letzchange.org Open in urlscan Pro
163.47.8.191 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Submission: On July 04 via manual (July 4th 2019, 12:14:40 pm UTC) from IN

Summary HTTP 36 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 36 HTTP transactions. The main IP is 163.47.8.191, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is letzchange.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 27th 2019. Valid for: 3 months.

This is the only time letzchange.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	163.47.8.191 163.47.8.191	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1 3	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
10	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	52.219.40.179 52.219.40.179	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:808::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
36	11

13 163.47.8.191 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

letzchange.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
platform-lookaside.fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.40.179 (Singapore, Singapore)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com

letzchangefiles.s3.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	letzchange.org letzchange.org	1 MB
5	facebook.com 1 redirects www.facebook.com staticxx.facebook.com	1 KB
5	facebook.net connect.facebook.net	139 KB
4	google.com 1 redirects www.google.com apis.google.com accounts.google.com	54 KB
3	fbsbx.com platform-lookaside.fbsbx.com	12 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	amazonaws.com letzchangefiles.s3.ap-southeast-1.amazonaws.com	120 KB
1	gravatar.com secure.gravatar.com	2 KB
1	youtube.com www.youtube.com Failed
1	google.de www.google.de	374 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	348 B
36	11

	Domain	Requested by
13	letzchange.org	letzchange.org
5	connect.facebook.net	letzchange.org connect.facebook.net
3	platform-lookaside.fbsbx.com	letzchange.org
3	www.facebook.com	1 redirects letzchange.org connect.facebook.net
3	www.google-analytics.com	1 redirects letzchange.org
2	staticxx.facebook.com	connect.facebook.net
2	letzchangefiles.s3.ap-southeast-1.amazonaws.com	letzchange.org
2	apis.google.com	letzchange.org apis.google.com
1	secure.gravatar.com	letzchange.org
1	accounts.google.com	apis.google.com
1	www.youtube.com	letzchange.org
1	www.google.de	letzchange.org
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
36	14

This site contains links to these domains. Also see Links.

Domain
www.mightycause.com
web.whatsapp.com
blog.letzchange.org
www.giveindia.org
in.godaddy.com
www.ccavenue.com
stripe.com

Subject Issuer	Validity	Valid
*.letzchange.org Let's Encrypt Authority X3	`2019-05-27` - `2019-08-25`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.apis.google.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.s3-ap-southeast-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-11-08` - `2019-11-06`	a year	crt.sh
accounts.google.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.gravatar.com COMODO RSA Domain Validation Secure Server CA	`2018-09-06` - `2020-09-05`	2 years	crt.sh

This page contains 7 frames:

Primary Page: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Frame ID: 9FF57B7ED28CED78C4DE9E92C1B81633
Requests: 36 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Px_7LCr7m_w
Frame ID: 0C070728890583042F6A44FFF766EB06
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 4911FF2EE52E3180C5AD183B817C54A4
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 42D598171CFF07889AB6634BD3DE19A7
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Px_7LCr7m_w
Frame ID: 925E29561F6270C98CE7237A24667F8A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EB0F0EB9D37F1C18D96A3DF93A30F388
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 05E145A3D4702520D4B62C732C1E8199
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Page Statistics

36
Requests

97 %
HTTPS

83 %
IPv6

11
Domains

14
Subdomains

11
IPs

4
Countries

1559 kB
Transfer

5317 kB
Size

11
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mightycause.com/story/Chasingmemories
Title: https://www.mightycause.com/story/Chasingmemories

Search URL Search Domain Scan URL

URL: http://web.whatsapp.com/send?text=Hi%2C%0A%0AI%20have%20pledged%20to%20spread%20happiness%20by%20campaigning%20for%20The%201947%20Partition%20Archive%2C%20an%20NGO%20I%20strongly%20support.%20Experience%20the%20invaluable%20joy%20of%20giving%20and%20take%20me%20closer%20to%20my%20mission%20by%20contributing%20here%3A%0A%0Ahttps%3A%2F%2Fletzchange.org%2Fcampaigns%2Fchasing-memories-documenting-the-1947-partition%0A

Search URL Search Domain Scan URL

URL: https://blog.letzchange.org/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.giveindia.org/

Search URL Search Domain Scan URL

URL: https://in.godaddy.com/

Search URL Search Domain Scan URL

URL: https://www.ccavenue.com/verifySeal.jsp?ClientID=M_van27568_27568

Search URL Search Domain Scan URL

URL: https://stripe.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=909096821&t=pageview&_s=1&dl=https%3A%2F%2Fletzchange.org%2Fcampaigns%2Fchasing-memories-documenting-the-1947-partition&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABB~&jid=585605161&gjid=1626654184&cid=49458062.1562242463&tid=UA-80316555-1&_gid=240347239.1562242463&_r=1&z=732780035 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80316555-1&cid=49458062.1562242463&jid=585605161&_gid=240347239.1562242463&gjid=1626654184&_v=j77&z=732780035 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80316555-1&cid=49458062.1562242463&jid=585605161&_v=j77&z=732780035 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80316555-1&cid=49458062.1562242463&jid=585605161&_v=j77&z=732780035&slf_rd=1&random=2558182541

Request Chain 40

https://www.facebook.com/connect/ping?client_id=233891953408521&domain=letzchange.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df156ff007b914fc%26domain%3Dletzchange.org%26origin%3Dhttps%253A%252F%252Fletzchange.org%252Ff3db1f29ee8fd14%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

36 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request chasing-memories-documenting-the-1947-partition Show response
letzchange.org/campaigns/ 4 KB
2 KB 663ms
184ms Document
text/html 163.47.8.191
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.47.8.191 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2853497d813539e799a39894af60e059dfccd17f18f15dcf815e383f32614d19

Request headers

:method: GET
:authority: letzchange.org
:scheme: https
:path: /campaigns/chasing-memories-documenting-the-1947-partition
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Thu, 04 Jul 2019 12:14:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
etag: W/"1174-JQ8/jvWH0AC7c4TSJldTsPTqWd4"
x-cache-status: MISS
content-encoding: gzip

GET
H2 200 main-9f0671c6d2999b27a140.css
letzchange.org/dist/ 259 KB
98 KB 368ms
368ms Stylesheet
text/css 163.47.8.191
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.css
Requested by: Host: letzchange.org
URL: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.47.8.191 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e17a9a7fd627cd6e880a95500fab53f8481a6f25d0ddb0abe785539d339e97a

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 04 Jul 2019 12:14:21 GMT
content-encoding: gzip
last-modified: Fri, 28 Jun 2019 02:53:17 GMT
server: nginx
etag: W/"5d15811d-40c5e"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main-9f0671c6d2999b27a140.js Show response
letzchange.org/dist/ 4 MB
846 KB 369ms
369ms Script
application/javascript 163.47.8.191
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js
Requested by: Host: letzchange.org
URL: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.47.8.191 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: c4812f9980ece4ce9c5c754abe8bfec7e6e9c848ca7b5d45417f41def55a987d

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 04 Jul 2019 12:14:21 GMT
content-encoding: gzip
last-modified: Fri, 28 Jun 2019 02:53:17 GMT
server: nginx
etag: W/"5d15811d-3cda51"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
18 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 21:35:04 GMT
server: Golfe2
age: 6404
date: Thu, 04 Jul 2019 10:27:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17707
expires: Thu, 04 Jul 2019 12:27:38 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
17 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16120
x-xss-protection: 0
pragma: public
x-fb-debug: NYmVmrCf+f/xyzualPwhzur3+FbgetmRDdNVEQLDiZ2Vh0c4C1J0vjBj2ZCOmwYdbzFsD9Vat/pp+Dcw3vtL7w==
x-fb-trip-id: 997090344
date: Thu, 04 Jul 2019 12:14:22 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chasing-memories-documenting-the-1947-partition Show response
letzchange.org/api/campaigns/ 11 KB
5 KB 192ms
191ms Fetch
application/json 163.47.8.191
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://letzchange.org/api/campaigns/chasing-memories-documenting-the-1947-partition

Requested by

Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.47.8.191 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

nginx / Express

Resource Hash

f5a9f3ea448a3b7bde8cde7c5a1e81ad7ab86b3a5f70f567e3ed5599f055115d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Jul 2019 12:14:22 GMT
content-encoding: gzip
referrer-policy: strict-origin, strict-origin-when-cross-origin
server: nginx
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json; charset=utf-8
status: 200
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
etag: W/"2bfc-O/zxIh6mI/nRl0kQz65z7nhuFXM"

GET
H2 200 538330020016006 Show response
connect.facebook.net/signals/config/ 228 KB
61 KB 74ms
74ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/538330020016006?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

ffa30d1cae6c9d115c7bb75f63ae595a470037a280c9ab2d9941bcbdc8306e8d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: YRBeacKe/cK3vhWRuUYGDfCx2VqusRi+u3AqKmdQNKbwuCLIl15iFPfDkeAedcXuCcsHbflouGjgidHFI6Cjzw==
x-fb-trip-id: 997090344
date: Thu, 04 Jul 2019 12:14:22 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=909096821&t=pageview&_s=1&dl=https%3A%2F%2Fletzchange.org%2Fcampaigns%2Fchasing-memories-documenting-the-1947-partition&ul=en-us&de=UTF-8&sd=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80316555-1&cid=49458062.1562242463&jid=585605161&_gid=240347239.1562242463&gjid=1626654184&_v=j77&z=732780035
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80316555-1&cid=49458062.1562242463&jid=585605161&_v=j77&z=732780035
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80316555-1&cid=49458062.1562242463&jid=585605161&_v=j77&z=732780035&slf_rd=1&random=2558182541

42 B
374 B

54ms
33ms

Image
image/gif

2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80316555-1&cid=49458062.1562242463&jid=585605161&_v=j77&z=732780035&slf_rd=1&random=2558182541

Requested by

Host: letzchange.org
URL: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jul 2019 12:14:22 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Jul 2019 12:14:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80316555-1&cid=49458062.1562242463&jid=585605161&_v=j77&z=732780035&slf_rd=1&random=2558182541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
197 B 6ms
6ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j77&a=909096821&t=pageview&_s=2&dl=https%3A%2F%2Fletzchange.org%2Fcampaigns%2Fchasing-memories-documenting-the-1947-partition&dp=%2Fcampaigns%2Fchasing-memories-documenting-the-1947-partition&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABB~&jid=&gjid=&cid=49458062.1562242463&tid=UA-80316555-1&_gid=240347239.1562242463&z=396717978

Requested by

Host: letzchange.org
URL: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jun 2019 04:44:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1755005
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
897 B 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: 82mOjPMVkCyfQpd9fy/ZQLRM6yBi5GcsVXtzNsOOsAaMpcnLR8aMACtuQifr+tmlLUEJ1tN+r0ZCmUNfEPaQZA==
x-fb-trip-id: 997090344
date: Thu, 04 Jul 2019 12:14:22 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
323 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=538330020016006&ev=PageView&dl=https%3A%2F%2Fletzchange.org%2Fcampaigns%2Fchasing-memories-documenting-the-1947-partition&rl=&if=false&ts=1562242462715&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1562242462714.1530089801&it=1562242462613&coo=false&rqm=GET

Requested by

Host: letzchange.org
URL: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 04 Jul 2019 12:14:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Thu, 04 Jul 2019 12:14:22 GMT

POST
H2 200 getCount Show response
letzchange.org/api/links/surl/ 25 B
578 B 184ms
184ms Fetch
application/json 163.47.8.191
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://letzchange.org/api/links/surl/getCount

Requested by

Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.47.8.191 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

nginx / Express

Resource Hash

de33c2473dfa4f9549dd1e9e06769fbd4eaf80a08cb7cda03b7a830cad52f414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Origin: https://letzchange.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Jul 2019 12:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Express
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin, strict-origin-when-cross-origin
server: nginx
etag: W/"19-aOl0HDXwLOG3EpLVfee/jIH5OC8"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://letzchange.org
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since

GET Px_7LCr7m_w
www.youtube.com/embed/ Frame 0C07 0
0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

c48b3f5f25bc50b50ca3d2e7c55cf734bb66c53ecf71d9f18ec07b9feeaeec52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: EAR6WeP2Tw7JYgWwPdAN9Q==
status: 200
date: Thu, 04 Jul 2019 12:14:22 GMT
vary: Accept-Encoding
content-length: 1779
x-fb-debug: mXz/kRRrnxF8OPTK/GfJQ9CzPEhswB/sBFtusXnUWQBbzIDKpgx9Kr/F8NG23RxZwwnsKvLTQ8XtxPuVwKhDvg==
x-fb-trip-id: 997090344
x-fb-content-md5: 62654f59651821cbbf1a4867705ad7f4
etag: "c8b2ec97a56db8a738f5c0d9e44646ee"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2019 12:32:40 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 43 KB
17 KB 52ms
32ms Script
application/javascript 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

ea081ce06acd3f71688ca38d50d8331dfca27aabdb04b19e4b86b3d5b4b2a170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 04 Jul 2019 12:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-JyqWQp48d5yG/vIqoew2tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "faa63f88b48f1398da8f7c5318ce8c06"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Thu, 04 Jul 2019 12:14:22 GMT

GET
H2 200 / Show response
letzchange.org/api/config/ 78 KB
34 KB 189ms
189ms Fetch
application/json 163.47.8.191
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://letzchange.org/api/config/

Requested by

Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.47.8.191 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

6e01193f702ffac7f25012ce007079d69654042070ae048d7839bcddc7a0ec5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Jul 2019 12:14:22 GMT
content-encoding: gzip
referrer-policy: strict-origin, strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json; charset=utf-8
status: 200
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H2 200 19bb6b8676a6dfdfa0926a8254e03a22.woff2
letzchange.org/dist/ 8 KB
8 KB 183ms
182ms Font
font/woff2 163.47.8.191
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://letzchange.org/dist/19bb6b8676a6dfdfa0926a8254e03a22.woff2
Requested by: Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.47.8.191 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 97be84bde2ccde9ee7d8586d3f1109660562768fd3b480f2a27cb267c6bc29bb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://letzchange.org/dist/main-9f0671c6d2999b27a140.css
Origin: https://letzchange.org

Response headers

date: Thu, 04 Jul 2019 12:14:22 GMT
last-modified: Fri, 28 Jun 2019 02:53:17 GMT
server: nginx
etag: "5d15811d-1ee4"
content-type: font/woff2
status: 200
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 7908
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2cea78dec25546565864c9334867f6a3.woff
letzchange.org/dist/ 61 KB
61 KB 183ms
182ms Font
font/woff 163.47.8.191
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://letzchange.org/dist/2cea78dec25546565864c9334867f6a3.woff
Requested by: Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.47.8.191 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: ed0f1728cd5d7df2775a86675c45ae40e9269e424cb96e8762cf080c4663ad41

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://letzchange.org/dist/main-9f0671c6d2999b27a140.css
Origin: https://letzchange.org

Response headers

date: Thu, 04 Jul 2019 12:14:22 GMT
last-modified: Fri, 28 Jun 2019 02:53:17 GMT
server: nginx
etag: "5d15811d-f40c"
content-type: font/woff
status: 200
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 62476
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d74d9422ba97258d735d1bfab4f73903.woff
letzchange.org/dist/ 61 KB
61 KB 183ms
182ms Font
font/woff 163.47.8.191
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://letzchange.org/dist/d74d9422ba97258d735d1bfab4f73903.woff
Requested by: Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.47.8.191 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1cd3fe6171077c1d21c2b2e60a32cb2a73dddcb18e26017a14cb198bad7956c6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://letzchange.org/dist/main-9f0671c6d2999b27a140.css
Origin: https://letzchange.org

Response headers

date: Thu, 04 Jul 2019 12:14:22 GMT
last-modified: Fri, 28 Jun 2019 02:53:17 GMT
server: nginx
etag: "5d15811d-f244"
content-type: font/woff
status: 200
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 62020
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9c853f8ceeffd40ed9aab0ddc9090fd7.woff
letzchange.org/dist/ 66 KB
66 KB 184ms
184ms Font
font/woff 163.47.8.191
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://letzchange.org/dist/9c853f8ceeffd40ed9aab0ddc9090fd7.woff
Requested by: Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.47.8.191 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c4d733ccd5ef43de8e7a6ed2dec883b47a2bbba5334b98f47ebb69bd439e9c8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://letzchange.org/dist/main-9f0671c6d2999b27a140.css
Origin: https://letzchange.org

Response headers

date: Thu, 04 Jul 2019 12:14:22 GMT
last-modified: Fri, 28 Jun 2019 02:53:17 GMT
server: nginx
etag: "5d15811d-107cc"
content-type: font/woff
status: 200
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67532
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d60e9d327e89a7dda93fa5c1d858229c.png
letzchange.org/dist/ 25 KB
26 KB 182ms
181ms Image
image/png 163.47.8.191
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://letzchange.org/dist/d60e9d327e89a7dda93fa5c1d858229c.png
Requested by: Host: letzchange.org
URL: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.47.8.191 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f78377cbc263e6e14bf68002af8eb05b870109bb0559c37608fecbc01f3ea6f

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 04 Jul 2019 12:14:22 GMT
last-modified: Fri, 28 Jun 2019 02:53:17 GMT
server: nginx
etag: "5d15811d-657c"
content-type: image/png
status: 200
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 25980
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 6a55781d-5234-4fd8-aadf-20fd0ac78bd2
letzchangefiles.s3.ap-southeast-1.amazonaws.com/ 20 KB
20 KB 1090ms
313ms Image
image/jpeg 52.219.40.179
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://letzchangefiles.s3.ap-southeast-1.amazonaws.com/6a55781d-5234-4fd8-aadf-20fd0ac78bd2
Requested by: Host: letzchange.org
URL: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.40.179 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d3b11e4d87f9fb6421fad9f1dbdfc49f19a33c58e9391390b00f45b5fcdea366

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-alias: 6a55781d-5234-4fd8-aadf-20fd0ac78bd2
x-amz-meta-name: C:\fakepath\Chasing Memories Main 3
Last-Modified: Sat, 01 Jun 2019 16:37:11 GMT
Server: AmazonS3
x-amz-request-id: B9325E384EBF7668
ETag: "1598f1c4d5677902c475ff64ba47a033"
x-amz-meta-type: image/jpeg
x-amz-version-id: Cyx3TXK8.m69d5jOsl0gKz4VnC0o696t
Date: Thu, 04 Jul 2019 12:14:24 GMT
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 20262
x-amz-id-2: YlNRdDf4byCpK7d0oHiPRJ8XvGTvQO/yrXOo2iq4bldNnKBqjpSuLvWbgXmISmuXo/QToW1Eeyc=

GET
H/1.1 200
OK 992af908-ce7a-410b-885d-121f3c4d7676.jpg
letzchangefiles.s3.ap-southeast-1.amazonaws.com/ 99 KB
99 KB 1142ms
321ms Image
image/jpeg 52.219.40.179
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://letzchangefiles.s3.ap-southeast-1.amazonaws.com/992af908-ce7a-410b-885d-121f3c4d7676.jpg
Requested by: Host: letzchange.org
URL: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.40.179 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5623f83d36add864c71f29903e6ca2f148d605e733de748d686e4ceaa7dab713

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-alias: 992af908-ce7a-410b-885d-121f3c4d7676.jpg
x-amz-meta-name: 1652-8267.jpg
Last-Modified: Wed, 29 May 2019 16:55:45 GMT
Server: AmazonS3
x-amz-request-id: 034921496F0A585A
ETag: "4aca5f254c5eb403563fa56f3011daa5"
x-amz-meta-type: image/jpeg
x-amz-version-id: 1HUnt3dJQqcNnCpT0gQY3pN99Zu3HY.L
Date: Thu, 04 Jul 2019 12:14:24 GMT
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 101170
x-amz-id-2: 2Q1wEf298YG7tfKDNcZDw/D/gP6yASN9X0+yb5t/p/3HqcXlzGkBTHgiYGyt3dhBdZQhThTvmFY=

GET
H2 404 /
platform-lookaside.fbsbx.com/platform/profilepic/ 0
0 24ms
23ms Image
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10156800563941693&height=200&width=200&ext=1561997962&hash=AeQQRzPPQgFZCifG
Requested by: Host: letzchange.org
URL: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28b8afea116e2fb000f51a58c3d7177cb4b51f1ab2d5b5d63778a1a71574671c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44b2386295bd1c753d4b2d514f2353692d3d2363efd8a935e529cff7933e1e78

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b15af30cb20bd1db558a2c557c679d4936e67e1ce04df301a2e4ecc29b51f5e9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 458464aba7770df9bf16a225234a2e98f66b4fc49059e181119d9801a3ece3ab

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f831b98faf6f22252c0e1a588ffbd96cd049eb0cee138b6b574e61414a64b82f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b17777a0936a2a038eb381875c4df291d030a4a25d14417185df573396734dce

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 chasing-memories-documenting-the-1947-partition Show response
letzchange.org/api/campaigns/ 11 KB
5 KB 187ms
187ms Fetch
application/json 163.47.8.191
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://letzchange.org/api/campaigns/chasing-memories-documenting-the-1947-partition

Requested by

Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

163.47.8.191 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

nginx / Express

Resource Hash

f5a9f3ea448a3b7bde8cde7c5a1e81ad7ab86b3a5f70f567e3ed5599f055115d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Jul 2019 12:14:22 GMT
content-encoding: gzip
referrer-policy: strict-origin, strict-origin-when-cross-origin
server: nginx
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json; charset=utf-8
status: 200
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
etag: W/"2bfc-O/zxIh6mI/nRl0kQz65z7nhuFXM"

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 198 KB
59 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8fa23fd5fc4d09c9cda5ab662189c07d&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b4da99b65a6e3399ee6354d6f4e3ce13dcf09dfdc6a79d2f654ba5d0084a95ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Origin: https://letzchange.org

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: qgc5Qizg1smqniKn5hqA6A==
status: 200
date: Thu, 04 Jul 2019 12:14:22 GMT
vary: Accept-Encoding
content-length: 60096
x-fb-debug: dge68Uzxv+Z4fcvWW+FTHND0Jn4Q387/AZ5GPD/CsgDycSvlmUzBdXrSfI/t8JVR6mvdFGaY/SPFj0CKw4yDrQ==
x-fb-trip-id: 997090344
x-fb-content-md5: caa0661954bf34b73adb8191932b7614
etag: "e2d59a70efc8f605e642c416d2242558"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Fri, 03 Jul 2020 11:38:35 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.D4Eh4BHvUNU.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCPbw18SS5tux6PhVuTz5NV7ZASbtA/ 106 KB
36 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.D4Eh4BHvUNU.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCPbw18SS5tux6PhVuTz5NV7ZASbtA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f12ff55e63fc09abfd3ef4ec1ded12cbd069f0cb94ee3bb365fd043f74893c75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 20:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Jul 2019 10:32:48 GMT
server: sffe
age: 230028
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 36874
x-xss-protection: 0
expires: Tue, 30 Jun 2020 20:20:34 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 4911 0
0 7ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8fa23fd5fc4d09c9cda5ab662189c07d&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
accept-encoding: gzip, deflate, br
cookie: fr=0lfNBKjB29j90MoDQ..BdHe2e...1.0.BdHe2e.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Wed, 01 Jul 2020 18:07:59 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: uXtaUMYs2Hs+Es2fSZIZ3cRNwiioX9wmSQfHEsLsGDHPpZasNDfqn07Ia/ZW1jopO8W7/LPIGP5oGiBAh2iT0w==
content-length: 11187
x-fb-trip-id: 997090344
date: Thu, 04 Jul 2019 12:14:22 GMT

GET
H2 200 iframe
accounts.google.com/o/oauth2/ Frame 42D5 0
0 63ms
43ms Document
text/html 2a00:1450:4001:808::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.D4Eh4BHvUNU.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCPbw18SS5tux6PhVuTz5NV7ZASbtA/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+ay+Tm2tkjUjyJw9veE74w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
accept-encoding: gzip, deflate, br
cookie: NID=187=eppSEhJvpz7WmRALdFvVexutvRbFzfYZ8FyMfWpZpRg87l3pa4r3jnvqjQskQeKfeRTBnnCjJUm2PMJeK5Z0gjoHDxWkJM4v30AbSQuUhAdL3jD6OBOs59RWHHtE_c5sMOI7gwp8qDhKUKZyrRq11C5UJO-LYD6UjUkyA-Kq5HY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 04 Jul 2019 12:14:22 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-+ay+Tm2tkjUjyJw9veE74w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 Px_7LCr7m_w
www.youtube.com/embed/ Frame 925E 0
0 151ms
151ms Document
text/html 2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Px_7LCr7m_w

Requested by

Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	connect-src https:; default-src 'self' 'unsafe-inline' 'unsafe-eval' https:; img-src https: data:; media-src https: blob:; report-uri https://www.youtube.com/csp_204?t=ehttps&vcs=1a0ddc3c96d3f9df1b706c83687633d8&plabel=youtube.ytfe.desktop_20190701_7_RC1&pcl=256172872
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Px_7LCr7m_w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition

Response headers

status: 200
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
strict-transport-security: max-age=31536000
cache-control: no-cache
content-encoding: br
expires: Tue, 27 Apr 1971 19:44:06 EST
content-type: text/html; charset=utf-8
content-security-policy: connect-src https:; default-src 'self' 'unsafe-inline' 'unsafe-eval' https:; img-src https: data:; media-src https: blob:; report-uri https://www.youtube.com/csp_204?t=ehttps&vcs=1a0ddc3c96d3f9df1b706c83687633d8&plabel=youtube.ytfe.desktop_20190701_7_RC1&pcl=256172872
x-content-type-options: nosniff
date: Thu, 04 Jul 2019 12:14:23 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=B8HMOQvxqy8; path=/; domain=.youtube.com; expires=Tue, 31-Dec-2019 12:14:22 GMT; httponly VISITOR_INFO1_LIVE=B8HMOQvxqy8; path=/; domain=.youtube.com; expires=Tue, 31-Dec-2019 12:14:22 GMT; httponly YSC=AcAqyOHX8zM; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 04-Mar-2020 00:07:23 GMT GPS=1; path=/; domain=.youtube.com; expires=Thu, 04-Jul-2019 12:44:23 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 404 /
platform-lookaside.fbsbx.com/platform/profilepic/ 0
0 22ms
22ms Image
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10156800563941693&height=200&width=200&ext=1561997962&hash=AeQQRzPPQgFZCifG
Requested by: Host: letzchange.org
URL: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 / Show response
letzchange.org/api/donations/ 17 KB
1 KB 229ms
229ms Fetch
application/json 163.47.8.191
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://letzchange.org/api/donations/?filter_by_campaign=5cf2a58b4197a46ae829d501
Requested by: Host: letzchange.org
URL: https://letzchange.org/dist/main-9f0671c6d2999b27a140.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.47.8.191 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 92e664688f2904690829d81794a1d8e3264966d376d79ce3fbea15e8b5a0b68c

Request headers

Accept: application/json
Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Jul 2019 12:14:23 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
status: 200
access-control-allow-credentials: true
x-fastcgi-cache: MISS

GET
H2 200 /
secure.gravatar.com/avatar/ 1 KB
2 KB 39ms
12ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/?d=mm&f=y
Requested by: Host: letzchange.org
URL: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 2cdc7482af3176d3c41e97a312dcf7e679a5b3b49b32c5ad4642c5b30e1b6017

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Thu, 04 Jul 2019 12:14:23 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
access-control-allow-origin: *
source-age: 430056
content-type: image/jpeg
status: 200
cache-control: max-age=300
content-disposition: inline; filename="none.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/?d=mm&f=y>; rel="canonical"
content-length: 1323
expires: Thu, 04 Jul 2019 12:19:23 GMT

GET
H2 200 /
platform-lookaside.fbsbx.com/platform/profilepic/ 12 KB
12 KB 162ms
162ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=10213932916707408&height=200&width=200&ext=1563942084&hash=AeTcFDnBfFPdMb4f
Requested by: Host: letzchange.org
URL: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 10e9c89db8872c93b55bc7ff3d319193f24da8ba5a98b8ea043e25d1f2a55090

Request headers

Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 3304295809
date: Thu, 04 Jul 2019 12:14:23 GMT
last-modified: Fri, 26 May 2017 18:58:57 GMT
access-control-allow-origin: *
x-enc-origin-req-handler: AcIgKnWvj58RlSQO7KmqAH7MNsTxX32sTxc7NJDCuGKufjL13O3yttcaPrCGWeGc2RyLqd-J
content-type: image/jpeg
status: 200
content-disposition: attachment
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1281071424
x-fb-config-version-olb-prod: 518
content-length: 12152

POST
H2 200 /
www.facebook.com/tr/ Frame EB0F 0
0 6ms
5ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2002
pragma: no-cache
cache-control: no-cache
origin: https://letzchange.org
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
accept-encoding: gzip, deflate, br
cookie: fr=0lfNBKjB29j90MoDQ..BdHe2e...1.0.BdHe2e.
Origin: https://letzchange.org
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://letzchange.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
date: Thu, 04 Jul 2019 12:14:23 GMT

GET
H2

200

xd_arbiter.php
staticxx.facebook.com/connect/ Frame 05E1
Redirect Chain

https://www.facebook.com/connect/ping?client_id=233891953408521&domain=letzchange.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df156...
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

0
0

6ms
6ms

Document
text/html

2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8fa23fd5fc4d09c9cda5ab662189c07d&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition
accept-encoding: gzip, deflate, br
cookie: fr=0lfNBKjB29j90MoDQ..BdHe2e...1.0.BdHe2e.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://letzchange.org/campaigns/chasing-memories-documenting-the-1947-partition

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Wed, 01 Jul 2020 18:07:59 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: uXtaUMYs2Hs+Es2fSZIZ3cRNwiioX9wmSQfHEsLsGDHPpZasNDfqn07Ia/ZW1jopO8W7/LPIGP5oGiBAh2iT0w==
content-length: 11187
x-fb-trip-id: 997090344
date: Thu, 04 Jul 2019 12:14:24 GMT

Redirect headers

status: 302
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
location: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44#cb=f156ff007b914fc&domain=letzchange.org&origin=https%3A%2F%2Fletzchange.org%2Ff3db1f29ee8fd14&relation=parent&error=unknown_user
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: YpeIe57rAyU28oSbqt9/MEbM7NKD4Ybc+92oepO8UgxjH4hHIjGjBIDPpZIFzfKZIyHjMjvf+hegWA6uM/tS+Q==
content-length: 0
date: Thu, 04 Jul 2019 12:14:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/Px_7LCr7m_w

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 07:48:00	Name: PREF Value: f1=50000000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: AcAqyOHX8zM
.google.com/	1970-01-19 06:20:53	Name: NID Value: 187=eppSEhJvpz7WmRALdFvVexutvRbFzfYZ8FyMfWpZpRg87l3pa4r3jnvqjQskQeKfeRTBnnCjJUm2PMJeK5Z0gjoHDxWkJM4v30AbSQuUhAdL3jD6OBOs59RWHHtE_c5sMOI7gwp8qDhKUKZyrRq11C5UJO-LYD6UjUkyA-Kq5HY
.letzchange.org/	1970-01-19 01:58:48	Name: _gid Value: GA1.2.240347239.1562242463
.letzchange.org/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
.facebook.com/	1970-01-19 04:06:58	Name: fr Value: 0lfNBKjB29j90MoDQ..BdHe2e...1.0.BdHe2e.
.letzchange.org/	1970-01-19 04:06:58	Name: _fbp Value: fb.1.1562242462714.1530089801
.youtube.com/	1970-01-19 01:57:24	Name: GPS Value: 1
.letzchange.org/	1970-01-19 01:57:22	Name: _gat Value: 1
.youtube.com/	1970-01-19 06:16:34	Name: VISITOR_INFO1_LIVE Value: B8HMOQvxqy8
.letzchange.org/	1970-01-19 19:28:34	Name: _ga Value: GA1.2.49458062.1562242463

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
connect.facebook.net
letzchange.org
letzchangefiles.s3.ap-southeast-1.amazonaws.com
platform-lookaside.fbsbx.com
secure.gravatar.com
staticxx.facebook.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.youtube.com
www.youtube.com
163.47.8.191
2a00:1450:4001:808::200d
2a00:1450:4001:809::200e
2a00:1450:4001:814::2003
2a00:1450:4001:815::200e
2a00:1450:4001:81e::2004
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
52.219.40.179
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e9c89db8872c93b55bc7ff3d319193f24da8ba5a98b8ea043e25d1f2a55090
1cd3fe6171077c1d21c2b2e60a32cb2a73dddcb18e26017a14cb198bad7956c6
1f78377cbc263e6e14bf68002af8eb05b870109bb0559c37608fecbc01f3ea6f
2853497d813539e799a39894af60e059dfccd17f18f15dcf815e383f32614d19
28b8afea116e2fb000f51a58c3d7177cb4b51f1ab2d5b5d63778a1a71574671c
2cdc7482af3176d3c41e97a312dcf7e679a5b3b49b32c5ad4642c5b30e1b6017
44b2386295bd1c753d4b2d514f2353692d3d2363efd8a935e529cff7933e1e78
458464aba7770df9bf16a225234a2e98f66b4fc49059e181119d9801a3ece3ab
4c4d733ccd5ef43de8e7a6ed2dec883b47a2bbba5334b98f47ebb69bd439e9c8
5623f83d36add864c71f29903e6ca2f148d605e733de748d686e4ceaa7dab713
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
6e01193f702ffac7f25012ce007079d69654042070ae048d7839bcddc7a0ec5c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e17a9a7fd627cd6e880a95500fab53f8481a6f25d0ddb0abe785539d339e97a
92e664688f2904690829d81794a1d8e3264966d376d79ce3fbea15e8b5a0b68c
97be84bde2ccde9ee7d8586d3f1109660562768fd3b480f2a27cb267c6bc29bb
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
b15af30cb20bd1db558a2c557c679d4936e67e1ce04df301a2e4ecc29b51f5e9
b17777a0936a2a038eb381875c4df291d030a4a25d14417185df573396734dce
b4da99b65a6e3399ee6354d6f4e3ce13dcf09dfdc6a79d2f654ba5d0084a95ed
c4812f9980ece4ce9c5c754abe8bfec7e6e9c848ca7b5d45417f41def55a987d
c48b3f5f25bc50b50ca3d2e7c55cf734bb66c53ecf71d9f18ec07b9feeaeec52
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d3b11e4d87f9fb6421fad9f1dbdfc49f19a33c58e9391390b00f45b5fcdea366
de33c2473dfa4f9549dd1e9e06769fbd4eaf80a08cb7cda03b7a830cad52f414
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea081ce06acd3f71688ca38d50d8331dfca27aabdb04b19e4b86b3d5b4b2a170
ed0f1728cd5d7df2775a86675c45ae40e9269e424cb96e8762cf080c4663ad41
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12ff55e63fc09abfd3ef4ec1ded12cbd069f0cb94ee3bb365fd043f74893c75
f5a9f3ea448a3b7bde8cde7c5a1e81ad7ab86b3a5f70f567e3ed5599f055115d
f831b98faf6f22252c0e1a588ffbd96cd049eb0cee138b6b574e61414a64b82f
ffa30d1cae6c9d115c7bb75f63ae595a470037a280c9ab2d9941bcbdc8306e8d

letzchange.org Open in urlscan Pro 163.47.8.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

36 Requests

97 %HTTPS

83 %IPv6

11 Domains

14 Subdomains

11 IPs

4 Countries

1559 kBTransfer

5317 kBSize

11 Cookies

7 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

letzchange.org Open in urlscan Pro
163.47.8.191 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

97 %
HTTPS

83 %
IPv6

11
Domains

14
Subdomains

11
IPs

4
Countries

1559 kB
Transfer

5317 kB
Size

11
Cookies

36 HTTP transactions
6 data transactions