urlscan.io logo urlscan.io
SecurityTrails logo

www.change.org Open in urlscan Pro
104.17.89.51  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.change.org/p/ookyo-kekal-ookyo
Submission: On November 28 via manual from MY
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 12 domains to perform 45 HTTP transactions. The main IP is 104.17.89.51, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.change.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on July 31st 2019. Valid for: a year.
This is the only time www.change.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 104.17.89.51 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.207.34 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 52.87.72.111 14618 (AMAZON-AES)
2 52.206.176.177 14618 (AMAZON-AES)
45 16
21    104.17.89.51 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.change.org
static.change.org
assets-fe.change.org
assets.change.org
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a02:26f0:6c00:181::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
cdn.optimizely.com
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net
www.googleadservices.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
1    2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
5    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
apis.google.com
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81c::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
accounts.google.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    52.87.72.111 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-87-72-111.compute-1.amazonaws.com
api.airbrake.io
2    52.206.176.177 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-206-176-177.compute-1.amazonaws.com
errors.client.optimizely.com
Domain Requested by
11 www.change.org assets-fe.change.org
6 assets-fe.change.org www.change.org
assets-fe.change.org
4 connect.facebook.net www.change.org
assets-fe.change.org
connect.facebook.net
3 www.facebook.com www.change.org
assets-fe.change.org
3 static.change.org www.change.org
2 errors.client.optimizely.com assets-fe.change.org
2 apis.google.com assets-fe.change.org
apis.google.com
2 www.google.de www.change.org
2 www.google.com 1 redirects www.change.org
2 bat.bing.com www.change.org
2 www.google-analytics.com 1 redirects www.change.org
1 api.airbrake.io assets-fe.change.org
1 staticxx.facebook.com connect.facebook.net
1 accounts.google.com apis.google.com
1 stats.g.doubleclick.net 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com www.change.org
1 assets.change.org www.change.org
1 cdn.optimizely.com www.change.org
45 20

This site contains no links.

Subject Issuer Validity Valid
change.org
CloudFlare Inc ECC CA-2		 2019-07-31 -
2020-07-30		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
cdn.optimizely.com
DigiCert ECC Secure Server CA		 2018-11-24 -
2020-02-23		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-11-06 -
2020-02-04		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
accounts.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.airbrake.io
SSL.com DV CA		 2018-10-16 -
2020-11-27		 2 years crt.sh
errors.client.optimizely.com
DigiCert SHA2 High Assurance Server CA		 2018-09-24 -
2020-09-28		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://www.change.org/p/ookyo-kekal-ookyo
Frame ID: 7236D6AD99668833EBF5F1DBA9ABCE9E
Requests: 44 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: CA0CB62E25119040BB64BE64DAE7E469
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 36EFE021E806B65D4EA9E80602C33DA7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /react.*\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

45
Requests

100 %
HTTPS

75 %
IPv6

12
Domains

20
Subdomains

16
IPs

5
Countries

2107 kB
Transfer

8097 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=2094199309&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2Fp%2Fookyo-kekal-ookyo&dp=%2Fp%2Fookyo-kekal-ookyo&ul=en-us&de=UTF-8&dt=Petition%20%C2%B7%20KEKAL%20OOKYO%20%C2%B7%20Change.org&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAEABE~&jid=1776411702&gjid=1957409218&cid=2062420365.1574912801&tid=UA-5889778-1&_gid=14811681.1574912801&_r=1&z=1190845768 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=2062420365.1574912801&jid=1776411702&_gid=14811681.1574912801&gjid=1957409218&_v=j79&z=1190845768 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=2062420365.1574912801&jid=1776411702&_v=j79&z=1190845768 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=2062420365.1574912801&jid=1776411702&_v=j79&z=1190845768&slf_rd=1&random=2504225924

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ookyo-kekal-ookyo
www.change.org/p/ 		96 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2bd2bfd484e3cf56ff5f879102fb3297da9aad3f3cf61104aa599d1e3325bb
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://*.pubnub.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://api.stripe.com https://*.pubnub.com https://api.soundcloud.com https://api.airbrake.io https://api.zippopotam.us; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

:method
GET
:authority
www.change.org
:scheme
https
:path
/p/ookyo-kekal-ookyo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Thu, 28 Nov 2019 03:46:40 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dc70f15425b0bec9234528f7bb64c299c1574912799; expires=Sat, 28-Dec-19 03:46:39 GMT; path=/; domain=.change.org; HttpOnly; Secure _change_session=5f6357e6b8fbd51061540086f836a969; Path=/; HttpOnly; Secure tracking_data=%7B%22user_uuid%22%3A%22afaf1ac0-1191-11ea-8df7-5d5a0e2ade87%22%7D; Max-Age=2700; Path=/; Expires=Thu, 28 Nov 2019 04:31:40 GMT; Secure _change_lang=%7B%22locale%22%3A%22de-DE%22%2C%22countryCode%22%3A%22DE%22%7D; Max-Age=86400; Path=/; Expires=Fri, 29 Nov 2019 03:46:40 GMT; Secure __cfruid=5fdf4c4cf6361356b343998e55a83f8c6e3382a9-1574912800; path=/; domain=.change.org; HttpOnly
cache-control
no-cache
cf-railgun
direct (starting new WAN connection)
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://*.pubnub.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://api.stripe.com https://*.pubnub.com https://api.soundcloud.com https://api.airbrake.io https://api.zippopotam.us; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self';
etag
W/"18085-RGNkjDd6CwkpD1oJcWsjpL5FNDE"
x-frame-options
sameorigin
x-request-id
f32369fa-c299-4d80-886a-88cd5ce52c07
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53c95b250b8ac281-FRA
content-encoding
gzip
Change-Calibre-Regular.woff2
static.change.org/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.change.org/fonts/Change-Calibre-Regular.woff2
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org

Response headers

date
Thu, 28 Nov 2019 03:46:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2958
status
200
access-control-max-age
3000
content-type
application/octet-stream
content-length
30956
last-modified
Tue, 19 Apr 2016 05:44:47 GMT
server
cloudflare
etag
"58b40d8b77ba9c43a803a9779a22f8c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
x-amz-version-id
kWNZjdaKXPzoQBC5TZ48DMAGUj.3kpR3
access-control-allow-origin
https://www.change.org
cache-control
public, max-age=1382400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
53c95b2def166479-FRA
expires
Sat, 14 Dec 2019 03:46:40 GMT
Change-Calibre-Bold.woff2
static.change.org/fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.change.org/fonts/Change-Calibre-Bold.woff2
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org

Response headers

date
Thu, 28 Nov 2019 03:46:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
557
status
200
access-control-max-age
3000
content-type
application/octet-stream
content-length
32028
last-modified
Tue, 19 Apr 2016 05:45:19 GMT
server
cloudflare
etag
"682c36331f52784f4ea0b00d69b95d2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
x-amz-version-id
3jrU_Dju8RrOkM9darm4OVCeQ.ZT6UeB
access-control-allow-origin
https://www.change.org
cache-control
public, max-age=1382400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
53c95b2def186479-FRA
expires
Sat, 14 Dec 2019 03:46:40 GMT
rendr-p2FXqd8BSltmM8DOJlL8a3y2zfsq4O5K_CGOYyUZ32s.css.gz
assets-fe.change.org/rendr-fe/css/ 		165 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-fe.change.org/rendr-fe/css/rendr-p2FXqd8BSltmM8DOJlL8a3y2zfsq4O5K_CGOYyUZ32s.css.gz
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a76157a9df014a5b6633c0ce2652fc6b7cb6cdfb2ae0ee4afc218e632519df6b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 03:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1118337
status
200
content-length
50077
last-modified
Wed, 30 Oct 2019 23:21:17 GMT
server
cloudflare
etag
"7906cf5ee311775bb01432035a2d4cb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=1314000
accept-ranges
bytes
cf-ray
53c95b2dcf2bc281-FRA
expires
Fri, 13 Dec 2019 08:46:40 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4383
date
Thu, 28 Nov 2019 02:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 28 Nov 2019 04:33:37 GMT
11391265293.js
cdn.optimizely.com/js/ 		507 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/11391265293.js
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:181::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4b805e63c053fd5a0a50f96fe72a5913e3ac482c4bb8c4efd6edfa40404775f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
qCRLmuaMyKJ23jeaW48icJPAOGgYOtLT
content-encoding
gzip
x-amz-request-id
51E4C2EF49AE8919
status
200
access-control-max-age
86400
date
Thu, 28 Nov 2019 03:46:40 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:181::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
content-length
118257
x-amz-id-2
ITWDbERd58bwjSqdtTEEADMKj8nJq3E58LQxhHW+h0/MmEln+TFPWmJddgBsDb+8Bq6vyjfI2FI=
last-modified
Wed, 27 Nov 2019 19:34:03 GMT
server
AmazonS3
etag
"4818d76f164906cdf17e638571d48ea9"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
18703
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
WdNtsLfAOgCeuDr-800x450-noPad.jpg
assets.change.org/photos/7/nt/sl/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/7/nt/sl/WdNtsLfAOgCeuDr-800x450-noPad.jpg?1574312770
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
03988547a9612405405531d0f5ba8f7a7ab25b5a3f9e32ed761a511611a2b9e3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 03:46:42 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
cf-polished
origSize=12306, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
11732
last-modified
Thu, 21 Nov 2019 05:06:11 GMT
server
cloudflare
etag
"5a8d00cee167116ddd7747382de63910"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
53c95b2dcf30c281-FRA
expires
Thu, 05 Dec 2019 03:46:42 GMT
default-user-profile.svg
static.change.org/profile-img/ 		1 KB
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.change.org/profile-img/default-user-profile.svg
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 03:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1335
cf-ray
53c95b2dcf2cc281-FRA
status
200
last-modified
Mon, 30 Oct 2017 22:37:42 GMT
server
cloudflare
etag
W/"f298390723ddb7e909a52d9a735afe3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
bDeVBE9W0tDnzU2_EA.MV2TSJLs8TNcI
cache-control
public, max-age=1382400
content-type
image/svg+xml
expires
Sat, 14 Dec 2019 03:46:40 GMT
fontFaceObserver-5832a6c8b33e4b9471e2.js.gz
assets-fe.change.org/react-fe/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-fe.change.org/react-fe/fontFaceObserver-5832a6c8b33e4b9471e2.js.gz
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c6e8649522f71a881bcdf223fa88f2c0d21b1452092e87ef7a6ae7c0bcbc937
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org

Response headers

date
Thu, 28 Nov 2019 03:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
40388
status
200
access-control-max-age
3000
content-length
2607
last-modified
Wed, 27 Nov 2019 15:42:44 GMT
server
cloudflare
etag
"ed17bac2d8654af2200a1ca71319af03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1314000
accept-ranges
bytes
cf-ray
53c95b2debf3d6b5-FRA
expires
Fri, 13 Dec 2019 08:46:40 GMT
gtm.js
www.googletagmanager.com/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NMT3DV
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
330541cf2dcd59d7201fcc826d6a12824022ffdedc6f85f43d998a13e54f3df3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 03:46:40 GMT
content-encoding
br
last-modified
Thu, 28 Nov 2019 03:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
31359
x-xss-protection
0
expires
Thu, 28 Nov 2019 03:46:40 GMT
petitionsEntry-6276d737f4d03b65044e.js.gz
assets-fe.change.org/react-fe/ 		1 MB
371 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
06aff43d1a170868f8af04a27522da53d4c0ac575d014c5a909f1a555d6aed85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org

Response headers

date
Thu, 28 Nov 2019 03:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5647
status
200
access-control-max-age
3000
content-length
379162
last-modified
Thu, 28 Nov 2019 00:38:02 GMT
server
cloudflare
etag
"d0fb361c1a4cdc36a584e15ed72bfe57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1314000
accept-ranges
bytes
cf-ray
53c95b2debf7d6b5-FRA
expires
Fri, 13 Dec 2019 08:46:40 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMT3DV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 03:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9614
x-xss-protection
0
server
cafe
etag
5296095546589048175
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 28 Nov 2019 03:46:40 GMT
bat.js
bat.bing.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 03:46:40 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref
Ref A: 1D954EAB739F47A3867A7A23406D758E Ref B: VIEEDGE0415 Ref C: 2019-11-28T03:46:40Z
access-control-allow-origin
*
etag
"09c5197968d51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7148
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.change.org

Response headers

Content-Type
application/x-font-woff;charset=utf-8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/?random=1574912801006&cv=9&fst=1574912801006&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.change.org%2Fp%2Fookyo-kekal-ookyo&tiba=Petition%20%C2%B7%20KEKAL%20OOKYO%20%C2%B7%20Change.org&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0e62f5b8f18c87df524cba3a7b8b46aebc20df414025d64882116f5ce44b09e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Nov 2019 03:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
954
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5321513&Ver=2&mid=26a2eaef-1c11-2875-3e8b-6bfccb6c3675&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Petition%20%C2%B7%20KEKAL%20OOKYO%20%C2%B7%20Change.org&p=https%3A%2F%2Fwww.change.org%2Fp%2Fookyo-kekal-ookyo&r=&evt=pageLoad&msclkid=N&rn=779073
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 28 Nov 2019 03:46:40 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 3CEB82BA94684689BF3C6A5D01BFC5DE Ref B: VIEEDGE0415 Ref C: 2019-11-28T03:46:41Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
6c56df936f7959dae96b118a6ac8b1f3_a1e2e60d673353a7f8e020478376647cbb4bcfd0
www.change.org/api-proxy/-/translations/de-DE/ 		375 KB
108 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/translations/de-DE/6c56df936f7959dae96b118a6ac8b1f3_a1e2e60d673353a7f8e020478376647cbb4bcfd0
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e420f9e18e9ad211500d00e1af4ed9f37051edac379cb005bf24fb054c03080
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 03:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
10257
etag
W/"5da21-kY9vLP9iLWF5pX8Bo44BZiapm/Q"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
status
200
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
53c95b2f59c3c281-FRA
x-request-id
0ee08a7b-8907-4a5f-9fca-1134d3910b82
/
www.google.com/pagead/1p-user-list/991363857/ 		42 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/991363857/?random=1574912801006&cv=9&fst=1574910000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fwww.change.org%2Fp%2Fookyo-kekal-ookyo&tiba=Petition%20%C2%B7%20KEKAL%20OOKYO%20%C2%B7%20Change.org&async=1&fmt=3&is_vtc=1&random=80937303&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Nov 2019 03:46:41 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/991363857/ 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/991363857/?random=1574912801006&cv=9&fst=1574910000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fwww.change.org%2Fp%2Fookyo-kekal-ookyo&tiba=Petition%20%C2%B7%20KEKAL%20OOKYO%20%C2%B7%20Change.org&async=1&fmt=3&is_vtc=1&random=80937303&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Nov 2019 03:46:41 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		121 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
26702
x-xss-protection
0
pragma
public
x-fb-debug
vJWIJi8K1AKrKKMKChHFQsnC6L4HG/PyftYO45FwI9OYNsDijbbGPy79znT9X/dReDtkr+oc0v+N3Q6IsCeYHw==
x-fb-trip-id
420120009
date
Thu, 28 Nov 2019 03:46:41 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/de_DE/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/sdk.js
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
85c8bde9804b2ebecf758e2089d9ce56d52889943ae801b465467b4cf5d074df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
sz0ua2Ad6LdVTLjo4VZJZA==
status
200
date
Thu, 28 Nov 2019 03:46:41 GMT
expires
Thu, 28 Nov 2019 03:48:59 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
1780
x-fb-debug
yqVJJQyqHg7daK85QQN2kqjZN7K5I5g0dAOrWd/cPWSxfUV6c4Q1fjUq8WkURugafirIxODmdTpZ+uZbeNa4OQ==
x-fb-trip-id
420120009
x-fb-content-md5
9776ca092cf86c5ca31361e1323a52c9
etag
"a24a53df35a7503c249300de8854e3ae"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
platform.js
apis.google.com/js/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3752aa6373c6cffb52d27da513bdd2f0b543bbe61b3ae7d56fd0c27c74367fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 03:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-lkuqdhv/kAnRFnSkdiSNNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"81efe93b9bed00d1a4c29abf7e8b0375"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Thu, 28 Nov 2019 03:46:41 GMT
graphql
www.change.org/api-proxy/ 		0
210 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/graphql
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept
*/*
Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org
X-CSRF-Token
bd2337f1bfe411c84f5731715d3a6aad
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

cf-railgun
2a331594fb stream 0.000000 0032 0dda
date
Thu, 28 Nov 2019 03:46:41 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
text/html; charset=utf-8
status
403
cache-control
private, max-age=0, no-cache
cf-ray
53c95b2feb4fc281-FRA
content-length
0
x-request-id
3ae0faf2-635d-45c9-aff1-7615978e7bd5
event_tracker
www.change.org/api-proxy/-/ 		0
150 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/event_tracker?_csrf=bd2337f1bfe411c84f5731715d3a6aad
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 28 Nov 2019 03:46:41 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun
b2ffc05da7 stream 0.000000 0032 0dda
content-type
text/html; charset=utf-8
status
403
cache-control
private, max-age=0, no-cache
cf-ray
53c95b309cdac281-FRA
vary
Accept
content-length
0
x-request-id
cac29810-deeb-431f-81d2-3d9c046a1bf3
updatesAndCommentsChunk-cd0abb85f4d4089a22b2.js
assets-fe.change.org/react-fe/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-fe.change.org/react-fe/updatesAndCommentsChunk-cd0abb85f4d4089a22b2.js
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ef69b2f3b917d9643bbdd39bdb4ab7e77fe82e60874d1835d91f7bdfd0bcb55
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org

Response headers

date
Thu, 28 Nov 2019 03:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
40383
status
200
access-control-max-age
3000
last-modified
Wed, 27 Nov 2019 15:39:36 GMT
server
cloudflare
etag
W/"3db392f5a0769d8dde6fb3436be46f6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1314000
cf-ray
53c95b309866d6b5-FRA
expires
Fri, 13 Dec 2019 08:46:41 GMT
changeAssets-a96828a5b6f583e57b2d.js.gz
assets-fe.change.org/react-fe/ 		4 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets-fe.change.org/react-fe/changeAssets-a96828a5b6f583e57b2d.js.gz
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3310d474d5fa8a921e7e34207e7f0d6106faddb4de906dc515efaac78d359088
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org

Response headers

date
Thu, 28 Nov 2019 03:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
10255
status
200
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-length
1065540
last-modified
Thu, 28 Nov 2019 00:31:46 GMT
server
cloudflare
etag
"8d8fbb0864ab8489ba92b6a8acdb0376"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1314000
accept-ranges
bytes
cf-ray
53c95b309869d6b5-FRA
expires
Fri, 13 Dec 2019 08:46:41 GMT
event_tracker
www.change.org/api-proxy/-/ 		0
157 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/event_tracker?_csrf=bd2337f1bfe411c84f5731715d3a6aad
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 28 Nov 2019 03:46:41 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun
889c551e5a stream 0.000000 0032 0dda
content-type
text/html; charset=utf-8
status
403
cache-control
private, max-age=0, no-cache
cf-ray
53c95b30bd15c281-FRA
vary
Accept
content-length
0
x-request-id
519f733f-c21b-449e-8cad-89a9e73dcfba
suggestedPetitionsChunk-666bbb69959b10a9209c.js
assets-fe.change.org/react-fe/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-fe.change.org/react-fe/suggestedPetitionsChunk-666bbb69959b10a9209c.js
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e157eb5e0608243fad6a563337d5b2cf6264946bae260a730f5bbd1652da45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org

Response headers

date
Thu, 28 Nov 2019 03:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
40382
status
200
access-control-max-age
3000
last-modified
Wed, 27 Nov 2019 15:39:36 GMT
server
cloudflare
etag
W/"4dee548704695847463f5aebb503bc65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1314000
cf-ray
53c95b30b896d6b5-FRA
expires
Fri, 13 Dec 2019 08:46:41 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=2094199309&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2Fp%2Fookyo-kekal-ookyo&dp=%2Fp%2Fookyo-kekal-ookyo&ul=en-us&de=UTF-8&dt=Pet...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=2062420365.1574912801&jid=1776411702&_gid=14811681.1574912801&gjid=1957409218&_v=j79&z=1190845768
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=2062420365.1574912801&jid=1776411702&_v=j79&z=1190845768
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=2062420365.1574912801&jid=1776411702&_v=j79&z=1190845768&slf_rd=1&random=2504225924
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=2062420365.1574912801&jid=1776411702&_v=j79&z=1190845768&slf_rd=1&random=2504225924
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Nov 2019 03:46:41 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Nov 2019 03:46:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=2062420365.1574912801&jid=1776411702&_v=j79&z=1190845768&slf_rd=1&random=2504225924
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event_tracker
www.change.org/api-proxy/-/ 		0
149 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/event_tracker?_csrf=bd2337f1bfe411c84f5731715d3a6aad
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 28 Nov 2019 03:46:41 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun
b4c7fc1967 stream 0.000000 0032 0dda
content-type
text/html; charset=utf-8
status
403
cache-control
private, max-age=0, no-cache
cf-ray
53c95b316edfc281-FRA
vary
Accept
content-length
0
x-request-id
40335ce9-2374-472a-a544-893ce97aa3bc
event_tracker
www.change.org/api-proxy/-/ 		0
253 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/event_tracker?_csrf=bd2337f1bfe411c84f5731715d3a6aad
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 28 Nov 2019 03:46:41 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun
7b649fb997 stream 0.000000 0032 0dda
content-type
text/html; charset=utf-8
status
403
cache-control
private, max-age=0, no-cache
cf-ray
53c95b317eebc281-FRA
vary
Accept
content-length
0
x-request-id
d24e1143-fe01-4786-9451-1754a7bff605
event_tracker
www.change.org/api-proxy/-/ 		0
150 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/event_tracker?_csrf=bd2337f1bfe411c84f5731715d3a6aad
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 28 Nov 2019 03:46:41 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun
88228fbedd stream 0.000000 0032 0dda
content-type
text/html; charset=utf-8
status
403
cache-control
private, max-age=0, no-cache
cf-ray
53c95b318f21c281-FRA
vary
Accept
content-length
0
x-request-id
9120f1ad-6f2a-45c4-b018-6d062350b9db
1081902691834097
connect.facebook.net/signals/config/ 		349 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1081902691834097?v=2.9.14&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
ce31cfe7a309710e17072f5df482b329c6e427ccceaf825c041ebe765045f096
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
86935
x-xss-protection
0
pragma
public
x-fb-debug
hYI3N2+zEXcAAc1Uz/bj2t6gLvFzjnZU2xJalhBMYktLWoQwZjeUBsfGDRMCvyNYih4KuJHNp4VzfregUjFTfA==
x-fb-trip-id
420120009
date
Thu, 28 Nov 2019 03:46:41 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/de_DE/ 		194 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/sdk.js?hash=15e798b332fff536fd11cf0c6c57f0af&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a2f10e9210e6f31964918e7d8009953795b356679e0ee1d251ed223ff76d01cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
YprTyU0QniBj6lhRYcTeMQ==
status
200
date
Thu, 28 Nov 2019 03:46:41 GMT
expires
Fri, 27 Nov 2020 02:55:23 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
59487
x-fb-debug
8fvC7u4pcsijYqZ3GK1u2jULihy4NcJk7OONo3Agkgud/X+vifTciGnIDvixoCXAMKNayyW3UUp/SMErgiXQ1g==
x-fb-trip-id
420120009
x-fb-content-md5
71e34afa0c680c1bab2515205f5a9ae7
etag
"b8ce4507d388a8a473897205df1ec96b"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/ 		106 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b7680cf0ac6893bfa22d7071d991bfb13de32d28e5ffa2185dc0d5cea3ff731a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 17:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Nov 2019 22:37:32 GMT
server
sffe
age
557013
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
36990
x-xss-protection
0
expires
Fri, 20 Nov 2020 17:03:08 GMT
graphql
www.change.org/api-proxy/ 		0
149 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/graphql
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept
*/*
Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org
X-CSRF-Token
bd2337f1bfe411c84f5731715d3a6aad
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

cf-railgun
d776a559aa stream 0.000000 0032 0dda
date
Thu, 28 Nov 2019 03:46:41 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
text/html; charset=utf-8
status
403
cache-control
private, max-age=0, no-cache
cf-ray
53c95b31dff5c281-FRA
content-length
0
x-request-id
617367a3-40d5-4bc7-950f-0149853a543e
graphql
www.change.org/api-proxy/ 		0
150 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/graphql
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept
*/*
Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org
X-CSRF-Token
bd2337f1bfe411c84f5731715d3a6aad
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

cf-railgun
8fc10b5d6e stream 0.000000 0032 0dda
date
Thu, 28 Nov 2019 03:46:41 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
text/html; charset=utf-8
status
403
cache-control
private, max-age=0, no-cache
cf-ray
53c95b31d800c281-FRA
content-length
0
x-request-id
09a1f170-b397-4b95-b439-df04529895da
graphql
www.change.org/api-proxy/ 		0
94 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/graphql
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept
*/*
Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org
X-CSRF-Token
bd2337f1bfe411c84f5731715d3a6aad
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

cf-railgun
d992132cc5 stream 0.000000 0032 0dda
date
Thu, 28 Nov 2019 03:46:41 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
text/html; charset=utf-8
status
403
cache-control
private, max-age=0, no-cache
cf-ray
53c95b31f83dc281-FRA
content-length
0
x-request-id
136ac4cf-006e-4ffa-bbec-880eb45a295a
iframe
accounts.google.com/o/oauth2/ Frame CA0C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mGTjVNjAMykkcUb4bCmowA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.change.org/p/ookyo-kekal-ookyo
accept-encoding
gzip, deflate, br
cookie
NID=192=2UhVw5NuDtvUn0xcybmwuQMUg2hUVnf2CyKtLHuPhGNjBMmDpOtgCdBCIKJCgq2mIMcuxuNNSlJnAW-gTgtbCo94Lzkno0lrHFF5r-IoJUexjfKBeoFWmg-Hq9n7YWpI0KCaL1MnZ84jDP3JZVQ-vyU9k-f6FqZt6ZrQwk9Saj0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/p/ookyo-kekal-ookyo

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 28 Nov 2019 03:46:41 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-mGTjVNjAMykkcUb4bCmowA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
/
www.facebook.com/tr/ 		44 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1081902691834097&ev=PageView&dl=https%3A%2F%2Fwww.change.org%2Fp%2Fookyo-kekal-ookyo&rl=&if=false&ts=1574912801659&sw=1600&sh=1200&v=2.9.14&r=stable&ec=0&o=30&fbp=fb.1.1574912801658.1512086193&it=1574912801547&coo=false&rqm=GET
Requested by
Host: www.change.org
URL: https://www.change.org/p/ookyo-kekal-ookyo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 03:46:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Thu, 28 Nov 2019 03:46:41 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 36EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=15e798b332fff536fd11cf0c6c57f0af&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.change.org/p/ookyo-kekal-ookyo
accept-encoding
gzip, deflate, br
cookie
fr=0il0wgdUFUWeibeqH..Bd30Mh...1.0.Bd30Mh.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/p/ookyo-kekal-ookyo

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 21 Nov 2020 20:27:41 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
gzip
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
/POC47GoEc2MW0QoEEsv74gNnSgwCc5z3AZnNhd0KxWspcyi1N3hUEPlW1s3ol/bhCNVBlr0TS3vexpYaBhDvQ==
content-length
12397
x-fb-trip-id
420120009
date
Thu, 28 Nov 2019 03:46:41 GMT
alt-svc
h3-23=":443"; ma=3600
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=48409868550&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.change.org%2Fp%2Fookyo-kekal-ookyo&sdk=joey&wants_cookie_data=true
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/
Origin
https://www.change.org

Response headers

pragma
no-cache
x-fb-debug
ez7XzeDX/Wy+w5/+noj+yfHLVhxAFehoPnex7/dljPmRTVWu3YKz+qDuJhkqFr6w5jV+3yj2bS6N6gUQPnywwg==
fb-s
unknown
status
200
date
Thu, 28 Nov 2019 03:46:41 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.change.org
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-23=":443"; ma=3600
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
notices
api.airbrake.io/api/v3/projects/122982/ 		127 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.airbrake.io/api/v3/projects/122982/notices?key=0edd1674a5f155bc96b838349887b26d
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.87.72.111 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-87-72-111.compute-1.amazonaws.com
Software
/
Resource Hash
44c3afc0397923a91f1099113793a3584db6a10af14562ada313afdf98a70ae1

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 28 Nov 2019 03:46:42 GMT
content-encoding
gzip
status
201
vary
Accept-Encoding
access-control-allow-methods
OPTIONS,GET,PUT,POST
content-type
application/json
access-control-allow-origin
*
x-ratelimit-remaining
9999
x-ratelimit-delay
18
x-ratelimit-limit
10000
access-control-allow-headers
Accept,Origin,Content-Type,X-Requested-With
access-control-expose-headers
X-RateLimit-Delay
log
errors.client.optimizely.com/ 		13 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.176.177 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-206-176-177.compute-1.amazonaws.com
Software
/
Resource Hash
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method
POST
Origin
https://www.change.org
Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Thu, 28 Nov 2019 03:46:42 GMT
Allow
POST,OPTIONS
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.change.org
Access-Control-Max-Age
1800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin
Content-Length
13
log
errors.client.optimizely.com/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.176.177 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-206-176-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
Origin
https://www.change.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://www.change.org
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Thu, 28 Nov 2019 03:46:42 GMT
Content-Type
text/plain
/
www.facebook.com/tr/ 		44 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1081902691834097&ev=Microdata&dl=https%3A%2F%2Fwww.change.org%2Fp%2Fookyo-kekal-ookyo&rl=&if=false&ts=1574912803162&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Petition%20%C2%B7%20KEKAL%20OOKYO%20%C2%B7%20Change.org%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.14&r=stable&ec=1&o=30&fbp=fb.1.1574912801658.1512086193&it=1574912801547&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.change.org/p/ookyo-kekal-ookyo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 03:46:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Thu, 28 Nov 2019 03:46:43 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| changeTargetingData object| dataLayer object| google_tag_data function| ga object| gaplugins function| postscribe object| google_tag_manager object| uetq undefined| _ function| FontFaceObserver function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime object| scCGSHMRCache object| airbrake object| __APOLLO_CLIENT__ object| recaptchaOptions function| trackEvent object| optimizely function| setOverrideVariation function| _sov function| FuzzySet function| fbq function| _fbq object| gaGlobal object| gaData function| fbAsyncInit object| __consolidated_events_handlers__ object| FB object| gapi object| ___jsl object| gadgets object| osapi object| oauth2

10 Cookies

Domain/Path Name / Value
.facebook.com/ Name: fr
Value: 0il0wgdUFUWeibeqH..Bd30Mh...1.0.Bd30Mh.
www.change.org/ Name: _change_session
Value: de5b98db93f1211b4d5a315b4c4d43bd
.google.com/ Name: NID
Value: 192=2UhVw5NuDtvUn0xcybmwuQMUg2hUVnf2CyKtLHuPhGNjBMmDpOtgCdBCIKJCgq2mIMcuxuNNSlJnAW-gTgtbCo94Lzkno0lrHFF5r-IoJUexjfKBeoFWmg-Hq9n7YWpI0KCaL1MnZ84jDP3JZVQ-vyU9k-f6FqZt6ZrQwk9Saj0
.change.org/ Name: _fbp
Value: fb.1.1574912801658.1512086193
.www.change.org/ Name: G_ENABLED_IDPS
Value: google
.change.org/ Name: _gat
Value: 1
.change.org/ Name: _gid
Value: GA1.2.14811681.1574912801
.change.org/ Name: _ga
Value: GA1.2.2062420365.1574912801
.change.org/ Name: __cfruid
Value: 4fc6f703ca47fdcb4491adba493e023b83026e9c-1574912801
.change.org/ Name: __cfduid
Value: d5c30b994061a689b9d49a3a35fb859a71574912801

1 Console Messages

Source Level URL
Text
console-api error URL: https://assets-fe.change.org/react-fe/petitionsEntry-6276d737f4d03b65044e.js.gz(Line 255)
Message:
TypeError: Cannot read property 'petitionById' of undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://*.pubnub.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://api.stripe.com https://*.pubnub.com https://api.soundcloud.com https://api.airbrake.io https://api.zippopotam.us; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.airbrake.io
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.optimizely.com
connect.facebook.net
errors.client.optimizely.com
googleads.g.doubleclick.net
static.change.org
staticxx.facebook.com
stats.g.doubleclick.net
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.17.89.51
216.58.207.34
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:800::200e
2a00:1450:4001:808::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::200d
2a00:1450:4001:821::2008
2a00:1450:400c:c08::9d
2a02:26f0:6c00:181::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.206.176.177
52.87.72.111
03988547a9612405405531d0f5ba8f7a7ab25b5a3f9e32ed761a511611a2b9e3
06aff43d1a170868f8af04a27522da53d4c0ac575d014c5a909f1a555d6aed85
0e62f5b8f18c87df524cba3a7b8b46aebc20df414025d64882116f5ce44b09e6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
2c6e8649522f71a881bcdf223fa88f2c0d21b1452092e87ef7a6ae7c0bcbc937
2ef69b2f3b917d9643bbdd39bdb4ab7e77fe82e60874d1835d91f7bdfd0bcb55
330541cf2dcd59d7201fcc826d6a12824022ffdedc6f85f43d998a13e54f3df3
3310d474d5fa8a921e7e34207e7f0d6106faddb4de906dc515efaac78d359088
3752aa6373c6cffb52d27da513bdd2f0b543bbe61b3ae7d56fd0c27c74367fd2
44c3afc0397923a91f1099113793a3584db6a10af14562ada313afdf98a70ae1
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1
85c8bde9804b2ebecf758e2089d9ce56d52889943ae801b465467b4cf5d074df
8e420f9e18e9ad211500d00e1af4ed9f37051edac379cb005bf24fb054c03080
97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa
a2f10e9210e6f31964918e7d8009953795b356679e0ee1d251ed223ff76d01cc
a76157a9df014a5b6633c0ce2652fc6b7cb6cdfb2ae0ee4afc218e632519df6b
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b7680cf0ac6893bfa22d7071d991bfb13de32d28e5ffa2185dc0d5cea3ff731a
ce31cfe7a309710e17072f5df482b329c6e427ccceaf825c041ebe765045f096
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b805e63c053fd5a0a50f96fe72a5913e3ac482c4bb8c4efd6edfa40404775f
eb2bd2bfd484e3cf56ff5f879102fb3297da9aad3f3cf61104aa599d1e3325bb
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e157eb5e0608243fad6a563337d5b2cf6264946bae260a730f5bbd1652da45