www.change.org Open in urlscan Pro
104.17.89.51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://chng.it/8VN4TT8CPQ
Effective URL:
https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_...
Submission: On June 17 via manual (June 17th 2019, 2:42:51 am UTC) from IN

Summary HTTP 65 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 13 domains to perform 65 HTTP transactions. The main IP is 104.17.89.51, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.change.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 31st 2018. Valid for: a year.

This is the only time www.change.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.218.253.50 52.218.253.50	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
38	104.17.89.51 104.17.89.51	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:183::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	52.0.9.1 52.0.9.1	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
65	17

1 52.218.253.50 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

chng.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 104.17.89.51 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-fe.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:183::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.9.1 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-9-1.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	change.org www.change.org static.change.org assets-fe.change.org assets.change.org	2 MB
7	google.com 1 redirects www.google.com apis.google.com accounts.google.com	54 KB
5	facebook.com 1 redirects staticxx.facebook.com www.facebook.com	1 KB
5	facebook.net connect.facebook.net	139 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	151 KB
2	google.de www.google.de	244 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	bing.com bat.bing.com	7 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	gstatic.com www.gstatic.com	92 KB
1	googletagmanager.com www.googletagmanager.com	29 KB
1	chng.it 1 redirects chng.it	481 B
65	13

	Domain	Requested by
18	assets.change.org	www.change.org assets-fe.change.org
10	www.change.org	assets-fe.change.org
6	assets-fe.change.org	www.change.org assets-fe.change.org
5	connect.facebook.net	www.change.org assets-fe.change.org connect.facebook.net
4	www.google.com	1 redirects www.change.org www.gstatic.com
4	static.change.org	www.change.org assets-fe.change.org
3	www.facebook.com	1 redirects www.change.org
2	errors.client.optimizely.com	assets-fe.change.org
2	staticxx.facebook.com	connect.facebook.net
2	www.google.de	www.change.org
2	apis.google.com	assets-fe.change.org apis.google.com
2	bat.bing.com	www.change.org
2	www.google-analytics.com	1 redirects www.change.org
1	accounts.google.com	apis.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	www.change.org
1	cdn.optimizely.com	www.change.org
1	chng.it	1 redirects
65	21

This site contains links to these domains. Also see Links.

Domain
help.change.org
guide.change.org
twitter.com
www.facebook.com
policies.google.com

Subject Issuer	Validity	Valid
change.org CloudFlare Inc ECC CA-2	`2018-08-31` - `2019-08-31`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
cdn.optimizely.com DigiCert ECC Secure Server CA	`2018-11-24` - `2020-02-23`	a year	crt.sh
www.google.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
www.googleadservices.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 5	`2017-07-20` - `2019-07-10`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
*.apis.google.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
accounts.google.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Frame ID: 81BE29133053199EE408690A3CA8B05E
Requests: 62 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftsXMUAAAAALlWG1yUWFRGkwxc7P-ZFroKILkc&co=aHR0cHM6Ly93d3cuY2hhbmdlLm9yZzo0NDM.&hl=en&v=v1559543665173&size=invisible&cb=g8v7u3l57kz
Frame ID: A57328F7010A39318DDF9FC1E9BF96CB
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: C77FB9085B4E4E66B203E7341414B213
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 1B2941B45C256A289692A2F8BCCEB89F
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 125F7DBE526A558D4433A85E34F7C81B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://chng.it/8VN4TT8CPQ HTTP 301
https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_m... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i
script /react.*\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

65
Requests

100 %
HTTPS

78 %
IPv6

13
Domains

21
Subdomains

17
IPs

5
Countries

2605 kB
Transfer

9020 kB
Size

15
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://help.change.org/s/?language=en
Title: Help

Search URL Search Domain Scan URL

URL: https://guide.change.org/
Title: Guides

Search URL Search Domain Scan URL

URL: https://twitter.com/Change
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/change.org
Title: Facebook

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://chng.it/8VN4TT8CPQ HTTP 301
https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.google-analytics.com/r/collect?v=1&_v=j76&aip=1&a=129056340&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2Fp%2Ffree-nazanin-ratcliffe%3Frecruiter%3D215944586%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26utm_term%3D73d1b25fe09145f8b2d9d535733d0b9e%26recruited_by_id%3D44a27a20-a089-11e4-bc17-27a90216dc09&dp=%2Fp%2Ffree-nazanin-ratcliffe%3Frecruiter%3D215944586%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26utm_term%3D73d1b25fe09145f8b2d9d535733d0b9e%26recruited_by_id%3D44a27a20-a089-11e4-bc17-27a90216dc09&ul=en-us&de=UTF-8&dt=Petition%20%C2%B7%20Free%20Nazanin%20Ratcliffe%20%C2%B7%20Change.org&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAEABE~&jid=909533799&gjid=1069127708&cid=748324748.1560739355&tid=UA-5889778-1&_gid=47468428.1560739355&_r=1&z=2130710567 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=748324748.1560739355&jid=909533799&_gid=47468428.1560739355&gjid=1069127708&_v=j76&z=2130710567 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=748324748.1560739355&jid=909533799&_v=j76&z=2130710567 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=748324748.1560739355&jid=909533799&_v=j76&z=2130710567&slf_rd=1&random=1230700631

Request Chain 46

https://www.facebook.com/connect/ping?client_id=48409868550&domain=www.change.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dff9494735f9d0c%26domain%3Dwww.change.org%26origin%3Dhttps%253A%252F%252Fwww.change.org%252Ff27f3dea10c2db4%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

65 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request free-nazanin-ratcliffe Show response
www.change.org/p/
Redirect Chain

http://chng.it/8VN4TT8CPQ
https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_i...

106 KB
29 KB

437ms
388ms

Document
text/html

104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd1fb5fff967d9fd53f449b4ed6e239d254b3cceb25b8ca8199c37790d609d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://.doubleclick.net https://.google.com https://.googleapis.com https://.googletagmanager.com https://.google-analytics.com https://.gstatic.com https://.ytimg.com https://.facebook.com https://.facebook.net https://.fbcdn.net fbrpc://* fb-messenger://* https://.twitter.com https://.twimg.com https://vk.com https://.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://.salesforceliveagent.com https://.braintreegateway.com https://.paypalobjects.com https://.paypal.com .optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://.pubnub.com https://bat.bing.com https://.briteverify.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://.staticflickr.com; connect-src 'self' blob: https://.change.org https://change-production.s3.amazonaws.com https://.googleapis.com https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://.facebook.net fbrpc:// fb-messenger://* https://.twitter.com https://.vk.com https://.braintreegateway.com https://.paypal.com .optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://api.stripe.com https://.pubnub.com https://.briteverify.com https://api.soundcloud.com https://api.airbrake.io; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src blob: data:; form-action 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:method: GET
:authority: www.change.org
:scheme: https
:path: /p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 17 Jun 2019 02:42:34 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d8569e80ab5b4ad0d5749582f4dc027bc1560739354; expires=Tue, 16-Jun-20 02:42:34 GMT; path=/; domain=.change.org; HttpOnly; Secure _change_session=; Domain=.change.org; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT _change_session=92b18d252bd27dc45ea97c47860bf8e4; Path=/; HttpOnly; Secure tracking_data=%7B%22user_uuid%22%3A%228f939f40-90a9-11e9-a1fb-6b245f868f69%22%7D; Max-Age=2700; Path=/; Expires=Mon, 17 Jun 2019 03:27:34 GMT; Secure _change_lang=%7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22US%22%7D; Max-Age=86400; Path=/; Expires=Tue, 18 Jun 2019 02:42:34 GMT; Secure invite=%7B%22recruiter_id%22%3A215944586%2C%22requested_at%22%3A%222019-06-17T02%3A42%3A34.457Z%22%7D; Domain=.change.org; Path=/ __cfruid=060ccc8be3dbad500819371873721c9d0d57c13d-1560739354; path=/; domain=.change.org; HttpOnly __cf_bm=36abd466d091203ff04a08a8f05e53f197c7f8ec-1560739354-1800-AfwCsdaw2ZfnHyQrYBbRJ7oq1BQwKDKMa11cm+jCRNymiIJScgFOPpSB+/l7rOasNLh7yBaEQ9kN2MJVMXddNOI=; path=/; expires=Mon, 17-Jun-19 03:12:34 GMT; domain=.change.org; HttpOnly
cache-control: no-cache
cf-railgun: fc3369e441 11.31 0.192322 0032 e6be
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://*.pubnub.com https://bat.bing.com https://*.briteverify.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://api.stripe.com https://*.pubnub.com https://*.briteverify.com https://api.soundcloud.com https://api.airbrake.io; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self';
x-frame-options: sameorigin
x-request-id: 40c819db-a015-4c42-a976-a7404f1c5120
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4e81abc46e7ad8c9-AMS
content-encoding: gzip

Redirect headers

x-amz-id-2: rLwCPOa0VhuEQKf/pBCJDSLSBjUkpIDdydrIcb7/mO+4tLvbKw4PpMcOA+agLtuQWPqUPCUbVjI=
x-amz-request-id: C5E5721406DC0E66
Date: Mon, 17 Jun 2019 02:42:35 GMT
Location: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Content-Length: 0
Server: AmazonS3

GET
H2 200 Change-Calibre-Regular.woff2
static.change.org/fonts/ 30 KB
31 KB 74ms
24ms Font
application/octet-stream 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.change.org/fonts/Change-Calibre-Regular.woff2

Requested by

Host: www.change.org
URL: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

552426fa67711398e49423a732526e763187afd768567b87e139fec853820809

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org

Response headers

date: Mon, 17 Jun 2019 02:42:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
access-control-max-age: 3000
content-type: application/octet-stream
content-length: 30956
last-modified: Tue, 19 Apr 2016 05:44:47 GMT
server: cloudflare
etag: "58b40d8b77ba9c43a803a9779a22f8c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
x-amz-version-id: kWNZjdaKXPzoQBC5TZ48DMAGUj.3kpR3
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=1382400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 4e81abc72a499ce8-AMS
expires: Wed, 03 Jul 2019 02:42:34 GMT

GET
H2 200 Change-Calibre-Bold.woff2
static.change.org/fonts/ 31 KB
32 KB 89ms
39ms Font
application/octet-stream 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://static.change.org/fonts/Change-Calibre-Bold.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org

Response headers

date: Mon, 17 Jun 2019 02:42:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
access-control-max-age: 3000
content-type: application/octet-stream
content-length: 32028
last-modified: Tue, 19 Apr 2016 05:45:19 GMT
server: cloudflare
etag: "682c36331f52784f4ea0b00d69b95d2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
x-amz-version-id: 3jrU_Dju8RrOkM9darm4OVCeQ.ZT6UeB
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=1382400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 4e81abc72a4a9ce8-AMS
expires: Wed, 03 Jul 2019 02:42:34 GMT

GET
H2 200 rendr-JaaCnc-_3M-c4Pzo39azbyfZnvP206jEVjPW4lkZpLk.css.gz
assets-fe.change.org/rendr-fe/css/ 168 KB
50 KB 36ms
22ms Stylesheet
text/css 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-fe.change.org/rendr-fe/css/rendr-JaaCnc-_3M-c4Pzo39azbyfZnvP206jEVjPW4lkZpLk.css.gz

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

25a6829dcfbfdccf9ce0fce8dfd6b36f27d99ef3f6d3a8c45633d6e25919a4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 50517
last-modified: Wed, 22 May 2019 23:37:54 GMT
server: cloudflare
etag: "ded09603e6cdfe22ec8a384cf531f546"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1314000
accept-ranges: bytes
cf-ray: 4e81abc6f905d8c9-AMS
expires: Tue, 02 Jul 2019 07:42:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 6927
date: Mon, 17 Jun 2019 00:47:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Mon, 17 Jun 2019 02:47:07 GMT

GET
H2 200 11391265293.js Show response
cdn.optimizely.com/js/ 1 MB
151 KB 60ms
9ms Script
text/javascript 2a02:26f0:6c00:183::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/11391265293.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:183::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

52bb57ab316af3ba247eba06acd28474bb4492d585f25ba11b17562689eab04b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: 7i9nQ5FcpB7hL0FkAi.fPB8wQ4NAbyPC
content-encoding: gzip
x-amz-request-id: 8B181BD995252C55
status: 200
access-control-max-age: 86400
date: Mon, 17 Jun 2019 02:42:34 GMT
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:183::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
content-length: 153220
x-amz-id-2: H5BgOVVOcUHcS6UFJB39CcrpPwBEYFEJxe7ZF05o2RsrNUZkB2tuQJ5t08XyUB4zDC06wF/2SHc=
last-modified: Fri, 14 Jun 2019 20:59:21 GMT
server: AmazonS3
etag: "3cc05e2fa505a9fd8c9fe1f7c8974bfe"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 11974
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 796 B
575 B 17ms
17ms Script
text/javascript 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LftsXMUAAAAALlWG1yUWFRGkwxc7P-ZFroKILkc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

6884471c4ea37959804b7023bf5402e187cda75daef1d71558b67dbd46d17d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 480
x-xss-protection: 1; mode=block
expires: Mon, 17 Jun 2019 02:42:34 GMT

GET
H2 200 gqOUGqpiaTVWmdr-800x450-noPad.jpg
assets.change.org/photos/6/ou/gq/ 66 KB
66 KB 41ms
25ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/6/ou/gq/gqOUGqpiaTVWmdr-800x450-noPad.jpg?1528432978

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e04d132685f3d34bc13519af5b1241e8578a3f91e38f15ad6d58909f0f39134

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=70538, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 67697
last-modified: Fri, 08 Jun 2018 04:42:58 GMT
server: cloudflare
etag: "3fdd753b40d9de4562b7171ca42a9da8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abc7494fd8c9-AMS
expires: Mon, 24 Jun 2019 02:42:34 GMT

GET
H2 200 DeHXKGlrCuYeGxP-48x48-noPad.jpg
assets.change.org/photos/9/hx/kg/ 1 KB
1 KB 1100ms
1085ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/9/hx/kg/DeHXKGlrCuYeGxP-48x48-noPad.jpg?1538840950

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5038e0829c145f0fddec355832244e76dc21b1fe133329eab6cdc9037be6301e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 06 Oct 2018 15:49:11 GMT
server: cloudflare
etag: "75afbf98318f239822de4d288c91a620"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abc74951d8c9-AMS
content-length: 1084
expires: Mon, 24 Jun 2019 02:42:35 GMT

GET
H2 200 kHMNXdZontgshcn-128x128-noPad.jpg
assets.change.org/photos/9/mn/xd/ 5 KB
5 KB 40ms
25ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/9/mn/xd/kHMNXdZontgshcn-128x128-noPad.jpg?1528432977

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7df123bd0b319c699a3c16cfb56df9b91a9daf000cd8262d7abf6b623d6911e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: status=not_needed
status: 200
cf-bgj: imgq:100
content-length: 5189
last-modified: Fri, 08 Jun 2018 04:42:58 GMT
server: cloudflare
etag: "53376e3ed72969578eb953692534aafb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abc74952d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:34 GMT

GET
H2 200 fontFaceObserver-6aeb8e120955ae5ccbb2.js.gz Show response
assets-fe.change.org/react-fe/ 7 KB
3 KB 77ms
39ms Script
application/javascript 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-fe.change.org/react-fe/fontFaceObserver-6aeb8e120955ae5ccbb2.js.gz

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

18c3604c4584bbab9265cf6ec6be1859e953089715c3f8b266e105236e6fec9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org

Response headers

date: Mon, 17 Jun 2019 02:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
access-control-max-age: 3000
content-length: 2594
last-modified: Thu, 13 Jun 2019 22:24:17 GMT
server: cloudflare
etag: "5719a7e9439eef621c2cdae5c80b052a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1314000
accept-ranges: bytes
cf-ray: 4e81abc72a4b9ce8-AMS
expires: Tue, 02 Jul 2019 07:42:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 93 KB
29 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:814::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NMT3DV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea4a95c81cf223f1d01d7e2679403d4cd9adf9c1e944f26c65bb947eeaec1414

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:34 GMT
content-encoding: br
last-modified: Thu, 13 Jun 2019 17:57:39 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 29204
x-xss-protection: 0
expires: Mon, 17 Jun 2019 02:42:34 GMT

GET
H2 200 petitionsEntry-cb44e564f82996363fee.js.gz Show response
assets-fe.change.org/react-fe/ 1 MB
345 KB 38ms
35ms Script
application/javascript 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

35db78fa1566e5ccda69a5cd24a1966ac6c6cc05f85a5163c4828ea2884836ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org

Response headers

date: Mon, 17 Jun 2019 02:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
access-control-max-age: 3000
content-length: 352120
last-modified: Fri, 14 Jun 2019 18:13:08 GMT
server: cloudflare
etag: "d7fe7c16c9c6ab3e182ce728c0d43fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1314000
accept-ranges: bytes
cf-ray: 4e81abc72a4c9ce8-AMS
expires: Tue, 02 Jul 2019 07:42:34 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1559543665173/ 263 KB
92 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1559543665173/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LftsXMUAAAAALlWG1yUWFRGkwxc7P-ZFroKILkc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e5fe8177578150e8faf71219cfe439c2391501f077c8015ec03d694c9ea3ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Jun 2019 17:45:00 GMT
server: sffe
age: 970576
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 93780
x-xss-protection: 0
expires: Thu, 04 Jun 2020 21:06:18 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://www.change.org

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 47ms
16ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMT3DV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 8912
x-xss-protection: 0
server: cafe
etag: 11386026576561889187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Jun 2019 02:42:34 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 92ms
49ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.change.org
URL: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 134d9689dd766fbea01b7b16563704e655883a93b76f55a6acf999f67510f8b5

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:34 GMT
content-encoding: gzip
last-modified: Tue, 28 May 2019 20:50:22 GMT
x-msedge-ref: Ref A: A70014B2AA04466383DD9455A417641C Ref B: VIEEDGE0408 Ref C: 2019-06-17T02:42:34Z
access-control-allow-origin: *
etag: "03b90f79615d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7104

GET
H2 200 a4aace49e51101358fefd8bb4a062198_9eef49837fda280f77762f85c13dcaafc549aa9e Show response
www.change.org/api-proxy/-/translations/en-US/ 418 KB
110 KB 24ms
23ms Fetch
application/json 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/translations/en-US/a4aace49e51101358fefd8bb4a062198_9eef49837fda280f77762f85c13dcaafc549aa9e

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7014ee4053a1b327cdf75d2b153d9f43d5f1dc4eae95fdb47841d3b28f25a377

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
etag: W/"68919-+/ufYyNAAZki//ny/uTKGI59KeY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
status: 200
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 4e81abc91b23d8c9-AMS
x-request-id: c8db50f1-2e8c-4e91-9a99-6a46d88435bd

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame A573 0
0 72ms
71ms Document
text/html 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftsXMUAAAAALlWG1yUWFRGkwxc7P-ZFroKILkc&co=aHR0cHM6Ly93d3cuY2hhbmdlLm9yZzo0NDM.&hl=en&v=v1559543665173&size=invisible&cb=g8v7u3l57kz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1559543665173/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b3I6P+nP3UjHoGSKzNi9LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LftsXMUAAAAALlWG1yUWFRGkwxc7P-ZFroKILkc&co=aHR0cHM6Ly93d3cuY2hhbmdlLm9yZzo0NDM.&hl=en&v=v1559543665173&size=invisible&cb=g8v7u3l57kz
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 17 Jun 2019 02:42:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-b3I6P+nP3UjHoGSKzNi9LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9908
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
17 KB 47ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16120
x-xss-protection: 0
pragma: public
x-fb-debug: eHOxYTnC2QbUl7npQAfJmEGzyEPQZir8CIMaUtCyxdYGpplMED1Mmr1Gsh5cTAlwbSIRo7qsbq5CfET8hn0F4w==
date: Mon, 17 Jun 2019 02:42:35 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8c579f9ec8e3f97edc5f3c3b3fd4fd5703776e528ac45bcb650ff3a024534bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: oVMjVccU9S+hHs3eiU7zJg==
status: 200
date: Mon, 17 Jun 2019 02:42:35 GMT
vary: Accept-Encoding
content-length: 1779
x-fb-debug: NCkKXrHkF4QYpfhmR5PGz3w7rw4oeB9rSgpG1rkTxZ6kx27Iy87kTKdKZTRxN8CAVSofxBqVVazSaP8S/yu4sA==
x-fb-content-md5: e51387f7f4ee11c0b3bf507d3e5bb150
etag: "1e12d3a58384d003fbb33ac0e198da6b"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 17 Jun 2019 02:51:02 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 43 KB
17 KB 57ms
32ms Script
application/javascript 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

ca5355a92f61b3280f0bea6f31d3b228d0a5ab3564ab34e63c5f23e4ea63f09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-Yvy7HLfIaxyqld7AKngMgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "4dd480a903b7ea38f4d9d1b69a12adc4"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Mon, 17 Jun 2019 02:42:35 GMT

POST
H2 200 graphql Show response
www.change.org/api-proxy/ 81 B
346 B 207ms
207ms Fetch
application/json 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/graphql

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7f50bd7195d1f45e8b63f8d6444dad5ad83d1f3510e0fb56c17617b480b232e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: */*
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org
X-CSRF-Token: 917d0a6a915835dbe37942e422712ca4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/json

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun: 3ecd202ddc 99.99 0.010342 0032 e6be
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 4e81abca3c54d8c9-AMS
x-request-id: db311768-a42c-44d5-a18f-a2c80edc1891

POST
H2 200 event_tracker
www.change.org/api-proxy/-/ 2 B
114 B 259ms
258ms Other
application/json 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/event_tracker?_csrf=917d0a6a915835dbe37942e422712ca4

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
x-content-type-options: nosniff
server: cloudflare
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun: 08f72c39ff 99.99 0.048358 0032 e6be
content-type: application/json; charset=utf-8
status: 200
cache-control: no-cache
cf-ray: 4e81abcafd22d8c9-AMS
content-length: 2
x-request-id: 1961f27f-02d5-46e5-922d-cbaf5b313222

POST
H2 200 graphql Show response
www.change.org/api-proxy/ 5 KB
1 KB 280ms
280ms Fetch
application/json 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/graphql

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

baa333022b01af7a0bfb80d08f2e770cf603744dd3e15e5ab065b3802648ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: */*
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org
X-CSRF-Token: 917d0a6a915835dbe37942e422712ca4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/json

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun: 35264056ea 54.67 0.080618 0032 e6be
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 4e81abcafd2fd8c9-AMS
x-request-id: 6e9c83ec-70aa-4b50-90cd-bc63e6a4e1df

GET
H2 200 updatesAndCommentsChunk-0ae311465c0c9ba5797c.js Show response
assets-fe.change.org/react-fe/ 27 KB
7 KB 23ms
23ms Script
application/javascript 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-fe.change.org/react-fe/updatesAndCommentsChunk-0ae311465c0c9ba5797c.js

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcff931383b5ce1230524746f48e47e7adc37d1e66c3ff234b932bb613fe490a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
access-control-max-age: 3000
last-modified: Fri, 14 Jun 2019 18:10:34 GMT
server: cloudflare
etag: W/"3cca21f9907c7397520c35e061ad0bf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1314000
cf-ray: 4e81abcafc089ce8-AMS
expires: Tue, 02 Jul 2019 07:42:35 GMT

GET
H2 200 changeAssets-b0026fb8f090a213157d.js.gz Show response
assets-fe.change.org/react-fe/ 4 MB
1017 KB 26ms
26ms Fetch
application/javascript 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-fe.change.org/react-fe/changeAssets-b0026fb8f090a213157d.js.gz

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6180d3c8bdc03cdf7bdb30861dd06c0d2f00cab19fdc54c7aab888e943505f4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-length: 1040156
last-modified: Fri, 14 Jun 2019 20:00:00 GMT
server: cloudflare
etag: "e5aa51ab1a45cf61cd444c9c51ccee77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1314000
accept-ranges: bytes
cf-ray: 4e81abcb0c0b9ce8-AMS
expires: Tue, 02 Jul 2019 07:42:35 GMT

POST
H2 200 event_tracker
www.change.org/api-proxy/-/ 2 B
240 B 209ms
207ms Other
application/json 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/event_tracker?_csrf=917d0a6a915835dbe37942e422712ca4

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
x-content-type-options: nosniff
server: cloudflare
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun: 1b072d0eac 99.99 0.004576 0032 e6be
content-type: application/json; charset=utf-8
status: 200
cache-control: no-cache
cf-ray: 4e81abcb2d62d8c9-AMS
content-length: 2
x-request-id: 32dc1752-d343-491c-a32b-fcdafdd00d20

GET
H2 200 suggestedPetitionsChunk-a38504e0d975abe1b085.js Show response
assets-fe.change.org/react-fe/ 11 KB
4 KB 34ms
33ms Script
application/javascript 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-fe.change.org/react-fe/suggestedPetitionsChunk-a38504e0d975abe1b085.js

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6e3479b665e0091bab2c96c0ac83876bf14470af66d104fc6bd8f6d57c8545a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
access-control-max-age: 3000
last-modified: Fri, 14 Jun 2019 18:10:34 GMT
server: cloudflare
etag: W/"31493735889e9c0ade6cb1ffb5ae8f71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1314000
cf-ray: 4e81abcb2c149ce8-AMS
expires: Tue, 02 Jul 2019 07:42:35 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j76&aip=1&a=129056340&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2Fp%2Ffree-nazanin-ratcliffe%3Frecruiter%3D215944586%26utm_source%3Dshare_pet...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=748324748.1560739355&jid=909533799&_gid=47468428.1560739355&gjid=1069127708&_v=j76&z=2130710567
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=748324748.1560739355&jid=909533799&_v=j76&z=2130710567
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=748324748.1560739355&jid=909533799&_v=j76&z=2130710567&slf_rd=1&random=1230700631

42 B
109 B

20ms
18ms

Image
image/gif

2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=748324748.1560739355&jid=909533799&_v=j76&z=2130710567&slf_rd=1&random=1230700631

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 02:42:35 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jun 2019 02:42:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=748324748.1560739355&jid=909533799&_v=j76&z=2130710567&slf_rd=1&random=1230700631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/?random=1560739355377&cv=9&fst=1560739355377&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg651&sendb=1&frm=0&url=https%3A%2F%2Fwww.change.org%2Fp%2Ffree-nazanin-ratcliffe%3Frecruiter%3D215944586%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26utm_term%3D73d1b25fe09145f8b2d9d535733d0b9e%26recruited_by_id%3D44a27a20-a089-11e4-bc17-27a90216dc09&tiba=Petition%20%C2%B7%20Free%20Nazanin%20Ratcliffe%20%C2%B7%20Change.org&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

224e2919b573f38fffd063295af2711c1910b42c79e31481a6e25c0ca76a6f87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1111
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
170 B 51ms
49ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5321513&Ver=2&mid=3fbc15f2-5a40-a247-59fd-7d32e58ab5a9&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Petition%20%C2%B7%20Free%20Nazanin%20Ratcliffe%20%C2%B7%20Change.org&p=https%3A%2F%2Fwww.change.org%2Fp%2Ffree-nazanin-ratcliffe%3Frecruiter%3D215944586%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26utm_term%3D73d1b25fe09145f8b2d9d535733d0b9e%26recruited_by_id%3D44a27a20-a089-11e4-bc17-27a90216dc09&r=&lt=1249&evt=pageLoad&msclkid=N&rn=949266
Requested by: Host: www.change.org
URL: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 17 Jun 2019 02:42:35 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 50903F3F5917402BA0D6622F60195C2B Ref B: VIEEDGE0408 Ref C: 2019-06-17T02:42:35Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1081902691834097 Show response
connect.facebook.net/signals/config/ 228 KB
60 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1081902691834097?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

6c60604d0836b4f26c3133aaba4bfec57cc6c505355e7030c186059c36231773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 61415
x-xss-protection: 0
pragma: public
x-fb-debug: PDYwAuaafoSD1H9fvLbfEGhQ3tJv1zsc8iBe75XgTvaBW2EYaQLslHX38nI8nqk2hOfljJ3M6XpmUbENSPTkRA==
date: Mon, 17 Jun 2019 02:42:35 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ywYXyus3sb0.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOsZnQDDj3ufJlvqOBbMYynG3yOyg/ 106 KB
36 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ywYXyus3sb0.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOsZnQDDj3ufJlvqOBbMYynG3yOyg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f12ff55e63fc09abfd3ef4ec1ded12cbd069f0cb94ee3bb365fd043f74893c75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 22:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Jun 2019 13:32:10 GMT
server: sffe
age: 189203
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 36874
x-xss-protection: 0
expires: Sat, 13 Jun 2020 22:09:12 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
59 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=73d9dbecec6776007a5d74e4ae756901&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

4a66a382dd40cbdbbad6c93db4b3d41655c88ae1362e1b426b84afe241690443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vB++aGsA8G+X3QaB91SBBA==
status: 200
date: Mon, 17 Jun 2019 02:42:35 GMT
vary: Accept-Encoding
content-length: 59889
x-fb-debug: JmB6LebPHhrErBNE2W2/zq1y+4xWXZbswmspM7GjEb5x/oYvs9llwfrBfpFX36tpmv8wyEGz/wow7WCcucq3lQ==
x-fb-content-md5: 6f1dc4e79f7ea4a737dfa5028096becf
etag: "b17ff902032581794b5d8e21281b7942"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 16 Jun 2020 02:13:52 GMT

POST
H2 200 graphql Show response
www.change.org/api-proxy/ 3 KB
2 KB 221ms
221ms Fetch
application/json 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/graphql

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a11a596d7a48af897163752bdffe1a55a761779319254fc4e9906cc761a09c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: */*
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org
X-CSRF-Token: 917d0a6a915835dbe37942e422712ca4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/json

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun: b8c1356ddd 87.26 0.014045 0032 e6be
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 4e81abcc5ed3d8c9-AMS
x-request-id: 973faaf9-5621-471f-b511-e3a54de9ed93

POST
H2 200 graphql Show response
www.change.org/api-proxy/ 1 KB
752 B 247ms
247ms Fetch
application/json 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/graphql

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4c23e3dcaa6241b303261e15267fcb8cf26593567c210a16bb5e95b9c77d428

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: */*
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org
X-CSRF-Token: 917d0a6a915835dbe37942e422712ca4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/json

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun: f2097f4f97 99.99 0.050984 0032 e6be
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 4e81abcc5ed5d8c9-AMS
x-request-id: c35e0246-482b-4657-96bc-0191353aa5b2

GET
H2 200 /
www.google.com/pagead/1p-user-list/991363857/ 42 B
110 B 29ms
28ms Image
image/gif 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/991363857/?random=1560739355377&cv=9&fst=1560736800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg651&sendb=1&frm=0&url=https%3A%2F%2Fwww.change.org%2Fp%2Ffree-nazanin-ratcliffe%3Frecruiter%3D215944586%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26utm_term%3D73d1b25fe09145f8b2d9d535733d0b9e%26recruited_by_id%3D44a27a20-a089-11e4-bc17-27a90216dc09&tiba=Petition%20%C2%B7%20Free%20Nazanin%20Ratcliffe%20%C2%B7%20Change.org&async=1&fmt=3&cdct=2&is_vtc=1&random=3676916604&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 02:42:35 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/991363857/ 42 B
135 B 24ms
23ms Image
image/gif 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/991363857/?random=1560739355377&cv=9&fst=1560736800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg651&sendb=1&frm=0&url=https%3A%2F%2Fwww.change.org%2Fp%2Ffree-nazanin-ratcliffe%3Frecruiter%3D215944586%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26utm_term%3D73d1b25fe09145f8b2d9d535733d0b9e%26recruited_by_id%3D44a27a20-a089-11e4-bc17-27a90216dc09&tiba=Petition%20%C2%B7%20Free%20Nazanin%20Ratcliffe%20%C2%B7%20Change.org&async=1&fmt=3&cdct=2&is_vtc=1&random=3676916604&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 02:42:35 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 graphql Show response
www.change.org/api-proxy/ 43 KB
17 KB 383ms
383ms Fetch
application/json 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/graphql

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ba0618d07aa3e1e30e33d73bda8175b7eb33e030196ac959a15b61478c2ebb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: */*
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org
X-CSRF-Token: 917d0a6a915835dbe37942e422712ca4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/json

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun: 7743b3304e 100.00 0.171347 0032 e6be
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 4e81abcc9f0dd8c9-AMS
x-request-id: 072f2785-7829-420f-ae5c-bafa9112a31b

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
896 B 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: Wh36tC1s1W7PNrQTt22NYJekgDNPw6FuUbh07VxxL/TN0eZF1RQCLHz6mpZguhKoalsE0yYKI1Z2OMY4ZZSYwA==
date: Mon, 17 Jun 2019 02:42:35 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe
accounts.google.com/o/oauth2/ Frame C77F 0
0 45ms
45ms Document
text/html 2a00:1450:4001:808::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ywYXyus3sb0.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOsZnQDDj3ufJlvqOBbMYynG3yOyg/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SQbGrJr+Unp20JjvQ9TBWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
accept-encoding: gzip, deflate, br
cookie: NID=185=FR8-ojkotXYtH3Z_Dvvd6ShUItFdu5HbpwURhQHUZa24KkYcfXUCaJjfDwixcSrXAViU-dS1cgKJKQAhgvBJSsl8kpn8N3Sjm0zSdT01FrOB9yCXG7bw4c8q-8MxTPQidxHe-RmVS1hkwfJiOqPC_CRRZn23HlCegepjyYgqxyk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 17 Jun 2019 02:42:35 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-SQbGrJr+Unp20JjvQ9TBWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 default-user-profile.svg
static.change.org/profile-img/ 1 KB
921 B 26ms
26ms Image
image/svg+xml 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.change.org/profile-img/default-user-profile.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2017 22:37:42 GMT
server: cloudflare
etag: W/"f298390723ddb7e909a52d9a735afe3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: bDeVBE9W0tDnzU2_EA.MV2TSJLs8TNcI
status: 200
cache-control: public, max-age=1382400
cf-ray: 4e81abcd4ff3d8c9-AMS
content-type: image/svg+xml
expires: Wed, 03 Jul 2019 02:42:35 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 1B29 0
0 43ms
6ms Document
text/html 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=73d9dbecec6776007a5d74e4ae756901&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 13 Jun 2020 23:39:22 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: 2T3UWvjqQywDuJ8AsPvvlxOluhwH5VdwxWrZAJus67yLha4ylraiJz1Z1fX3x9ty+cADEev8lfw7fq5uJ4RuiQ==
content-length: 11184
date: Mon, 17 Jun 2019 02:42:35 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
323 B 23ms
5ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081902691834097&ev=PageView&dl=https%3A%2F%2Fwww.change.org%2Fp%2Ffree-nazanin-ratcliffe%3Frecruiter%3D215944586%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26utm_term%3D73d1b25fe09145f8b2d9d535733d0b9e%26recruited_by_id%3D44a27a20-a089-11e4-bc17-27a90216dc09&rl=&if=false&ts=1560739355774&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1560739355773.855100690&it=1560739355524&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Jun 2019 02:42:35 GMT

GET
H2 204 chk_captcha_v3 Show response
www.change.org/cdn-cgi/l/ 0
245 B 63ms
63ms XHR
text/plain 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.change.org/cdn-cgi/l/chk_captcha_v3?req_id=4e81abc46e7ad8c9&t=03AOLTBLR3aOlCOc9c2gf98pyzsW8YqFVxlUCMSu3lKwlHY6VgUK5y1zTXtrOB_lno23IQK57g98j9w_t4nZqYrsC_vv-zi8q-LYJwE_qfwzEmXEOnzmGwfS93aMVx8mdRAkVJ7hz6u1XsxRXBIiG7xo4WGecgzaojs6FK7iHW2sxL1_ECrYP83BMHOzzZbvs5wQn5oBMd7O8bC6i_7Va1XEUG_3Kmh77WLrucLt5p98OticoqVZ1pctPxMKynOfARLmulz2K6SU1kZO-3aJQ1oYK6c1Eb3qZvDNHmZkNLf6er1WF9ig9pGe7o0Fq0nBGLA6ze4Srf56U1
Requested by: Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 17 Jun 2019 02:42:35 GMT
server: cloudflare
cf-ray: 4e81abcdc893d8c9-AMS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

OPTIONS
H/1.1 200
OK log Show response
errors.client.optimizely.com/ 13 B
406 B 396ms
95ms XHR
text/plain 52.0.9.1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.9.1 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-0-9-1.compute-1.amazonaws.com
Software: /
Resource Hash: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method: POST
Origin: https://www.change.org
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 17 Jun 2019 02:42:36 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.change.org
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

GET
H2

200

xd_arbiter.php
staticxx.facebook.com/connect/ Frame 125F
Redirect Chain

https://www.facebook.com/connect/ping?client_id=48409868550&domain=www.change.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dff949473...
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

0
0

6ms
6ms

Document
text/html

2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=73d9dbecec6776007a5d74e4ae756901&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
accept-encoding: gzip, deflate, br
cookie: fr=0KNiUHspwmkuIoRRv..BdBv4b...1.0.BdBv4b.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 13 Jun 2020 23:39:22 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: 2T3UWvjqQywDuJ8AsPvvlxOluhwH5VdwxWrZAJus67yLha4ylraiJz1Z1fX3x9ty+cADEev8lfw7fq5uJ4RuiQ==
content-length: 11184
date: Mon, 17 Jun 2019 02:42:35 GMT

Redirect headers

status: 302
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
location: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44#cb=ff9494735f9d0c&domain=www.change.org&origin=https%3A%2F%2Fwww.change.org%2Ff27f3dea10c2db4&relation=parent&error=unknown_user
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 8SSjjP+GEimmm26FMS4/nA9yaBC7LlGGleXVx+CSZIbQsIQAXV+wFnF+xF9y9jMk4fKwFCBgjNVrGvckQ0XmOA==
content-length: 0
date: Mon, 17 Jun 2019 02:42:35 GMT

GET
H2 200 ABvTYBeSabGFagz-800x450-noPad.jpg
assets.change.org/photos/1/vt/yb/ 42 KB
42 KB 30ms
29ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/1/vt/yb/ABvTYBeSabGFagz-800x450-noPad.jpg?1560584024

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

43afe99be201bd36ad64cd7bea564b866bbb8f9dda91b597719430e34f7e2138

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=44378, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 43268
last-modified: Sat, 15 Jun 2019 07:33:45 GMT
server: cloudflare
etag: "f1c2712e096db259921cc883675c08f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abce8955d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:35 GMT

GET
H2 200 kHMNXdZontgshcn-48x48-noPad.jpg
assets.change.org/photos/9/mn/xd/ 1 KB
1 KB 23ms
22ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/9/mn/xd/kHMNXdZontgshcn-48x48-noPad.jpg?1528433140

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5bd258582d2b8035b9ddec036abbb29649714e8fd2d17572156cab0ccf1d2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: status=not_needed
status: 200
cf-bgj: imgq:100
content-length: 1321
last-modified: Fri, 08 Jun 2018 04:45:41 GMT
server: cloudflare
etag: "e301c2a0397d1568dbd37e3a9f58fb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcea978d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:35 GMT

GET
H2 200 default-user-profile.svg
static.change.org/profile-img/ 1 KB
777 B 21ms
21ms Image
image/svg+xml 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.change.org/profile-img/default-user-profile.svg

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2017 22:37:42 GMT
server: cloudflare
etag: W/"f298390723ddb7e909a52d9a735afe3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: bDeVBE9W0tDnzU2_EA.MV2TSJLs8TNcI
status: 200
cache-control: public, max-age=1382400
cf-ray: 4e81abceb983d8c9-AMS
content-type: image/svg+xml
expires: Wed, 03 Jul 2019 02:42:35 GMT

GET
H2 200 mGznKbVOqnHnRAW-48x48-noPad.jpg
assets.change.org/photos/0/zn/kb/ 1 KB
1 KB 20ms
20ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/0/zn/kb/mGznKbVOqnHnRAW-48x48-noPad.jpg?1528437021

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec5c96096ffa4d451eced53a2e1852cbadb1406d617a04485aa433aa3ad5ed0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: status=not_needed
status: 200
cf-bgj: imgq:100
content-length: 1421
last-modified: Fri, 08 Jun 2018 05:50:22 GMT
server: cloudflare
etag: "8d96802ab9c9eed87184bfd0cbdc9ab1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcec993d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:35 GMT

GET
H2 200 KrUHfjmdLqTKwRa-400x225-noPad.jpg
assets.change.org/photos/9/uh/fj/ 17 KB
18 KB 25ms
24ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/9/uh/fj/KrUHfjmdLqTKwRa-400x225-noPad.jpg?1551356270

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

96e7705a78beae55c968232ca2504103e1d7fc37590a2bb0517edec3c270f425

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=17796, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 17789
last-modified: Thu, 28 Feb 2019 12:17:51 GMT
server: cloudflare
etag: "06096fbfce2c92d94748100837a1f09a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcf8a90d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:36 GMT

GET
H2 200 EYtjJVxvFfPTsDw-400x225-noPad.jpg
assets.change.org/photos/8/tj/jv/ 14 KB
14 KB 26ms
24ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/8/tj/jv/EYtjJVxvFfPTsDw-400x225-noPad.jpg?1550345391

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1adfa1241163ac96a6b5ce5803a42eb40a2af0db3f916107bdfe0f7291db8627

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=14760, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 14656
last-modified: Sat, 16 Feb 2019 19:29:52 GMT
server: cloudflare
etag: "0a1843966067a7bce40f01437181c199"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcf8a91d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:36 GMT

GET
H2 200 jhUMZqazLJsDHGb-400x225-noPad.jpg
assets.change.org/photos/0/um/zq/ 24 KB
24 KB 28ms
26ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/0/um/zq/jhUMZqazLJsDHGb-400x225-noPad.jpg?1558060931

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

512cfaf6b4566d8a5a540b04d8e92cf99b9ea0253f1aceaaea519e1f7aee8964

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=25797, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 24884
last-modified: Fri, 17 May 2019 02:42:12 GMT
server: cloudflare
etag: "0f2314de3a9d9fa53d82771018e356bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcf8a92d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:36 GMT

GET
H2 200 NqaoxkQZqSgKSXU-400x225-noPad.jpg
assets.change.org/photos/1/ao/xk/ 29 KB
29 KB 30ms
28ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/1/ao/xk/NqaoxkQZqSgKSXU-400x225-noPad.jpg?1559986417

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a969e17bf15641c6dc73f06ca11ff23253f6892ddfa3a50ff83ceb61632516c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=30691, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 29242
last-modified: Sat, 08 Jun 2019 09:33:38 GMT
server: cloudflare
etag: "63f41a0cc33920b5e656572f1f1932e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcf8a93d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:36 GMT

GET
H2 200 NLBOtqvWxTEjTXq-400x225-noPad.jpg
assets.change.org/photos/4/bo/tq/ 13 KB
13 KB 24ms
22ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/4/bo/tq/NLBOtqvWxTEjTXq-400x225-noPad.jpg?1560439081

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c22de4045685d76df1224d4b0e86089f53f5d13a43d254ec5ea0c8ee2d25449

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: status=not_needed
status: 200
cf-bgj: imgq:100
content-length: 13231
last-modified: Thu, 13 Jun 2019 15:18:02 GMT
server: cloudflare
etag: "c73277dff569bdb61b63e938f330c531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcf8a94d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:36 GMT

GET
H2 200 QbHUhylDBOygpFp-400x225-noPad.jpg
assets.change.org/photos/9/hu/hy/ 66 KB
67 KB 28ms
27ms Image
image/webp 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/9/hu/hy/QbHUhylDBOygpFp-400x225-noPad.jpg?1558715052

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

579954aa6d17c5cbec7a2ff8735f0982f1ce9aade3f5dbc973cd75c61cac2de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=446463
status: 200
content-disposition: inline; filename="QbHUhylDBOygpFp-400x225-noPad.webp"
cf-bgj: imgq:100
content-length: 67906
last-modified: Fri, 24 May 2019 16:24:13 GMT
server: cloudflare
etag: "ca010a311cba1e1f744d53a63edcfb70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcf8a95d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:36 GMT

GET
H2 200 NUQUzTkHZoUdUCQ-400x225-noPad.jpg
assets.change.org/photos/3/qu/zt/ 19 KB
19 KB 30ms
20ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/3/qu/zt/NUQUzTkHZoUdUCQ-400x225-noPad.jpg?1559567195

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

91e8bcd90cc7547eb03bb094f398aac94215537ff1f5c4310d1e134e97b0e186

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=20102, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 19713
last-modified: Mon, 03 Jun 2019 13:06:36 GMT
server: cloudflare
etag: "f4ca159b5aaadbc54ece3f53be9f5e32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcfbadbd8c9-AMS
expires: Mon, 24 Jun 2019 02:42:36 GMT

GET
H2 200 IfuZMGWeYgXKQuc-400x225-noPad.jpg
assets.change.org/photos/5/uz/mg/ 28 KB
28 KB 28ms
19ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/5/uz/mg/IfuZMGWeYgXKQuc-400x225-noPad.jpg?1556838906

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a06786f144c3c09999be054494340382b0f3916011b842546b422c0993f38927

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=29368, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 28190
last-modified: Thu, 02 May 2019 23:15:07 GMT
server: cloudflare
etag: "7ad596c957c49bff99726ad018a2c5e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcfbadcd8c9-AMS
expires: Mon, 24 Jun 2019 02:42:36 GMT

GET
H2 200 fSIYTekXLgsNyfh-400x225-noPad.jpg
assets.change.org/photos/5/iy/te/ 29 KB
29 KB 29ms
21ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/5/iy/te/fSIYTekXLgsNyfh-400x225-noPad.jpg?1547918418

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

500b3f291850d559aa0ad41ead56823ce13d69d28ddb5c328ee99a72418d3b9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=30644, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 29303
last-modified: Sat, 19 Jan 2019 17:20:19 GMT
server: cloudflare
etag: "76f5fe2811eec5cc1064b5fcd8aa8f97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcfcae5d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:36 GMT

GET
H2 200 CwqTyYUpeHvCoGv-400x225-noPad.jpg
assets.change.org/photos/6/qt/yy/ 17 KB
17 KB 34ms
27ms Image
image/jpeg 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/6/qt/yy/CwqTyYUpeHvCoGv-400x225-noPad.jpg?1552516266

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c89b2c2081235dea9826dcb89c89334e73a8d8c313f0610fd6feec73c8123bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=17589, status=webp_bigger
status: 200
cf-bgj: imgq:100
content-length: 17382
last-modified: Wed, 13 Mar 2019 22:31:07 GMT
server: cloudflare
etag: "93734459999ebe9fa340347b177f75b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcfcae6d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:36 GMT

GET
H2 200 IVcPOpUHSUfwHVt-400x225-noPad.jpg
assets.change.org/photos/9/cp/op/ 7 KB
7 KB 31ms
25ms Image
image/webp 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/9/cp/op/IVcPOpUHSUfwHVt-400x225-noPad.jpg?1543858684

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4fb5d6f793c7ac1c166c9763ebd5ad2b0864a12ab1115b0c5b08defc8485c99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=12807
status: 200
content-disposition: inline; filename="IVcPOpUHSUfwHVt-400x225-noPad.webp"
cf-bgj: imgq:100
content-length: 7150
last-modified: Mon, 03 Dec 2018 17:38:05 GMT
server: cloudflare
etag: "b1ebc10acb858f067e5491982db3276b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcfcae7d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:36 GMT

GET
H2 200 wahMDSSThWrxluC-400x225-noPad.jpg
assets.change.org/photos/6/hm/ds/ 62 KB
62 KB 24ms
23ms Image
image/webp 104.17.89.51
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/6/hm/ds/wahMDSSThWrxluC-400x225-noPad.jpg?1559086221

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-cb44e564f82996363fee.js.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bebb0236fa7b2f0a4852a90177babb8597a56846b569d7041b539e11064939d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=292988
status: 200
content-disposition: inline; filename="wahMDSSThWrxluC-400x225-noPad.webp"
cf-bgj: imgq:100
content-length: 63572
last-modified: Tue, 28 May 2019 23:30:21 GMT
server: cloudflare
etag: "11f63d032c836eda36a0000d2c62c70e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4e81abcfcae9d8c9-AMS
expires: Mon, 24 Jun 2019 02:42:36 GMT

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
240 B 95ms
95ms XHR
text/plain 52.0.9.1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.9.1 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-0-9-1.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
Origin: https://www.change.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.change.org
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Mon, 17 Jun 2019 02:42:36 GMT
Content-Type: text/plain

GET
H2 200 /
www.facebook.com/tr/ 44 B
145 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081902691834097&ev=Microdata&dl=https%3A%2F%2Fwww.change.org%2Fp%2Ffree-nazanin-ratcliffe%3Frecruiter%3D215944586%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26utm_term%3D73d1b25fe09145f8b2d9d535733d0b9e%26recruited_by_id%3D44a27a20-a089-11e4-bc17-27a90216dc09&rl=&if=false&ts=1560739356322&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Petition%20%C2%B7%20Free%20Nazanin%20Ratcliffe%20%C2%B7%20Change.org%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Change.org%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.change.org%2Fp%2Ffree-nazanin-ratcliffe%22%2C%22og%3Atitle%22%3A%22Sign%20the%20Petition%22%2C%22og%3Adescription%22%3A%22Free%20Nazanin%20Ratcliffe%22%2C%22og%3Alocale%22%3A%22en_GB%22%2C%22og%3Atype%22%3A%22change-org%3Apetition%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.51&r=stable&ec=1&o=30&fbp=fb.1.1560739355773.855100690&it=1560739355524&coo=false&es=automatic&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.change.org/p/free-nazanin-ratcliffe?recruiter=215944586&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=73d1b25fe09145f8b2d9d535733d0b9e&recruited_by_id=44a27a20-a089-11e4-bc17-27a90216dc09
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:42:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Jun 2019 02:42:36 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.facebook.com/	1970-01-19 03:41:55	Name: fr Value: 0KNiUHspwmkuIoRRv..BdBv4b...1.0.BdBv4b.
.change.org/	1970-01-19 03:41:55	Name: _fbp Value: fb.1.1560739355773.855100690
.change.org/	1970-01-19 10:17:55	Name: __cfduid Value: d8569e80ab5b4ad0d5749582f4dc027bc1560739354
.www.change.org/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
.change.org/	1970-01-19 01:32:19	Name: _gat Value: 1
.change.org/	1970-01-19 01:32:21	Name: __cf_bm Value: 1cfddef5046b4b8ae225d72efe1135762840ea3a-1560739355-1800-AYYNPUGw4S7NLe7MQkwioc1RnVjmFscgHU5ua6rTw0LOPOk0fyj7mSAXdzrbaZBEfduJII6Ou9bwGCCOVPwgGlGQtl9ME0XKk/Z6+/D/htxUePhnVv7j1xnXJKIfkTbDng==
.change.org/	1970-01-19 01:33:45	Name: _gid Value: GA1.2.47468428.1560739355
.change.org/	1970-01-19 03:41:55	Name: _gcl_au Value: 1.1.1212604396.1560739355
www.change.org/	1970-01-19 01:32:22	Name: tracking_data Value: %7B%22user_uuid%22%3A%228f939f40-90a9-11e9-a1fb-6b245f868f69%22%7D
.change.org/	1969-12-31 23:59:59	Name: __cfruid Value: 060ccc8be3dbad500819371873721c9d0d57c13d-1560739354
www.change.org/	1969-12-31 23:59:59	Name: _change_session Value: 92b18d252bd27dc45ea97c47860bf8e4
.change.org/	1969-12-31 23:59:59	Name: invite Value: %7B%22recruiter_id%22%3A215944586%2C%22requested_at%22%3A%222019-06-17T02%3A42%3A34.457Z%22%7D
.google.com/	1970-01-19 05:55:50	Name: NID Value: 185=FR8-ojkotXYtH3Z_Dvvd6ShUItFdu5HbpwURhQHUZa24KkYcfXUCaJjfDwixcSrXAViU-dS1cgKJKQAhgvBJSsl8kpn8N3Sjm0zSdT01FrOB9yCXG7bw4c8q-8MxTPQidxHe-RmVS1hkwfJiOqPC_CRRZn23HlCegepjyYgqxyk
.change.org/	1970-01-19 19:03:31	Name: _ga Value: GA1.2.748324748.1560739355
www.change.org/	1970-01-19 01:33:45	Name: _change_lang Value: %7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22US%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://.doubleclick.net https://.google.com https://.googleapis.com https://.googletagmanager.com https://.google-analytics.com https://.gstatic.com https://.ytimg.com https://.facebook.com https://.facebook.net https://.fbcdn.net fbrpc://* fb-messenger://* https://.twitter.com https://.twimg.com https://vk.com https://.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://.salesforceliveagent.com https://.braintreegateway.com https://.paypalobjects.com https://.paypal.com .optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://.pubnub.com https://bat.bing.com https://.briteverify.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://.staticflickr.com; connect-src 'self' blob: https://.change.org https://change-production.s3.amazonaws.com https://.googleapis.com https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://.facebook.net fbrpc:// fb-messenger://* https://.twitter.com https://.vk.com https://.braintreegateway.com https://.paypal.com .optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://api.stripe.com https://.pubnub.com https://.briteverify.com https://api.soundcloud.com https://api.airbrake.io; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src blob: data:; form-action 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.optimizely.com
chng.it
connect.facebook.net
errors.client.optimizely.com
googleads.g.doubleclick.net
static.change.org
staticxx.facebook.com
stats.g.doubleclick.net
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.17.89.51
216.58.206.2
2620:1ec:c11::200
2a00:1450:4001:808::200d
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:814::2008
2a00:1450:4001:818::200e
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::2002
2a00:1450:400c:c00::9c
2a02:26f0:6c00:183::13b8
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.0.9.1
52.218.253.50
0ba0618d07aa3e1e30e33d73bda8175b7eb33e030196ac959a15b61478c2ebb1
0bd1fb5fff967d9fd53f449b4ed6e239d254b3cceb25b8ca8199c37790d609d3
0c5bd258582d2b8035b9ddec036abbb29649714e8fd2d17572156cab0ccf1d2f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134d9689dd766fbea01b7b16563704e655883a93b76f55a6acf999f67510f8b5
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
18c3604c4584bbab9265cf6ec6be1859e953089715c3f8b266e105236e6fec9f
1a969e17bf15641c6dc73f06ca11ff23253f6892ddfa3a50ff83ceb61632516c
1adfa1241163ac96a6b5ce5803a42eb40a2af0db3f916107bdfe0f7291db8627
224e2919b573f38fffd063295af2711c1910b42c79e31481a6e25c0ca76a6f87
25a6829dcfbfdccf9ce0fce8dfd6b36f27d99ef3f6d3a8c45633d6e25919a4b9
2bebb0236fa7b2f0a4852a90177babb8597a56846b569d7041b539e11064939d
2e04d132685f3d34bc13519af5b1241e8578a3f91e38f15ad6d58909f0f39134
35db78fa1566e5ccda69a5cd24a1966ac6c6cc05f85a5163c4828ea2884836ca
43afe99be201bd36ad64cd7bea564b866bbb8f9dda91b597719430e34f7e2138
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a66a382dd40cbdbbad6c93db4b3d41655c88ae1362e1b426b84afe241690443
4c22de4045685d76df1224d4b0e86089f53f5d13a43d254ec5ea0c8ee2d25449
500b3f291850d559aa0ad41ead56823ce13d69d28ddb5c328ee99a72418d3b9f
5038e0829c145f0fddec355832244e76dc21b1fe133329eab6cdc9037be6301e
512cfaf6b4566d8a5a540b04d8e92cf99b9ea0253f1aceaaea519e1f7aee8964
52bb57ab316af3ba247eba06acd28474bb4492d585f25ba11b17562689eab04b
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
579954aa6d17c5cbec7a2ff8735f0982f1ce9aade3f5dbc973cd75c61cac2de4
6180d3c8bdc03cdf7bdb30861dd06c0d2f00cab19fdc54c7aab888e943505f4c
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
6884471c4ea37959804b7023bf5402e187cda75daef1d71558b67dbd46d17d84
6c60604d0836b4f26c3133aaba4bfec57cc6c505355e7030c186059c36231773
7014ee4053a1b327cdf75d2b153d9f43d5f1dc4eae95fdb47841d3b28f25a377
771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1
8c579f9ec8e3f97edc5f3c3b3fd4fd5703776e528ac45bcb650ff3a024534bf5
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
91e8bcd90cc7547eb03bb094f398aac94215537ff1f5c4310d1e134e97b0e186
96e7705a78beae55c968232ca2504103e1d7fc37590a2bb0517edec3c270f425
97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa
a06786f144c3c09999be054494340382b0f3916011b842546b422c0993f38927
a11a596d7a48af897163752bdffe1a55a761779319254fc4e9906cc761a09c21
a4fb5d6f793c7ac1c166c9763ebd5ad2b0864a12ab1115b0c5b08defc8485c99
a7df123bd0b319c699a3c16cfb56df9b91a9daf000cd8262d7abf6b623d6911e
b7f50bd7195d1f45e8b63f8d6444dad5ad83d1f3510e0fb56c17617b480b232e
baa333022b01af7a0bfb80d08f2e770cf603744dd3e15e5ab065b3802648ce20
bcff931383b5ce1230524746f48e47e7adc37d1e66c3ff234b932bb613fe490a
c4c23e3dcaa6241b303261e15267fcb8cf26593567c210a16bb5e95b9c77d428
c89b2c2081235dea9826dcb89c89334e73a8d8c313f0610fd6feec73c8123bc8
ca5355a92f61b3280f0bea6f31d3b228d0a5ab3564ab34e63c5f23e4ea63f09a
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e5fe8177578150e8faf71219cfe439c2391501f077c8015ec03d694c9ea3ae
ea4a95c81cf223f1d01d7e2679403d4cd9adf9c1e944f26c65bb947eeaec1414
ec5c96096ffa4d451eced53a2e1852cbadb1406d617a04485aa433aa3ad5ed0f
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12ff55e63fc09abfd3ef4ec1ded12cbd069f0cb94ee3bb365fd043f74893c75
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
f6e3479b665e0091bab2c96c0ac83876bf14470af66d104fc6bd8f6d57c8545a

www.change.org Open in urlscan Pro 104.17.89.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

78 %IPv6

13 Domains

21 Subdomains

17 IPs

5 Countries

2605 kBTransfer

9020 kBSize

15 Cookies

6 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.change.org Open in urlscan Pro
104.17.89.51 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

78 %
IPv6

13
Domains

21
Subdomains

17
IPs

5
Countries

2605 kB
Transfer

9020 kB
Size

15
Cookies

65 HTTP transactions
1 data transactions