gxrw.changeoflead.org Open in urlscan Pro
2606:4700:3037::ac43:cea9  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response gxrw.changeoflead.org/	33 KB 7 KB	2924ms 2814ms	Document text/html	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8033aa647ee3eb8bda15a5ca0cdf20bff712ef8a58543bb26fe0b19e71bd8aa0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-cache-status DYNAMIC cf-ray 843f1fb0fa4f74b8-MIA content-encoding br content-type text/html; charset=utf-8 date Thu, 11 Jan 2024 18:11:45 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH9FRCP1uRmZHYmEyDewhi%2FIZAFmOFf%2BPtnk22jGrSfKB5Ygqb%2BO1ZUCNYTBhvfju8uhZ%2Btk%2Buy0HcZrYicGbgxCX8m50AlHLgiTpQrITefvhP%2FqB5QvwfSA1g94%2FXxZ3xm4vg2%2FifrhnabDKZ%2FWt43uJEc%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	font-awesome.min.css gxrw.changeoflead.org/includes/templates/lw_a56/font/css/	30 KB 7 KB	148ms 145ms	Stylesheet text/css	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/font/css/font-awesome.min.css Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT content-encoding br cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64b4f10b-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sP8j0cOCN5HLmKtwC7X8rmCj2qHwSO1EfKABSlmMhuS6WTODkBG4dCPXUS4aDSvtnhUk80gzI2QZx55J4phHRKgpqey5AcTLrZ58cxwjUo64tNyg4Q%2F%2BBsN3erWG9AjGmDXJyKtCKvqNALkh6UMd8deNh8c%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 843f1fc29e1474b8-MIA alt-svc h3=":443"; ma=86400 expires Fri, 12 Jan 2024 06:11:45 GMT
GET H2	200	style_categories.css gxrw.changeoflead.org/includes/templates/lw_a56/css/	2 KB 1002 B	141ms 140ms	Stylesheet text/css	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/css/style_categories.css Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9432c08588c922de75b972b101e2c8052cf8ea4889b615c5c76b697b47c59550 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT content-encoding br cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64b4f10b-6cd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFQwlQv1bgBBOr601nQBlR5SXt9Y2hsfGYwpp27thlZvx2ymV5OymM4AklBpEMLLTTrs75ulc4sriooFeXwRK09%2FmJ1F2jqH9ZYYVQyTSBDpiWatKUjQqiAWTn4OmGIrytnSl9A30YjsQk5VJZKVP7aRlqM%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 843f1fc29e1f74b8-MIA alt-svc h3=":443"; ma=86400 expires Fri, 12 Jan 2024 06:11:45 GMT
GET H2	200	stylesheet.css gxrw.changeoflead.org/includes/templates/lw_a56/css/	14 KB 4 KB	134ms 133ms	Stylesheet text/css	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/css/stylesheet.css Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cdf431a09b8561a43190a1a3dae1b6eb91aded7867872e52d12b94a66ad2ac3 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT content-encoding br cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64b4f10b-372d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntZL88eA1PgADhzBh5sp4CkpSywEUaQaln9bQdB65gxS9GsLEf58dz%2FiKLk3AUo5h69eaJ531bXCWTEasXQ20bYXkT7ktTKtnbf86pp%2BHOMqynS%2BeEpe51ov7E61ReQcXOv1IZVz3bavs2lEB0F6juNM5Ms%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 843f1fc29e2374b8-MIA alt-svc h3=":443"; ma=86400 expires Fri, 12 Jan 2024 06:11:45 GMT
GET H2	200	stylesheet_cart.css gxrw.changeoflead.org/includes/templates/lw_a56/css/	8 KB 3 KB	133ms 131ms	Stylesheet text/css	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/css/stylesheet_cart.css Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35d5f96c4a62f60647b8768dc77f58c22509066451cf10ff9bd43fd4a05488cc Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT content-encoding br cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64b4f10b-214a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8Nxda99o27216FdQX%2FZHbAhrEZzBoYUxhQ%2FNL1GeW4l8E%2F11v9U9hEoITQ5PfApu99nWDOBc8mrdnoYAuaFVfBLeoG6MQXBrbPLHGTsnBfIkkaIFrhW6h951lP4JX1eXmV%2Folhvwz1dOQjvzmV2o%2B5D9jE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 843f1fc29e2774b8-MIA alt-svc h3=":443"; ma=86400 expires Fri, 12 Jan 2024 06:11:45 GMT
GET H2	200	stylesheet_css_buttons.css gxrw.changeoflead.org/includes/templates/lw_a56/css/	1 KB 722 B	135ms 133ms	Stylesheet text/css	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/css/stylesheet_css_buttons.css Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0986fc607c3f0eda74239d9c50b6dc97dccbab797e8f4980d829281477896441 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT content-encoding br cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64b4f10b-553" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQZ%2F%2FjjRuoqcevmMDy2w0yfmvpaYa6OJHf3yKrXUElWKdufPkIZLAd%2B9hnsyhGA1FKTVM11PUQTwWLkFa9B%2BwBUFB%2BVslN6%2Fb5ISrZakokbOWweqBgFX%2FSuxpdHg6cxTMvnYsiweyyfbAKVdmIhzTcVy9EE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 843f1fc29e2e74b8-MIA alt-svc h3=":443"; ma=86400 expires Fri, 12 Jan 2024 06:11:45 GMT
GET H2	200	stylesheet_index_home.css gxrw.changeoflead.org/includes/templates/lw_a56/css/	3 KB 1 KB	136ms 135ms	Stylesheet text/css	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/css/stylesheet_index_home.css Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a2e19c522d740d3e6a49131006499bd4c324660e99e88ce66f4fbba0f34344e Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT content-encoding br cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64b4f10b-dfd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNcxGEqC8280vn4uZ5FPFKQqysi9T7SYCBE9w2rxKHZ1outu3BibrSpaKZ%2B%2FsdquZui0iRVgFOIYGrdOi0rmFISc7eU9vHqt9OZU6r1ZE0symnfvqZWba4VCOro%2Fwtb1NzadwUuZX29xW%2F0m6vXGBsjYLhU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 843f1fc29e3374b8-MIA alt-svc h3=":443"; ma=86400 expires Fri, 12 Jan 2024 06:11:45 GMT
GET H2	200	stylesheet_related.css gxrw.changeoflead.org/includes/templates/lw_a56/css/	2 KB 1009 B	135ms 134ms	Stylesheet text/css	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/css/stylesheet_related.css Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 69d28bc47bbc5f2f9e55ef5e80ce1122a5bf6c6559783ec134bcfff5d94aac4a Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT content-encoding br cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64b4f10b-80e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZbl%2FKY6%2Fj2Ofid70SJs02WxVUW%2BKqzsiFtpmO3548jEKMHIYbE080JnUzHZvvQiJar0s6x%2F6C4s7Oo7HpwUtxFHqgWRhlb5mZk%2Fdotah1bj7n%2FS87YsgIRIG9PDUxchxvXYDemgtJkHFJUsy0h3KnS2hJE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 843f1fc29e3474b8-MIA alt-svc h3=":443"; ma=86400 expires Fri, 12 Jan 2024 06:11:45 GMT
GET H2	200	stylesheet_tm.css gxrw.changeoflead.org/includes/templates/lw_a56/css/	35 KB 9 KB	156ms 154ms	Stylesheet text/css	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/css/stylesheet_tm.css Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca9c34812f42e02d65fb7f7a6a139d42bd41c6fd9ab9e1f0db04cf97900817bb Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT content-encoding br cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64b4f10b-8d77" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFMOBOP0GEcbkhl5o2GDhnYT7%2BVoCFsd7YHV%2BslO3lyua46LbXfUA8eL2XM4Q%2F1OcXRl%2BPw7JyfDJhjiZjDAS3DV8BCQB7f8Nd5uFTOavOoR7hfujO27tMps0x2pMskpdnonapKOM5Y3t3qDz3%2BCVX2ZoGQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 843f1fc29e3674b8-MIA alt-svc h3=":443"; ma=86400 expires Fri, 12 Jan 2024 06:11:45 GMT
GET H2	200	logo.png gxrw.changeoflead.org/includes/templates/lw_a56/images/	10 KB 10 KB	140ms 139ms	Image image/png	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/logo.png Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 253b6d4a3324125857dcd1511dbe287c8a6739fe60fea9481fcf18032b00a1be Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-2867" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOccT%2F2q2LWjkZYV8YBOG2ZicxI%2BtyKreS8Oy0a5sabltj0L%2ByqE2aVI5KXOmUC6p62yKccZHaE6xuI6xanwcZETRBfOoMY5XBFrNMe4DaqbLje8LP69MHGuoPjNLQs7JIWHqFbkgqimdcb0u7dDpwhVLgY%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc29e3874b8-MIA alt-svc h3=":443"; ma=86400 content-length 10343 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H2	200	head_search.png gxrw.changeoflead.org/includes/templates/lw_a56/images/	4 KB 4 KB	137ms 136ms	Image image/png	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/head_search.png Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5c74aed62409ad640ab769043a57ae5a91ec6befec377fa025ae08ee5e9a809 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-f70" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNgZSSlCtUPIu8%2FTjEUaoaYhexpiadZcvxiP8TUFFjtHf%2Famen9M8g07O8ed6Ry2KnIG5AbR9GVJPGJXdOQ3dem8Ku1UP1QYTSar74QQmmdNyegpDtOBLLkoDoqLsuQqantrK4iIsP8xhmLTafPUIqMOIlg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc29e3974b8-MIA alt-svc h3=":443"; ma=86400 content-length 3952 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H3	200	banner5.jpg gxrw.changeoflead.org/includes/templates/lw_a56/images/	96 KB 97 KB	206ms 206ms	Image image/jpeg	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/banner5.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f037578bb2a8f3560ca55f37a391e0b3c612ad06e878b31901e67f8775eed2e Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:46 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-18144" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGu1khHCaDTjr05SuJ1k6t8BCBfMLEjM%2F2DonzJED6ZjP6kQbV5R3GnVDSBv4LafY0YEFf5gMMaRtw933HQXk9DLUXku0XwQ5sYDSy3l5XcfLflJq8zE41IB%2FzXUTsf15huLTHhn12GQCwCOdncfGnquz%2F8%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc37cc88dcc-MIA alt-svc h3=":443"; ma=86400 content-length 98628 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H3	200	rank_1.gif gxrw.changeoflead.org/includes/templates/lw_a56/images/	2 KB 2 KB	100ms 100ms	Image image/gif	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/rank_1.gif Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0362db86a76badda7ca8dec6954d760c2bfe7b5c3e438682ff3213926d5a5c08 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-7e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Qbeqk3zqiJLcF%2BRCml%2FOqqeoomVdl92DO9ilPR0VNgEJj9xqSaYzgaQlf5ujuXxgT1Nc9JQHc%2F%2FS9LwwKsUNpoQlHfpJoqlF%2FvZwO9zbAPuM3lvL75iJ60MQMHQmQFrTY5p8I1il0uTUCkuleYHuaoKDVQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc37cce8dcc-MIA alt-svc h3=":443"; ma=86400 content-length 2024 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H2	200	thumb_0.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/5fb239cb579a467514b31656/	13 KB 14 KB	1583ms 1283ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/5fb239cb579a467514b31656/thumb_0.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 22a97a60e7e06647d9b19f049cdea5b7c114a78987b8ac484f501aafabfc5f4e Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Mon, 16 Nov 2020 08:35:25 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "cfefc24056c589602b85a5ab387817eb" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 13806 x-amz-cf-id gSxlcuB-QXAq6q8h6ZZfX08TYboojh5uqdESy2A62X2AIxFazOGQtw==
GET H3	200	rank_2.gif gxrw.changeoflead.org/includes/templates/lw_a56/images/	605 B 1 KB	129ms 125ms	Image image/gif	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/rank_2.gif Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3616bc7d39ef97ce96d225530cc04796a283dabf239d3be97a21437f120832b9 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-25d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm8WvstDv9SRMTDFs0KCkEYBClyrMFFu4lp0t6NtxCs8hJEypIoXMjnIKAat8W%2BsE2I5ff6oZphjnVhqlXlK2id0vQSf%2BUk5%2BPhT3OwznPrrE6fLPUKozyCOON4ioFRqCeMDIK7f3WAl5uy%2BLh0gxYqJIp4%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d0b8dcc-MIA alt-svc h3=":443"; ma=86400 content-length 605 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H2	200	thumb_IMG_20200820_115119.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/5f3df75db5928b591340bdd6/	27 KB 28 KB	1666ms 1366ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/5f3df75db5928b591340bdd6/thumb_IMG_20200820_115119.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 2315485a83d1c9970ec00f836771e897295872a66d7f6baffc72b701750cc315 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Thu, 20 Aug 2020 04:09:03 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "13497fc83d3be2bef00cf9161675ea65" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 28080 x-amz-cf-id YSZxoydrTLVyAxsuO1UYCigDQt31yxrheBgdaxmZPWx4uTkXIxliKg==
GET H3	200	rank_3.gif gxrw.changeoflead.org/includes/templates/lw_a56/images/	2 KB 2 KB	132ms 128ms	Image image/gif	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/rank_3.gif Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb9a0139afb41bc80e768ff61a5a3bf3956da00bea0bb6fe6fcde50589b79065 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-7c6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zbw0dAnAUyLCKSTH0zLTQxihiwYPVfWSrIsv8vdA6AbFa5C4HvCd3TMec9pwH%2Fr2Op5YdvluPdEBhUXU59gAXe%2FDoTBMWoONtjeRhxK2pO0TqYkFWo6B4o3Z9AB3V8LouVXIMKkSqEblZIVbEsh15%2BHabNk%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d0d8dcc-MIA alt-svc h3=":443"; ma=86400 content-length 1990 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H2	200	slide_IMG_4335.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/6263c1abeed309321ebbdc24/	35 KB 35 KB	1582ms 1282ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/6263c1abeed309321ebbdc24/slide_IMG_4335.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash d225268a5c9e06ffc8d792efb59d03f8e37e4b95115b3f61a252c6a0a0dce0cb Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Sat, 23 Apr 2022 09:06:56 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "0b716326d689b444915a07807951da43" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 35865 x-amz-cf-id dmCs-HKxzRM51Jf_O3GxDjmLHg_3h7bi1cXi4bL_zbzJZgnzO7RqMw==
GET H3	200	rank_4.gif gxrw.changeoflead.org/includes/templates/lw_a56/images/	726 B 1 KB	131ms 127ms	Image image/gif	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/rank_4.gif Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5a91abf348d298145f1f237505150cc1f60673b0a21b459cdf4029ba188bcd4 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-2d6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43oOtTr02Z%2FGfKq53sp%2BoIQZQjokZU57c7rk9%2FEcYdoi80W0XoyZXHSPAonbBvbPRnbTVLl4VRfuKNZh5oxftfOBOKo%2FBg7KEPs8UaMLhMVlAFg57X%2Fc%2FhXKNtFbGiNCQKY6PZS7NSEt%2BMbuAXWzf1OZttc%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d0f8dcc-MIA alt-svc h3=":443"; ma=86400 content-length 726 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H2	200	slide___.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/6233e3aa20ea7e13f98a0a23/	21 KB 21 KB	1554ms 1255ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/6233e3aa20ea7e13f98a0a23/slide___.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 6e51c4e8e1fc58ccc3e5d7706553ccf4f2b38dc888d0ec0305e6fd4d3de2a0db Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Fri, 18 Mar 2022 01:43:08 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "aa0325c2e0c38aa861fc0fb90cf6628c" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 21569 x-amz-cf-id C-OU2pQQAhV-jyMHHedx-eRXuyciabDEWrqlNYo0qQ22BkDPysencg==
GET H3	200	yt1.jpg gxrw.changeoflead.org/includes/templates/lw_a56/images/	35 KB 35 KB	239ms 236ms	Image image/jpeg	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/yt1.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ea4b70d30c88c0de3ce8fadac30b76501abd3feb753e95d0c92ce44f915bdc0 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-8b8e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGn5RniUoi0TVUyoKul%2FvT4Oll6zvkiGuqyL%2BH5%2FSVCiv7b1grPy1wYuCUN68x7h7YyJpx3Id5GB4Ofqht2m6KeNw5hauM2oBV4CqJ3DfI%2BSajK2Mx62mNwsD%2B1WL2K2YaUBLBKSGubj3o60QsCNJiMfkH0%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d108dcc-MIA alt-svc h3=":443"; ma=86400 content-length 35726 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H3	200	yt2.jpg gxrw.changeoflead.org/includes/templates/lw_a56/images/	54 KB 54 KB	252ms 249ms	Image image/jpeg	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/yt2.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e00ac5dc73fc41d934026f7dea7fb53bec68675c1c9a6fab14d9e29a9558475 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:46 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-d70f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d93Tjtrp52gkHY2RTHKxl0ZxbnPH1Yx9iKe7XSj5yd8Z6F9kJlJAP7YRTShgh0Wzeh4It9uNUbnJo1%2FUuo5KpuBXAdV32tkFiOgbS%2FD3CEq9j0rVzhgF%2FuskR%2B3657AVAH8LYNoysKjLuc%2Bz2SPYXhOmsUU%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d118dcc-MIA alt-svc h3=":443"; ma=86400 content-length 55055 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H3	200	yt3.jpg gxrw.changeoflead.org/includes/templates/lw_a56/images/	46 KB 46 KB	273ms 270ms	Image image/jpeg	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/yt3.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92d6e13952f9db0ee497a6bf09281f83c2f197c746bcc3d29a3d86bd31bc5254 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:46 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-b6ed" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owSd%2Be%2BeZVBLiTHuP11hoiREm2hXmraCqeIacu2gtrywSUQHk1hwCIkefooZ3CqnMA7WnIZsKC98b%2BTfFF7aozwcDneSXYRydIHofHaotd3ZIc0KfTLfrj%2Bgj7Gmea%2B7c26exDNCvc9d%2F4sO9wFrPYGQ0uM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d128dcc-MIA alt-svc h3=":443"; ma=86400 content-length 46829 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H2	200	slide_97ECFF4F-F86F-4B83-B5DD-97EC99D0B166.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/64104cdbcac2a42875e279da/	62 KB 62 KB	1582ms 1283ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/64104cdbcac2a42875e279da/slide_97ECFF4F-F86F-4B83-B5DD-97EC99D0B166.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 2ef0b2a5cd0d42d966d3349c2967c6c1995d55da4faf0861c88aed0fd3e088ad Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Tue, 14 Mar 2023 10:30:58 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "1e2869af827792684429c08b57a90e91" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 63505 x-amz-cf-id SXi8-UOMJuGl1-SGMMN1J0VbIiITO3qydcqC88BjV5fsCc9nz18DlA==
GET H2	200	slide_IMG_9724.JPEG.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/645a382bd1d1a20173b4b1f0/	24 KB 25 KB	1581ms 1283ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/645a382bd1d1a20173b4b1f0/slide_IMG_9724.JPEG.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash daa56b8b2ab19b74de5a64643652a3bbfa6ba6ff130719e42c0f62ab1bd12d16 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Tue, 09 May 2023 12:10:23 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "ffededb5c5428175c1e5317115405ecb" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 24754 x-amz-cf-id _QrHbpycluclhr5UqP1ggLNphQBlAj4FqsEyc3LC2F7k4DVb7s14pg==
GET H2	200	thumb_0.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/5ed1cb061e532c24d80e28d3/	35 KB 35 KB	1542ms 1282ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/5ed1cb061e532c24d80e28d3/thumb_0.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash eda0212de9ffc0cbb0d265c9622e6f8e133a627a26015f58a2bd456cb673efaa Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Sat, 30 May 2020 02:55:04 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "37cfdd8c43f01ce1c4f61680ff6ebb49" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 35612 x-amz-cf-id pqWdTwLkd7BDHAOUfYxlXCuRCf4WUxikFCLj5OdUcYHcgld1t9WNFA==
GET H2	200	slide_file.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/63894d9dedf954128a1a5e61/	49 KB 50 KB	1516ms 1255ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/63894d9dedf954128a1a5e61/slide_file.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 1083e16c5267f9049df7797991833c1244e14b54fd50d6c86b7c8773aee22e6c Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Fri, 02 Dec 2022 00:58:09 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "c9d968514297222f5bec186b22e867c2" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 50586 x-amz-cf-id O9nqY7v99ARiUlohRrTrQ5sUH8n3sLwXznoMcVRj8iZOUKrTdm7lhQ==
GET H2	200	slide_IMG_2843.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/6295c63af967892442d563e0/	22 KB 22 KB	1542ms 1282ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/6295c63af967892442d563e0/slide_IMG_2843.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash e7b28b870c7d2d9e8a1e61d2820784fe80ecb6fa8c9d929354b3765ddbd3a769 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Tue, 31 May 2022 07:39:43 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "b72f1b7191ef17f54c0461b459b7e2de" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 22135 x-amz-cf-id 2KRFSDrwMaVcjkXYxBPC6ialq9He42sBgIuBTPlRASyPn4rNrKjsSg==
GET H2	200	thumb_20210227_125832.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/6039c8029c44a271ea6fcc3d/	29 KB 29 KB	1516ms 1256ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/6039c8029c44a271ea6fcc3d/thumb_20210227_125832.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 59f4c9eddaa6ed77c9322f367fbadfffcd3140c8c38c1ff555f17938c5426af6 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Sat, 27 Feb 2021 04:18:16 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "c846845aaf5d21051447c1797e71bbc6" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 29390 x-amz-cf-id KR2-Yzl7amJ-wIUMggFy4nAXEKO3NBwuLM1mXwjDzks-6qWXH1xZGA==
GET H2	200	thumb_0.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/5f3cbbce1225613417262f38/	7 KB 7 KB	1541ms 1281ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/5f3cbbce1225613417262f38/thumb_0.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 6bab5af16ba41de882279013fd76a3abc11b711beec0b8e4b5ed42449d1d3a07 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Wed, 19 Aug 2020 05:42:40 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "eb09a9c24d04973242b1d934eb473713" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 6995 x-amz-cf-id 2bmE_-TX0LW7PomvgsKAkq3fd5w-YVOEQ9fir9W41U20URNT3vts9w==
GET H2	200	thumb_0.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/5fa3b20b25ed5f3ee5f49be5/	30 KB 30 KB	1541ms 1281ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/5fa3b20b25ed5f3ee5f49be5/thumb_0.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 1db1bc812be2308f316cd8566cd4c8d7a8d2441ac91f48027f108aa6b2d2558f Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Thu, 05 Nov 2020 08:04:29 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "1006af0088ef455e3e42e1903ce69073" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 30388 x-amz-cf-id 8b1gwukBWOid2_XZ5JLEHIK3pFLxBOHGaPKnkXxugDIavDagb8_dbQ==
GET H3	200	indeximgone.png gxrw.changeoflead.org/includes/templates/lw_a56/images/	451 KB 451 KB	274ms 271ms	Image image/png	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/indeximgone.png Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f51e19d7544b22fd20ac3d3a716a9a57b3bdf00230a99999a54a151a0c6dd4a8 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:46 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-70b41" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6l2BnVi4wfXpTovX4c1g5TptiQcLjwGv%2BEz4566c%2Bi5YhZajOYywWhVFP1As00j%2BO%2BQV1ECYEAqEg3eLzUA9hfKYb3U9kQU1eRn7bUcdNy8pyiTC3TXZy8WG%2FlJ1%2ByWN4hCg%2BuQCmEOO4O93pO%2B19g%2FGiI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d148dcc-MIA alt-svc h3=":443"; ma=86400 content-length 461633 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H2	200	slide_image.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/6385b82453544f0a85a9bb88/	49 KB 49 KB	1542ms 1282ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/6385b82453544f0a85a9bb88/slide_image.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 80f3ee0433a9a5bdbcca4780255e36dec7456f488e107e2768ad4604c26d70b8 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:47 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Tue, 29 Nov 2022 07:43:36 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "39f8dc307f0ee82752805a413d79f9b6" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 49736 x-amz-cf-id 6Bds6isY-YkVWIzPTOqKvJl3nhGELIV1d4giKzUcSYk45tdWAxa-MA==
GET H2	200	thumb_0.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/5fcb183a273b777c5ca0062c/	43 KB 43 KB	1540ms 1281ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/5fcb183a273b777c5ca0062c/thumb_0.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 20bb345708fe919a6a6046d8962733e43ae2e1872386818f872ede0aaa812cca Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:47 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Sat, 05 Dec 2020 05:18:52 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "9f4bc3a524844bd2078a963b26b4a8dc" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 44038 x-amz-cf-id jO0_XzVtLAwIftR-hLjLrMYR0O0UM6rb3ILMtSYjm2Go8THJbt8PCA==
GET H2	200	slide_1667744369029.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/6367c274273b772650303d6f/	23 KB 24 KB	1621ms 1361ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/6367c274273b772650303d6f/slide_1667744369029.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 00658e664bcd5470221f5b763e0d5b21f1c1cb83851e78320fd17531c36681f6 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Sun, 06 Nov 2022 14:19:36 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "f2972fa16cc4a7d0551fb331077a8603" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 23850 x-amz-cf-id UfVQwGay4F9OSIRx66TbiCyLievP1nAM-x6Uh5S9O4fo825XoBJ4aQ==
GET H2	200	thumb_1580050626966.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/5e2da8c3a6c0bb23b5823744/	11 KB 11 KB	1543ms 1284ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/5e2da8c3a6c0bb23b5823744/thumb_1580050626966.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash c5f8f18eb361bb14dc73f83dd42781193111630e0946fab88b68f14038668bf8 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Sun, 26 Jan 2020 14:57:09 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "935b0de208caaa34394e21c39841834d" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 11233 x-amz-cf-id IiC2aqCl4CtmMoSVKJs8tkrFpgLiGD5RW_xnTEHAINbTWNuR_1hH-g==
GET H2	200	thumb_DSC01786__2_.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/60f1f801c411624211cb95ea/	15 KB 16 KB	1239ms 1236ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/60f1f801c411624211cb95ea/thumb_DSC01786__2_.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 8af22955145f1faff669fe08ba7d7bcc3d7770468671abd25f68c6d6e1fc9a31 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Fri, 16 Jul 2021 21:20:06 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "3b37378c1d69bd05ec3e53a92f1c9839" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 15843 x-amz-cf-id sPBLAPAvE9Pv9VeP9-tsO6klBd9m1G9mmBP_N84oOMhdrm7QKzViNg==
GET H2	200	slide_file.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/647adc406968323510b3f0b4/	32 KB 33 KB	1317ms 1314ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/647adc406968323510b3f0b4/slide_file.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash a6a3646cf8bd3bbacae24c354be37350ca7cdb8ace565c9412015aa7a6a0c733 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Sat, 03 Jun 2023 06:23:00 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "47d0576e1a4e860621701d4b1081bc12" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 33193 x-amz-cf-id ClaPEbldBfkQkfy71Mj-2C0NCfB3vHSzPKBoQlrurqlayc4hBhilPQ==
GET H2	200	slide_IMG_20230218_131812_2.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/63f056ae044c4a24a655fa1f/	7 KB 8 KB	1323ms 1320ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/63f056ae044c4a24a655fa1f/slide_IMG_20230218_131812_2.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash a842864423021468f98b29466fd4a7847a291a7441ac21ab073e6c4239d71dfd Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Sat, 18 Feb 2023 04:40:18 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "69d3dbdfd3cd520fee499b48cd79db5a" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 7456 x-amz-cf-id zNKOwLf9XzjiRy9ixHeF3GsWKcQva3wXDhFuchw1lB1xMI0-f7RBQA==
GET H2	200	thumb_0.jpg d1d7kfcb5oumx0.cloudfront.net/articles/images/5ee45fa1d891f74526e385d2/	24 KB 24 KB	1238ms 1236ms	Image image/jpeg	52.222.153.141 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1d7kfcb5oumx0.cloudfront.net/articles/images/5ee45fa1d891f74526e385d2/thumb_0.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.153.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-153-141.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 64cdf8de2c20a9f30eedda2632b8bf12114f294548e0bbab2ff4e0b2a8bbb2be Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:48 GMT via 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront) last-modified Sat, 13 Jun 2020 05:09:55 GMT server AmazonS3 x-amz-cf-pop CDG52-P1 etag "771f3ab1a832f1eb1b86a8ea36a4928b" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=315576000 accept-ranges bytes content-length 24652 x-amz-cf-id 0naxFUTqIQLEAIs7lG_LzTG3WaCMCe8C8MIt92mVMeIK6GMhefwQsQ==
GET H3	200	main.jpg gxrw.changeoflead.org/includes/templates/lw_a56/images/	117 KB 117 KB	317ms 315ms	Image image/jpeg	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/main.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35a8f01bc67efdfdd94eb022540f18dcd06757ca24199e9cc15d441ee9dc43de Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:46 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-1d256" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBkOUGtgPy2O1vu5F4GqQdmP9hpB3lW4h8TGPnAy4RNYzNWFl9maNPeFQdcwF1QNGKo%2Bix%2FKXCwpJtxcuOaA7foUdtvfyqXm%2BO3v%2FiysXTI0fyIvnH2VCjXIuCIhkbrpjaHpxbr4Xga0TcWestKvTRgWYg4%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d158dcc-MIA alt-svc h3=":443"; ma=86400 content-length 119382 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H3	200	footer-icon-shipping.png gxrw.changeoflead.org/includes/templates/lw_a56/images/	19 KB 20 KB	339ms 337ms	Image image/png	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/footer-icon-shipping.png Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81ee56e2de839432c2d91faded3d4d0bb1cbf22edb8064f1c138e90108f08dae Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-4dc2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBBH%2FP%2F7f1kLXdYs0D6VDrfTKyvdJlq7lms5CS%2FUl8Z11BjzJ64XQwJaLBjkmJeiuIoOAKP3VL2c9d1eux4Vwm6yF2ibTXoJFzqfRRPO1gWUF9ae1V98VOb5qtTZQmafE8mVSuYvXZk7Z4mtBWSd5AbWYZ8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d178dcc-MIA alt-svc h3=":443"; ma=86400 content-length 19906 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H3	200	footer-icon-onoff.png gxrw.changeoflead.org/includes/templates/lw_a56/images/	22 KB 23 KB	340ms 338ms	Image image/png	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/footer-icon-onoff.png Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef7e18edb6acca77e6ac3ff6e0f5b468bd69b5ccecb847539627ce36f6d2f76c Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-59f1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWfz%2FIn6AJ4puYH1X4Qqq5JXcDWCAK4N8rJ2M2IWxkH2UwFuapCFT04CbSiQaX0%2Fa3cQ6bO%2B0k1JRgLTS8SFwpwtP5o7mGKxoP9bMVL5BhrxRKq2Upnwf%2Fo76iyBmVeZ0MFK2a0e39tm23VmkjHevWC06GM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d198dcc-MIA alt-svc h3=":443"; ma=86400 content-length 23025 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H3	200	footer-icon-pay.png gxrw.changeoflead.org/includes/templates/lw_a56/images/	20 KB 21 KB	167ms 165ms	Image image/png	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/footer-icon-pay.png Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58e6040a9c2c9ef665fff2c79e4b0ebde3af2ddcc04af1b94cd80e047464c47f Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-50fb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVfdYFATMmVGNdATwOGvwCnL0QNCC1mybPs0re13NDEVkXEVLEb%2FncTZ7C7O6%2FmGSZKNgoSUtMJswrX9gKPfKIb6RAcQXL6mIZ1rvJ1S%2F0wk77S1iPBYoenzD%2BcJUePgoZc%2FBImZ6frHBmIVp1RQl4BWIqU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d1b8dcc-MIA alt-svc h3=":443"; ma=86400 content-length 20731 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H3	200	footer-icon-qna.png gxrw.changeoflead.org/includes/templates/lw_a56/images/	20 KB 21 KB	342ms 339ms	Image image/png	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/footer-icon-qna.png Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b66849e3a8aebe6e23e4f8348f1f77155e6a96bb744b68d88e35ffcd80806a59 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-5025" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjoAOXT6dRs7LMIgPFo1n0KqIhRnG9r6GyBX9TBzUr6Htf2Q4gMs0ZDOlhpQwGkdgUHXbbG5oZLvYzCF3Av6qjDO4yhOJ1sbGz1fUuaqv5qn6g%2BUIhsYGqz7ZQNwZbUXCfqLZSDUklBIHSrhMvKoG3clJOs%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d1d8dcc-MIA alt-svc h3=":443"; ma=86400 content-length 20517 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H3	200	footer-icon-userinfo.png gxrw.changeoflead.org/includes/templates/lw_a56/images/	20 KB 21 KB	343ms 340ms	Image image/png	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/footer-icon-userinfo.png Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 187fcf1d9346330a0b57ddc24ec15a8982a4bebbfa1d51de001d8eea7029314e Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-50f9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obfE5mXKa26%2BqSgteoY8STOPF3CQN6vS22Z6Pos5lA5%2B0IgM%2BiFoFBp1bRqPAj9dgFh98zlYWcVoWpOzhod86cyHLWkGFcxCjTaRdzgrdnznRjUBlqgKa3OjDxX7wepa4L%2F7AaAUGkN7J%2F64xSvOTFD05B0%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d1e8dcc-MIA alt-svc h3=":443"; ma=86400 content-length 20729 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H3	200	email-decode.min.js Show response gxrw.changeoflead.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	36ms 35ms	Script application/javascript	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gxrw.changeoflead.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 27 Dec 2023 10:36:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"658bfe17-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjKmIQM9Ffb%2FCsBSjkxL43Etsa8OZTCrPMqbxOfFiQ91fgXG9ZMljtR4EEGtMeXrZsXQiuun8TJkC0HUV0T%2BeTBA1ADH9f6x6bCw3eBGj79fZhmS8TxBtOD%2BBkBun6ya7SLGkoJnNialB8tcQktnSvuuA04%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 843f1fc39d018dcc-MIA expires Sat, 13 Jan 2024 18:11:45 GMT
GET H3	200	bg_warranty.jpg gxrw.changeoflead.org/includes/templates/lw_a56/images/	19 KB 20 KB	87ms 85ms	Image image/jpeg	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/bg_warranty.jpg Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/includes/templates/lw_a56/css/stylesheet_tm.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5cc8d55effbe5cc67b5e89d8265126c8f0968b68ecc95a24673be55543ffd01 Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/includes/templates/lw_a56/css/stylesheet_tm.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-4d99" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6%2BXAAMmM8hxT7b6DKSmEnrtETKlZuhGHQi8OW0oAAFVMFMgV0TW1QwTihKwdpn7xt6sSc1WRoMoGs2qyyqC51lydHimO21V7ISxIgAO8rqIHKGcwehU1AczTovgNw%2FwGDb7ompOIGqeGvZlr%2BS4lAcCxLw%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d208dcc-MIA alt-svc h3=":443"; ma=86400 content-length 19865 expires Sat, 10 Feb 2024 18:11:45 GMT
GET H3	200	cat.png gxrw.changeoflead.org/includes/templates/lw_a56/images/	243 B 729 B	130ms 130ms	Image image/png	2606:4700:3037::ac43:cea9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gxrw.changeoflead.org/includes/templates/lw_a56/images/cat.png Requested by Host: gxrw.changeoflead.org URL: https://gxrw.changeoflead.org/includes/templates/lw_a56/css/style_categories.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:cea9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb1cd9170301564e159952dfe4034e32af11db78c0685a3783ad5d896bc41bca Request headers accept-language en-US,en;q=0.9 Referer https://gxrw.changeoflead.org/includes/templates/lw_a56/css/style_categories.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 18:11:45 GMT cf-cache-status MISS last-modified Mon, 17 Jul 2023 07:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64b4f10b-f3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8W%2FvlTocnKSodzPMaFYbLBCkHTuL3h0HJamX6rhV%2BYqNyXYf4eR6J2JuPVx1U333tRV5%2BAcyHuys6coF2wxkhA9VxAPhehTbK7L%2F%2FHGHxS2%2BsR0qvtuKrgHCqjqbpg3M1mGrnCeKGm5DUQ5m3ssC1KcSic%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 843f1fc39d228dcc-MIA alt-svc h3=":443"; ma=86400 content-length 243 expires Sat, 10 Feb 2024 18:11:45 GMT

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.gxrw.changeoflead.org/	1969-12-31 23:59:59	Name: zenid Value: o3nav85agtr2la8106ud34s3m0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1d7kfcb5oumx0.cloudfront.net
gxrw.changeoflead.org
2606:4700:3037::ac43:cea9
52.222.153.141
00658e664bcd5470221f5b763e0d5b21f1c1cb83851e78320fd17531c36681f6
0362db86a76badda7ca8dec6954d760c2bfe7b5c3e438682ff3213926d5a5c08
0986fc607c3f0eda74239d9c50b6dc97dccbab797e8f4980d829281477896441
1083e16c5267f9049df7797991833c1244e14b54fd50d6c86b7c8773aee22e6c
187fcf1d9346330a0b57ddc24ec15a8982a4bebbfa1d51de001d8eea7029314e
1db1bc812be2308f316cd8566cd4c8d7a8d2441ac91f48027f108aa6b2d2558f
1f037578bb2a8f3560ca55f37a391e0b3c612ad06e878b31901e67f8775eed2e
20bb345708fe919a6a6046d8962733e43ae2e1872386818f872ede0aaa812cca
22a97a60e7e06647d9b19f049cdea5b7c114a78987b8ac484f501aafabfc5f4e
2315485a83d1c9970ec00f836771e897295872a66d7f6baffc72b701750cc315
253b6d4a3324125857dcd1511dbe287c8a6739fe60fea9481fcf18032b00a1be
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ef0b2a5cd0d42d966d3349c2967c6c1995d55da4faf0861c88aed0fd3e088ad
35a8f01bc67efdfdd94eb022540f18dcd06757ca24199e9cc15d441ee9dc43de
35d5f96c4a62f60647b8768dc77f58c22509066451cf10ff9bd43fd4a05488cc
3616bc7d39ef97ce96d225530cc04796a283dabf239d3be97a21437f120832b9
3ea4b70d30c88c0de3ce8fadac30b76501abd3feb753e95d0c92ce44f915bdc0
4a2e19c522d740d3e6a49131006499bd4c324660e99e88ce66f4fbba0f34344e
58e6040a9c2c9ef665fff2c79e4b0ebde3af2ddcc04af1b94cd80e047464c47f
59f4c9eddaa6ed77c9322f367fbadfffcd3140c8c38c1ff555f17938c5426af6
64cdf8de2c20a9f30eedda2632b8bf12114f294548e0bbab2ff4e0b2a8bbb2be
69d28bc47bbc5f2f9e55ef5e80ce1122a5bf6c6559783ec134bcfff5d94aac4a
6bab5af16ba41de882279013fd76a3abc11b711beec0b8e4b5ed42449d1d3a07
6e51c4e8e1fc58ccc3e5d7706553ccf4f2b38dc888d0ec0305e6fd4d3de2a0db
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cdf431a09b8561a43190a1a3dae1b6eb91aded7867872e52d12b94a66ad2ac3
8033aa647ee3eb8bda15a5ca0cdf20bff712ef8a58543bb26fe0b19e71bd8aa0
80f3ee0433a9a5bdbcca4780255e36dec7456f488e107e2768ad4604c26d70b8
81ee56e2de839432c2d91faded3d4d0bb1cbf22edb8064f1c138e90108f08dae
8af22955145f1faff669fe08ba7d7bcc3d7770468671abd25f68c6d6e1fc9a31
8e00ac5dc73fc41d934026f7dea7fb53bec68675c1c9a6fab14d9e29a9558475
92d6e13952f9db0ee497a6bf09281f83c2f197c746bcc3d29a3d86bd31bc5254
9432c08588c922de75b972b101e2c8052cf8ea4889b615c5c76b697b47c59550
a6a3646cf8bd3bbacae24c354be37350ca7cdb8ace565c9412015aa7a6a0c733
a842864423021468f98b29466fd4a7847a291a7441ac21ab073e6c4239d71dfd
b66849e3a8aebe6e23e4f8348f1f77155e6a96bb744b68d88e35ffcd80806a59
c5f8f18eb361bb14dc73f83dd42781193111630e0946fab88b68f14038668bf8
ca9c34812f42e02d65fb7f7a6a139d42bd41c6fd9ab9e1f0db04cf97900817bb
d225268a5c9e06ffc8d792efb59d03f8e37e4b95115b3f61a252c6a0a0dce0cb
d5c74aed62409ad640ab769043a57ae5a91ec6befec377fa025ae08ee5e9a809
daa56b8b2ab19b74de5a64643652a3bbfa6ba6ff130719e42c0f62ab1bd12d16
e5a91abf348d298145f1f237505150cc1f60673b0a21b459cdf4029ba188bcd4
e5cc8d55effbe5cc67b5e89d8265126c8f0968b68ecc95a24673be55543ffd01
e7b28b870c7d2d9e8a1e61d2820784fe80ecb6fa8c9d929354b3765ddbd3a769
eb1cd9170301564e159952dfe4034e32af11db78c0685a3783ad5d896bc41bca
eb9a0139afb41bc80e768ff61a5a3bf3956da00bea0bb6fe6fcde50589b79065
eda0212de9ffc0cbb0d265c9622e6f8e133a627a26015f58a2bd456cb673efaa
ef7e18edb6acca77e6ac3ff6e0f5b468bd69b5ccecb847539627ce36f6d2f76c
f51e19d7544b22fd20ac3d3a716a9a57b3bdf00230a99999a54a151a0c6dd4a8