foOjSpXsohLLSHs-400x225-noPad.jpg?1654183117

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77b43ef84f21de14d7a5f5690dda201c128746a3bc9aca9c11396a23d3fd2d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 279695
cf-polished: origSize=22478, status=webp_bigger
content-length: 21712
cf-bgj: imgq:100,h2pri
last-modified: Thu, 02 Jun 2022 15:18:38 GMT
server: cloudflare
etag: "b9d3066acc1106c0cb4310e5e7bfcc09"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7678d43fadf2bb09-MXP
expires: Wed, 16 Nov 2022 19:07:03 GMT

GET
H2 200 UkASMfOIWrRUTfQ-400x225-noPad.jpg
assets.change.org/photos/2/as/mf/ 19 KB
19 KB 101ms
99ms Image
image/jpeg 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/2/as/mf/UkASMfOIWrRUTfQ-400x225-noPad.jpg?1654593551

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0617bfff3a3e726c0276e93677d95c3bce7681d8d1955f8037906164537bda30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 553073
cf-polished: origSize=20118, status=webp_bigger
content-length: 19104
cf-bgj: imgq:100,h2pri
last-modified: Tue, 07 Jun 2022 09:19:12 GMT
server: cloudflare
etag: "74d72de76b00b8ada5d89fa8e9e8da73"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7678d43fadf3bb09-MXP
expires: Wed, 16 Nov 2022 19:07:03 GMT

GET
H2 200 PASQJnfsAasAZiL-400x225-noPad.jpg
assets.change.org/photos/5/sq/jn/ 18 KB
19 KB 108ms
107ms Image
image/jpeg 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/5/sq/jn/PASQJnfsAasAZiL-400x225-noPad.jpg?1653054809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

593b96a225b29789011ddb9b431fb3f349b95ca4c9c358f8f675cc5585561ae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 193800
cf-polished: origSize=19826, status=webp_bigger
content-length: 18865
cf-bgj: imgq:100,h2pri
last-modified: Fri, 20 May 2022 13:53:30 GMT
server: cloudflare
etag: "e94ec63a7f47aaa1b000aac954e65af6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7678d43fadf4bb09-MXP
expires: Wed, 16 Nov 2022 19:07:03 GMT

GET
H2 200 fTBHfUvyeQgLKCM-400x225-noPad.jpg
assets.change.org/photos/6/bh/fu/ 23 KB
23 KB 111ms
110ms Image
image/jpeg 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/6/bh/fu/fTBHfUvyeQgLKCM-400x225-noPad.jpg?1655799771

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0126810c92e8962148fdffc6b95b6e4d66b19f52746ca4c32c39b79e24e229d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 551524
cf-polished: origSize=24280, status=webp_bigger
content-length: 23483
cf-bgj: imgq:100,h2pri
last-modified: Tue, 21 Jun 2022 08:22:52 GMT
server: cloudflare
etag: "55cb5ecbaf1b6a49a5265c73408d630d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7678d43fadf6bb09-MXP
expires: Wed, 16 Nov 2022 19:07:03 GMT

GET
H2 200 ZcUVjRvspwVCTvD-400x225-noPad.jpg
assets.change.org/photos/9/uv/jr/ 11 KB
11 KB 97ms
96ms Image
image/jpeg 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/9/uv/jr/ZcUVjRvspwVCTvD-400x225-noPad.jpg?1658999512

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9936444eb2c02aa9daafc59f8bb2030e3410917c1172d0512f6ffde9e473d3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 553731
cf-polished: origSize=11447, status=webp_bigger
content-length: 11211
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 Jul 2022 09:11:53 GMT
server: cloudflare
etag: "a87d2b52bb3ef40b17d773e096b048e5"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7678d43fadf7bb09-MXP
expires: Wed, 16 Nov 2022 19:07:03 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 2E08 49 B
95 B 112ms
111ms XHR
application/json 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.change.org&client_id=404493852178-k7v3co66ahlgd8fu6327oia1b24bk916.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.it._wdrCPqrjD0.es5.O/d=1/rs=AOaEmlEl7fJ9XVzOW_QQ2Own4skWjZXL2A/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Lexh-x2L5DSJZJkashxgSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:07:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-Lexh-x2L5DSJZJkashxgSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-encoding: gzip
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/json; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 09 Nov 2022 19:07:03 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
359 B 130ms
129ms XHR
text/plain 52.4.164.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2169dedff8277009839354e4b5ef86be/changeAssets-f9a2555e8b0a880a96d2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.164.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-164-137.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.change.org/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 09 Nov 2022 19:07:03 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.change.org
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: b07a7435-b790-4e90-bc29-04cc951ce66c

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/12/intl/it_ALL/ 245 KB
67 KB 202ms
84ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/12/intl/it_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBwot59Cgi_SoxwakkTkAvni7930r0eJs4&libraries=places&sensor=false&callback=__loadGooglePlaces

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37f7009750b5fe8f35306597b245dc8c325d8456a9223a3eda215e6c784741f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 11:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69072
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 19:29:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 11:04:18 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/12/intl/it_ALL/ 157 KB
58 KB 177ms
60ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/12/intl/it_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBwot59Cgi_SoxwakkTkAvni7930r0eJs4&libraries=places&sensor=false&callback=__loadGooglePlaces

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7576d812c80dd2d7ccfc7162670fa2a40c60361522cec548d52008ee8504e828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 16:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58992
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 19:29:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 16:18:32 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.change.org/	1969-12-31 23:59:59	Name: _change_session Value: fd82ecf80b6bd8b83717c9cd8f4dfb69
www.change.org/	1970-01-20 07:21:47	Name: _change_lang Value: %7B%22locale%22%3A%22it-IT%22%2C%22countryCode%22%3A%22IT%22%7D
.change.org/	1969-12-31 23:59:59	Name: invite Value: %7B%22recruiter_id%22%3A746005144%2C%22requested_at%22%3A%222022-11-09T19%3A06%3A56.595Z%22%7D
.change.org/	1969-12-31 23:59:59	Name: __cfruid Value: bcaec4e92f6768ff2d71b9fee573eb1bf001006a-1668020817
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ja1OWYGyNS4
.youtube.com/	1970-01-20 11:39:32	Name: VISITOR_INFO1_LIVE Value: p-DgVTPXXSg
www.change.org/	1970-01-20 07:20:20	Name: _pxff_cc Value: U2FtZVNpdGU9TGF4Ow==
.change.org/	1969-12-31 23:59:59	Name: pxcts Value: af54d36c-6061-11ed-a64c-486243504844
.change.org/	1970-01-20 16:05:56	Name: _pxvid Value: af53f98a-6061-11ed-a64c-486243504844
.change.org/	1970-01-20 11:39:32	Name: optimizelyEndUserId Value: oeu1668020819302r0.8004608621311673
.change.org/	1970-01-20 16:56:20	Name: optimizelyOptOut Value: true
.www.change.org/	1970-01-20 16:56:20	Name: G_ENABLED_IDPS Value: google
.change.org/	1970-01-20 07:20:21	Name: _px3 Value: fc956e4f5f513370d1f8b8a5c794e74bab5914c1b0eecceadb78a95fde837b66:52ciCokD7LEspfYMeQ2j/EcowiAx/u6TR9ShH1/toyZiS80y2AkB4JrwixWqOG7n6yhgv+N0RjfB+4KReAmG4g==:1000:CvfH8TQyQFi3v3bywMVKqDNE2LrvNva30cOnykEaJileubhL5kbBWDLqC4Mzjxj/Ya43dnH27GmtfKKtWoGyLZkMFtx606HyfWRI0zLx4U0c1/NuOgXxLn38dPLzSU3Ahs5Ko6Nyz9pDXkBf9VtgdxQL4w0M+4NiF3CYyW6MU/S2z08eg0XzUphpUBKd9er7MLXpsWhe89HZLTc3WdKELw==
.google.com/	1970-01-20 11:43:52	Name: NID Value: 511=quzC6EGAWQXw2uuVHztZJPMRH3kZ0PBuA2LIKipaTFFy8IG8vjx9coC3q9HvitRqohd1UzQr9dKC3lKzn-0RimRCIYvSxsMYPt93t69tNushoBxoxNyVOCF92_o6qy-RiT8JNRDaFE7PWFToZqxIbj2zhu1BUj72BKKW2Rx44vY

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30330862?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37(Line 109) Message: Allow attribute will take precedence over 'allowfullscreen'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' blob: 'unsafe-inline' 'unsafe-eval' d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net .change.org change-production.s3.amazonaws.com change-public-stuff.s3.amazonaws.com .google.ca .googleadservices.com .youtube.com .doubleclick.net .google.com .googleapis.com .googletagmanager.com .google-analytics.com .gstatic.com .recaptcha.net .ytimg.com .facebook.com .facebook.net .fbcdn.net fbrpc:// fb-messenger://* .twitter.com .twimg.com .ads-twitter.com vk.com .vk.com ajax.cdnjs.com cdnjs.cloudflare.com service.force.com .salesforceliveagent.com .braintreegateway.com .paypalobjects.com .paypal.com .stripe.com .dlocal.com .optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com px-cdn.net .px-cdn.net .px-client.net .px-cloud.net pxchk.net .pxchk.net .hotjar.com:* .hotjar.io wss://.hotjar.com p2a.co .profitwell.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net .messagebird.com .pushnotifications.pusher.com js.pusher.com secure.everyaction.com d3rse9xjbp8270.cloudfront.net .ngpvan.com js2.verygoodvault.com code.jquery.com cdn.embedly.com player.vimeo.com bat.bing.com soundcloud.com .soundcloud.com www.instagram.com www.flickr.com .staticflickr.com .voteamerica.com .jotform.com actionnetwork.org .airbrake.io browser-update.org .tiktok.com .bannerbear.com us-central1-niftic-agency.cloudfunctions.net/openai/generate-draft d2yyd1h5u9mauk.cloudfront.net web.delighted.com cdn.iframe.ly change.my.salesforce.com help.change.org; font-src 'self' data: .change.org d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net fonts.gstatic.com .hotjar.com .hotjar.io d3rse9xjbp8270.cloudfront.net; img-src * blob: data:; form-action 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a11391265293.cdn.optimizely.com
accounts.google.com
apis.google.com
assets-fe.change.org
assets.change.org
browser-update.org
cdn.embedly.com
cdn.optimizely.com
chng.it
client.px-cloud.net
collector-pxnslc0hv5.px-cloud.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
logx.optimizely.com
maps.googleapis.com
notifier-configs.airbrake.io
s3.amazonaws.com
static.change.org
static.doubleclick.net
www.change.org
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.16.90.50
104.17.88.51
104.17.89.51
13.32.27.69
23.206.209.10
2600:9000:206f:ca00:3:9a1f:ef40:93a1
2606:4700:20::681a:6b4
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2006
2a00:1450:4001:812::200a
2a00:1450:4001:827::200a
2a00:1450:4001:828::200d
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2016
2a02:26f0:3500:11::215:14d0
2a02:26f0:3500:883::13b8
35.190.10.96
52.216.62.72
52.4.164.137
03382a5c6713af99401c4afec84e82a17606f3f4f87da015ec83764ce6189a60
0617bfff3a3e726c0276e93677d95c3bce7681d8d1955f8037906164537bda30
0d605ea363d4862fafface9359fb56761a6c231ea23ea232a58ad3963f2beb4d
1109f06575461e12506210604c6bc3327909e9d62c43ba26bfbbfc134aa72993
11bf79a73bff578b6e80a198b49fcf948507e426482343ad105d2ffe90535e49
153d099a8c748c551f0147a716d2d23983705fdde57c4cec060fec789a99f132
1ab294cb0ebb5837eda1c009fc76ac683e5fec73979be76bd7334d3a61ff9b0b
2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d
2f22aaf2e8367b02152b442ef28df7084601e0ded40c7d8f7b6f24be66b326fb
37f7009750b5fe8f35306597b245dc8c325d8456a9223a3eda215e6c784741f3
3cdc5485014bab016a4414668eca7f7dee41526cfbb69b05172c766d5de6fb04
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
412faf9fc1b2f92f3924326775fe15e2aca4dcfe238c1f953967d6cf6064dd3c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4d70b96057696fbcb05a054c0bf7aea4819d945eeac1e5aae5ff8500fbb9890a
542f53a05891b0f2a33afd48fc534a97e5d34686e567e58f411c0c1ea157e787
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
593b96a225b29789011ddb9b431fb3f349b95ca4c9c358f8f675cc5585561ae1
59b222fabd5f7d50a0ef8c3b2b74990f55c005f978e72f771f6da63b3f7ec7d3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064
6a8dadc2af4c34891a31169d6a0b5f8c403cd77e9ab457a44ea3b3227f176587
6c64fcbaf5909fcab9ad263ef654d029a486aac70414f6504a0c7d3f04a93fcb
7576d812c80dd2d7ccfc7162670fa2a40c60361522cec548d52008ee8504e828
77b43ef84f21de14d7a5f5690dda201c128746a3bc9aca9c11396a23d3fd2d90
77ca2606aab7acb1d1e446795d1cdb3bf131286b3cab2d7b6a1b3646f208d735
78a9f1e0feea988604f1a5c7b98941351c12b125cfe9d5cd5e6ef2510939cf2a
80cb07f384d0ba20c455faf5042b46e7171d37bddbe1d5411e99c6a8d1e76a1b
84c5d8fd28e2b0539d2d1f35c0bb6beebeeec5d66bb0328af998b16945851031
8546bc51ac82844c88d350d11a888a2cc758796e39bfa55d5703c63df358a3b9
874e87fa935e7bccb5fa562bb4796cb9016ffda5fe036c748cd6458de421bf67
87550fd4559de53630e08db20c3d2ba7c80ca77a0414fdf3686cc68c29fece4b
9647ba2bcf1f60767c74a12f152b36ebe47da78b0c8fb9d7e4f6fa9aba7fd9cf
9936444eb2c02aa9daafc59f8bb2030e3410917c1172d0512f6ffde9e473d3cd
9f59517834ebdc3bf76a9544e6ae7d0c0a5f4963d5d6dfa2dbd1fb39f175a157
a0126810c92e8962148fdffc6b95b6e4d66b19f52746ca4c32c39b79e24e229d
a6582b06c4bbc7077ecd0ad0be561b14819a5022099e1917b4445165c26a7b9d
af788498d8b2bfa626b3a8af1d0a9d17e457ab7f6877e696eb6e0358ae566b16
b21453ab94e44456b8d2eb7659ed0302193c837ed34472fac500843a6a9cd32f
b8119082a573abb29544b5e116200e88ccaadf0a0df08c6e047dd44355449fde
bfb4f5b998d87defe365a82d3f0b131eafa73e79ee253a4601f688408e4c7b1f
c04fff8a5b228a2bc9ef97de8c9083753c63fee2458bdd2977d51caa30892a0e
c0bf9f54a9d46d53a2e8506a9d305edd01518a4cf855b45d5ce710dc5dd9f927
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd9e04afdafe426ce893f20a2bf4d80d88c8230487e74acea10e2a1deff69859
d206856bd14f16f164b3ed38c7a447afc07e5686bf9595c143df085b92539527
d37894dc8d4a63ea711af0e84796b8913ba154d74f4d7fa52e14008a70627c65
d3ce3bf0df34fe1d406391eb20c9ac4f23bb854291ddf734518843450df52664
d44f17274699b16cb9886433221d59082f8f89f628ad153cfb6f3693ea0ef5a8
d57b3c19380541f2d7fd3eb500da925eeff601029c8ef4f7f4cc773926077e17
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c614b2e8b9f10a89194f528958b3f437a6181e41f9800a1d63aa340c9e05ed
ead7843320183348f39fc18a9f9fd7ef275bab6e195e60ffcac93a7f3e737004
ecf742d08c301a23f844020794dd9afe802872e2a884e1b20c581e8e475a91d2
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef4cc3793edccc83cfb263af4739caa64fb570a6c9dcb6f5cf822c11caf21fc7
f174fccbcf5d396d82a4742899309a6e5ed1650247827dfec50ab78013613d98
f859b0a221c4204ed90bf0912c46e300bc8291f8a376706b70d1b024ac5b0bdf
fb77eda11e28f20f04003e966b8e7dbfb7a0ed13914cf7b25268f0c94a98b69f

www.change.org Open in urlscan Pro 104.17.89.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

99 %HTTPS

67 %IPv6

15 Domains

26 Subdomains

24 IPs

3 Countries

5634 kBTransfer

20505 kBSize

14 Cookies

12 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.change.org Open in urlscan Pro
104.17.89.51 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

99 %
HTTPS

67 %
IPv6

15
Domains

26
Subdomains

24
IPs

3
Countries

5634 kB
Transfer

20505 kB
Size

14
Cookies

74 HTTP transactions
2 data transactions