urlscan.io logo urlscan.io
SecurityTrails logo

www.change.org Open in urlscan Pro
104.16.4.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://chng.it/
Effective URL: https://www.change.org/
Submission: On May 14 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 18 domains to perform 77 HTTP transactions. The main IP is 104.16.4.13, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.change.org.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on June 9th 2016. Valid for: 3 years.
This is the only time www.change.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.218.245.91 16509 (AMAZON-02)
33 104.16.4.13 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 104.16.5.13 13335 (CLOUDFLAR...)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 52.216.168.165 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:234... 15133 (EDGECAST)
1 172.217.18.98 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
5 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 5 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 54.172.174.181 14618 (AMAZON-AES)
77 22
1    52.218.245.91 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-website-us-west-2.amazonaws.com
chng.it
33    104.16.4.13 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.change.org
assets-fe.change.org
assets.change.org
static.change.org
1    2a02:26f0:6c00:181::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
cdn.optimizely.com
3    104.16.5.13 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
assets-fe.change.org
static.change.org
4    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
s.ytimg.com
4    2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    52.216.168.165 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
1    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net
www.googleadservices.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
5    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
apis.google.com
4    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
maps.googleapis.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
5    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    2a00:1450:4001:806::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
accounts.google.com
2    2a03:2880:f01a:5:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
staticxx.facebook.com
2    54.172.174.181 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-172-174-181.compute-1.amazonaws.com
errors.client.optimizely.com
Domain Requested by
23 assets.change.org www.change.org
8 www.change.org www.change.org
assets-fe.change.org
5 www.facebook.com 1 redirects www.change.org
connect.facebook.net
5 connect.facebook.net www.change.org
connect.facebook.net
assets-fe.change.org
4 maps.googleapis.com assets-fe.change.org
maps.googleapis.com
4 www.youtube.com www.change.org
assets-fe.change.org
4 www.google.com 1 redirects www.change.org
www.gstatic.com
3 static.change.org www.change.org
assets-fe.change.org
3 www.google-analytics.com 1 redirects www.change.org
2 errors.client.optimizely.com assets-fe.change.org
2 staticxx.facebook.com connect.facebook.net
2 apis.google.com assets-fe.change.org
apis.google.com
2 www.google.de www.change.org
2 bat.bing.com www.change.org
2 assets-fe.change.org www.change.org
1 accounts.google.com apis.google.com
1 s.ytimg.com www.youtube.com
1 stats.g.doubleclick.net 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 platform.twitter.com www.change.org
1 www.googletagmanager.com www.change.org
1 www.gstatic.com www.google.com
1 s3.amazonaws.com www.change.org
1 cdn.optimizely.com www.change.org
1 chng.it 1 redirects
77 26
Subject Issuer Validity Valid
*.change.org
COMODO RSA Organization Validation Secure Server CA		 2016-06-09 -
2019-06-09		 3 years crt.sh
cdn.optimizely.com
DigiCert ECC Secure Server CA		 2018-11-24 -
2020-02-23		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2018-12-03 -
2019-10-25		 a year crt.sh
*.google.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
www.googleadservices.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 5		 2017-07-20 -
2019-07-10		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-07-21		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
accounts.google.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
errors.client.optimizely.com
DigiCert SHA2 High Assurance Server CA		 2018-09-24 -
2020-09-28		 2 years crt.sh

This page contains 10 frames:

Primary Page: https://www.change.org/
Frame ID: 97241FB51A2BB0D9B9B8DAECB3AF7972
Requests: 69 HTTP requests in this frame

Frame: https://www.youtube.com/embed/zWXGfhXHoqk?wmode=opaque
Frame ID: 8E12348A4622BB617E04BB7F99DD8BB3
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/M_w6993HW6w?wmode=opaque
Frame ID: 1EBC0C9CDB355B3523211690E38AD401
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/c5b6JQFKdp0?wmode=opaque
Frame ID: 29647D82CA8BC9DD0AF088C1B6AB0A2A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.html?screen_name=ChangeGER&data-show-count=true&data-show-screen-name=true&lang=de
Frame ID: 3EC3DC793318043F320B14A3965BDB99
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftsXMUAAAAALlWG1yUWFRGkwxc7P-ZFroKILkc&co=aHR0cHM6Ly93d3cuY2hhbmdlLm9yZzo0NDM.&hl=en&v=v1557124394329&size=invisible&cb=23e1sz6yxs1r
Frame ID: D6284A0153DCF5970A23EA8AA1037914
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 4DBA776A5A4D301EE148BF7201B58334
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: F64C76A882C7C3B316E7B1FE61772F7A
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 545269B61C2CDC28D494F4B4A2C4E76C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=48409868550&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df2ab8a57632ff84%26domain%3Dwww.change.org%26origin%3Dhttps%253A%252F%252Fwww.change.org%252Ff30e777b14890ec%26relation%3Dparent.parent&container_width=40&href=https%3A%2F%2Fwww.facebook.com%2Fchange.org&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=false
Frame ID: 68BE44D180AEB8B40B794810DB50B70A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://chng.it/ HTTP 301
    https://www.change.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i
Overall confidence: 100%
Detected patterns
  • script /react.*\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /optimizely\.com.*\.js/i
  • env /^optimizely$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • env /^Recaptcha$/i
Overall confidence: 100%
Detected patterns
  • env /^Backbone$/i

Page Statistics

77
Requests

100 %
HTTPS

74 %
IPv6

18
Domains

26
Subdomains

22
IPs

5
Countries

2605 kB
Transfer

8233 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://chng.it/ HTTP 301
    https://www.change.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&aip=1&a=704854410&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Change.org%20%C2%B7%20Starten%20Sie%20Ihre%20Kampagne!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBACEABF~&jid=1746478695&gjid=1127264339&cid=1570618130.1557808948&tid=UA-5889778-1&_gid=108657605.1557808948&_r=1&z=320011718 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=1570618130.1557808948&jid=1746478695&_gid=108657605.1557808948&gjid=1127264339&_v=j73&z=320011718 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1570618130.1557808948&jid=1746478695&_v=j73&z=320011718 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1570618130.1557808948&jid=1746478695&_v=j73&z=320011718&slf_rd=1&random=4056393909
Request Chain 53
  • https://www.facebook.com/connect/ping?client_id=48409868550&domain=www.change.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df3caf6e392abc7c%26domain%3Dwww.change.org%26origin%3Dhttps%253A%252F%252Fwww.change.org%252Ff30e777b14890ec%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
  • https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

77 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.change.org/
Redirect Chain
  • http://chng.it/
  • https://www.change.org/
338 KB
78 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc767a8d28462c838f97daf56727ca611ad361a4cee61f3ea53c2dc52a7f897
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://*.pubnub.com https://bat.bing.com https://*.briteverify.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://api.stripe.com https://*.pubnub.com https://*.briteverify.com https://api.soundcloud.com https://api.airbrake.io; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

:method
GET
:authority
www.change.org
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Tue, 14 May 2019 04:42:27 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=de0a3ad688dafc63974f4930d6a851dc71557808947; expires=Wed, 13-May-20 04:42:27 GMT; path=/; domain=.change.org; HttpOnly; Secure _change_session=; Domain=.change.org; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT _change_session=2574a2ed301581646248536265a64f7e; Path=/; HttpOnly; Secure tracking_data=%7B%22user_uuid%22%3A%22acc7d3e0-7602-11e9-a3da-ad2b6bf76fa4%22%7D; Max-Age=2700; Path=/; Expires=Tue, 14 May 2019 05:27:27 GMT; Secure _change_lang=%7B%22locale%22%3A%22de-DE%22%2C%22countryCode%22%3A%22DE%22%7D; Max-Age=86400; Path=/; Expires=Wed, 15 May 2019 04:42:27 GMT; Secure __cfruid=cdc6a999db1c552d39eeb08f85bf586c21f36a21-1557808947; path=/; domain=.change.org; HttpOnly __cf_bm=55b507d2853041bed19fb8acc8685865865749e1-1557808947-1800-Af+Q8jI5M51CAGeeBogNQ8QIogKFh8LM88T46KuxX/w3JgDYjg12RyKOZT517rsmMPDRhaFN3GsWGVuE+AZgw2k=; path=/; expires=Tue, 14-May-19 05:12:27 GMT; domain=.change.org; HttpOnly
cache-control
no-cache
cf-railgun
530be196e8 stream 0.000000 0032 e6be
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://*.pubnub.com https://bat.bing.com https://*.briteverify.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://api.stripe.com https://*.pubnub.com https://*.briteverify.com https://api.soundcloud.com https://api.airbrake.io; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self';
x-frame-options
sameorigin
x-request-id
ab8ebd87-c9be-47c0-a852-7522fc2318f1
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4d6a349f797b2346-FRA
content-encoding
gzip

Redirect headers

x-amz-id-2
fNVCCflx5qtjCAPAHYKUcbxbhFOVK395vgQW7cvazb5DXntaxoIjhaRpbDXUFIcaqT2MUz2beps=
x-amz-request-id
B58F60350EC4F40E
Date
Tue, 14 May 2019 04:42:27 GMT
Location
https://www.change.org/
Content-Length
0
Server
AmazonS3
11391265293.js
cdn.optimizely.com/js/ 		482 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/11391265293.js
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8026b8be2c6eab9734f3aa22604b2dd1c83f43539a54931065d89e4a42a29de
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
J2j5qpViNfDqCPgvOIU9JAM.bWTvbVBu
content-encoding
gzip
x-amz-request-id
3372B53FF105075C
status
200
access-control-max-age
86400
date
Tue, 14 May 2019 04:42:27 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:181::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
content-length
112865
x-amz-id-2
pOiqj0+EltSJB5+zAlW4IdRbeMFqr+wwXpF9jvvE079z78qCc8/Utnmz5kor5C0LizYoD7nAYg0=
last-modified
Mon, 13 May 2019 21:57:28 GMT
server
AmazonS3
etag
"32434ff9f6b0dd308f1dfb6d50f3b6c2"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
8714
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
rendr-d8qTsKufpK_4IzikT4obM_9wqr0i1SbU7F-NaR_h7qA.css.gz
assets-fe.change.org/rendr-fe/css/ 		168 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-fe.change.org/rendr-fe/css/rendr-d8qTsKufpK_4IzikT4obM_9wqr0i1SbU7F-NaR_h7qA.css.gz
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
77ca93b0ab9fa4aff82338a44f8a1b33ff70aabd22d526d4ec5f8d691fe1eea0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
content-length
50531
last-modified
Wed, 08 May 2019 23:09:31 GMT
server
cloudflare
etag
"d0e4a58e1c164420852c2d4a1110e83a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=1314000
accept-ranges
bytes
cf-ray
4d6a34a17ab12346-FRA
expires
Wed, 29 May 2019 09:42:27 GMT
changeAssets-a9fd675d33194e2e0045.js.gz
assets-fe.change.org/react-fe/ 		4 MB
1006 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.5.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c79136d49ce13d0e5795e6fc464bc1c5e90b7c4f9026fd92d8e7f3d61d49d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.change.org/
Origin
https://www.change.org

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
access-control-max-age
3000
content-length
1027768
last-modified
Mon, 13 May 2019 20:50:51 GMT
server
cloudflare
etag
"060537fbbbe5be9b9fbd1dbf46ac9504"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1314000
accept-ranges
bytes
cf-ray
4d6a34a19f5f64c7-FRA
expires
Wed, 29 May 2019 09:42:27 GMT
aa3756c06ef270ced9b027f529cc4e61_0206815655ac188115632838ab817c39e5528a9c.js
www.change.org/api-proxy/-/locale_data/rendr-fe/de-DE/ 		786 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/locale_data/rendr-fe/de-DE/aa3756c06ef270ced9b027f529cc4e61_0206815655ac188115632838ab817c39e5528a9c.js
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa75064afd87a6bad2cc446b36b6faa40928d425bf24b4891cc58d21cb41f64
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
etag
W/"c49db-8HMs71z7MaC08tMUnt/cdDTS8jw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
4d6a34a1aacd2346-FRA
x-request-id
d1e279a5-91e8-4d68-8de7-8b1acb26652e
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
4196
date
Tue, 14 May 2019 03:32:31 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Tue, 14 May 2019 05:32:31 GMT
api.js
www.google.com/recaptcha/ 		796 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LftsXMUAAAAALlWG1yUWFRGkwxc7P-ZFroKILkc
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
be37f8282da90163d8c4dc44c9429d2612e69d45576880ca08a4979df7fcd358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
480
x-xss-protection
1; mode=block
expires
Tue, 14 May 2019 04:42:27 GMT
Icon_google.png
s3.amazonaws.com/change-assets/iconography/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/change-assets/iconography/Icon_google.png
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.168.165 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2f22aaf2e8367b02152b442ef28df7084601e0ded40c7d8f7b6f24be66b326fb

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 May 2019 04:42:28 GMT
Last-Modified
Thu, 05 Jul 2018 18:28:51 GMT
Server
AmazonS3
x-amz-request-id
0F8A0914636A8D08
ETag
"369517fb3742230ce26a804ab17c7566"
Content-Type
image/png
Content-Length
3333
Accept-Ranges
bytes
x-amz-version-id
qQUwThkyHB.uliIE2wlK0jg7nLP7XyC0
x-amz-id-2
UUls09zNBHCH0nWXEZdfFs1KNufdBUVFXW3Lp0xiabB2NOiQtX6OIzRrfW6mKZ4p/vfAcFVxQ+Q=
mikHfYpOlYLvdsE-128x128-noPad.jpg
assets.change.org/photos/4/kh/fy/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/4/kh/fy/mikHfYpOlYLvdsE-128x128-noPad.jpg?1551293611
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
12aa261bd1c47407c0410c6b09e8d853327f6e2828b3a1bca5da80f64d53075e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
7430
last-modified
Wed, 27 Feb 2019 18:53:32 GMT
server
cloudflare
etag
"18583998f507aad0ff71efa20af5e977"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34a1dafc2346-FRA
expires
Tue, 21 May 2019 04:42:27 GMT
wrtRUkYCEDUbWkY-128x128-noPad.jpg
assets.change.org/photos/3/tr/uk/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/3/tr/uk/wrtRUkYCEDUbWkY-128x128-noPad.jpg?1552129664
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b7c0d1ea7c554773993a02775bea6915e750cb7b4baf0841dad0f1870e95b7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
3561
last-modified
Sat, 09 Mar 2019 11:07:45 GMT
server
cloudflare
etag
"2f9f16017fc5d8cd410a4cd2990b1e67"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34a1dafd2346-FRA
expires
Tue, 21 May 2019 04:42:27 GMT
SUBUfFyikGHcubQ-128x128-noPad.jpg
assets.change.org/photos/8/bu/ff/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/8/bu/ff/SUBUfFyikGHcubQ-128x128-noPad.jpg?1542892183
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
620ce0ea96beadd9bf3c515f6b32d51b1bde4b703d6ae2e3a2cf26258aade8ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
5201
last-modified
Thu, 22 Nov 2018 13:09:44 GMT
server
cloudflare
etag
"21bb0ffca6d8b15f277d63fefd0c1325"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34a1dafe2346-FRA
expires
Tue, 21 May 2019 04:42:27 GMT
otKoFHTwchtluJT-128x128-noPad.jpg
assets.change.org/photos/7/ko/fh/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/7/ko/fh/otKoFHTwchtluJT-128x128-noPad.jpg?1549357363
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
73eff004931b828011651aa084bece51ef9e4d3758ded4e32757329ba70c2f45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
6315
last-modified
Tue, 05 Feb 2019 09:02:43 GMT
server
cloudflare
etag
"621c7e323e663532884ad1c9b5e95f23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34a1db002346-FRA
expires
Tue, 21 May 2019 04:42:27 GMT
DGtZRPuCfFYzYFP-128x128-noPad.jpg
assets.change.org/photos/9/tz/rp/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/9/tz/rp/DGtZRPuCfFYzYFP-128x128-noPad.jpg?1546621259
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb68acb0fe88e04ef80b9309e31f4d187dc70c3c42446e62cb27b5ad7a083118
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
4265
last-modified
Fri, 04 Jan 2019 17:01:00 GMT
server
cloudflare
etag
"0028b26720e5f712acf2bc2aee00494a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34a1db012346-FRA
expires
Tue, 21 May 2019 04:42:27 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1557124394329/ 		263 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/api2/v1557124394329/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LftsXMUAAAAALlWG1yUWFRGkwxc7P-ZFroKILkc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ccd7448193615616cf3e35ac3537bc8b645171cf493a7303ddf57139a75320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 08 May 2019 18:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 May 2019 00:15:00 GMT
server
sffe
age
467454
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
93562
x-xss-protection
0
expires
Thu, 07 May 2020 18:51:33 GMT
gtm.js
www.googletagmanager.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NMT3DV
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
0766bae51ad92c90c0953c4faa614c7a94f9ae86a7d6ca3f1eee07f9ae21538e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
content-encoding
br
last-modified
Tue, 14 May 2019 01:01:07 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
28717
x-xss-protection
0
expires
Tue, 14 May 2019 04:42:27 GMT
zWXGfhXHoqk
www.youtube.com/embed/ Frame 8E12 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/zWXGfhXHoqk?wmode=opaque
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/zWXGfhXHoqk?wmode=opaque
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.change.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.change.org/

Response headers

status
200
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cache-control
no-cache
expires
Tue, 27 Apr 1971 19:44:06 EST
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-type
text/html; charset=utf-8
date
Tue, 14 May 2019 04:42:27 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=Q7Egan4UEZI; path=/; domain=.youtube.com; expires=Sun, 10-Nov-2019 04:42:27 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Tue, 14-May-2019 05:12:27 GMT YSC=IEpGIpEO3dI; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Sun, 12-Jan-2020 16:35:27 GMT VISITOR_INFO1_LIVE=Q7Egan4UEZI; path=/; domain=.youtube.com; expires=Sun, 10-Nov-2019 04:42:27 GMT; httponly
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
M_w6993HW6w
www.youtube.com/embed/ Frame 1EBC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/M_w6993HW6w?wmode=opaque
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/M_w6993HW6w?wmode=opaque
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.change.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.change.org/

Response headers

status
200
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
expires
Tue, 27 Apr 1971 19:44:06 EST
x-content-type-options
nosniff
content-encoding
br
cache-control
no-cache
date
Tue, 14 May 2019 04:42:27 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=TiIZyBMbkRY; path=/; domain=.youtube.com; expires=Sun, 10-Nov-2019 04:42:27 GMT; httponly VISITOR_INFO1_LIVE=TiIZyBMbkRY; path=/; domain=.youtube.com; expires=Sun, 10-Nov-2019 04:42:27 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Sun, 12-Jan-2020 16:35:27 GMT YSC=YMnv2eQfYyk; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Tue, 14-May-2019 05:12:27 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
c5b6JQFKdp0
www.youtube.com/embed/ Frame 2964 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/c5b6JQFKdp0?wmode=opaque
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/c5b6JQFKdp0?wmode=opaque
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.change.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.change.org/

Response headers

status
200
cache-control
no-cache
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 EST
date
Tue, 14 May 2019 04:42:27 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=gdrIiBtv0p4; path=/; domain=.youtube.com; expires=Sun, 10-Nov-2019 04:42:27 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Tue, 14-May-2019 05:12:27 GMT PREF=f1=50000000; path=/; domain=.youtube.com; expires=Sun, 12-Jan-2020 16:35:27 GMT VISITOR_INFO1_LIVE=gdrIiBtv0p4; path=/; domain=.youtube.com; expires=Sun, 10-Nov-2019 04:42:27 GMT; httponly YSC=pYaJGHKslaA; path=/; domain=.youtube.com; httponly
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
follow_button.html
platform.twitter.com/widgets/ Frame 3EC3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.html?screen_name=ChangeGER&data-show-count=true&data-show-screen-name=true&lang=de
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40D6) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.change.org/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.change.org/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Tue, 14 May 2019 04:42:27 GMT
Etag
"263d4837b6a75b0ed7e53338083768a8+gzip"
Last-Modified
Thu, 07 Mar 2019 17:40:35 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40D6)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
20704
illustration-world-map-2015-08-18.gif
static.change.org/home/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.change.org/home/illustration-world-map-2015-08-18.gif
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b772ddd4d6756e0edf1cd0a6f98eaf19fe9ea9ef1a8726e92a07cc070f856a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://assets-fe.change.org/rendr-fe/css/rendr-d8qTsKufpK_4IzikT4obM_9wqr0i1SbU7F-NaR_h7qA.css.gz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-version-id
rKrITWclM6_s89inx1tn6rL1v6QtDyE9
cf-polished
origFmt=gif, origSize=79066
status
200
content-disposition
inline; filename="illustration-world-map-2015-08-18.webp"
cf-bgj
imgq:100
content-length
23524
last-modified
Tue, 18 Aug 2015 23:22:49 GMT
server
cloudflare
etag
"a7eb8773a200a0db3ce989fde2a20c76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=1382400
accept-ranges
bytes
cf-ray
4d6a34a1fb172346-FRA
expires
Thu, 30 May 2019 04:42:27 GMT
EJyWJJdIFXmlxGl-800x450-noPad.jpg
assets.change.org/photos/3/yw/jj/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/3/yw/jj/EJyWJJdIFXmlxGl-800x450-noPad.jpg?1557516063
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7965580a4c9c649df4226b087363dd36058148d51f7f70d2bab12cf52c17296
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=59402, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
57992
last-modified
Fri, 10 May 2019 19:21:04 GMT
server
cloudflare
etag
"9cf8e006457a2aa79e257b89d95cb80f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34a1db022346-FRA
expires
Tue, 21 May 2019 04:42:27 GMT
sYHmNUbPLdhHjOk-800x450-noPad.jpg
assets.change.org/photos/4/hm/nu/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/4/hm/nu/sYHmNUbPLdhHjOk-800x450-noPad.jpg?1553526801
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ca9f8386f6e6dfdd82035df98e5cfa506d90149789d63dddf6b0a1029acd4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=49724, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
46795
last-modified
Mon, 25 Mar 2019 15:13:22 GMT
server
cloudflare
etag
"cb0ba4d5d3aab3d45a05944110b3d5d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34a1fb132346-FRA
expires
Tue, 21 May 2019 04:42:27 GMT
rJGyPZkaovdcDlt-800x450-noPad.jpg
assets.change.org/photos/8/gy/pz/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/8/gy/pz/rJGyPZkaovdcDlt-800x450-noPad.jpg?1555592431
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8ba554cee7e643609a98b5194ca64c8fa7e3cd788897d4131c58c7413f54727
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=41877, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
39297
last-modified
Thu, 18 Apr 2019 13:00:32 GMT
server
cloudflare
etag
"0c16f26c37308f0f1fda89157753f240"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34a1fb122346-FRA
expires
Tue, 21 May 2019 04:42:27 GMT
nQvcIeZAmFKxUft-800x450-noPad.jpg
assets.change.org/photos/1/vc/ie/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/1/vc/ie/nQvcIeZAmFKxUft-800x450-noPad.jpg?1551892675
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff9f3fe8b86a381d48d31e81faf3151b4c1460d6366397dbeeea0ee6f2c7114
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=25757, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
25674
last-modified
Wed, 06 Mar 2019 17:17:56 GMT
server
cloudflare
etag
"3be8ecdb8752290825f9406d99b43784"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34a1fb102346-FRA
expires
Tue, 21 May 2019 04:42:27 GMT
cNJJSgYrvzEdeDK-800x450-noPad.jpg
assets.change.org/photos/7/jj/sg/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/7/jj/sg/cNJJSgYrvzEdeDK-800x450-noPad.jpg?1548433746
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
533635138feb9f518f363e95dfb3e4fa771ea9b5a926979abe0330dc6c351c91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=45410, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
43680
last-modified
Fri, 25 Jan 2019 16:29:07 GMT
server
cloudflare
etag
"b34f588ad706571d8924f6d59feb5cc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34a1fb0f2346-FRA
expires
Tue, 21 May 2019 04:42:27 GMT
WAxzJCoIXwJUwzZ-800x450-noPad.jpg
assets.change.org/photos/2/xz/jc/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/2/xz/jc/WAxzJCoIXwJUwzZ-800x450-noPad.jpg?1549275541
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48dda6258a9b16defc8d0fe8237725202004935d8b9df96be3205798b845e45c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
15516
last-modified
Mon, 04 Feb 2019 10:19:02 GMT
server
cloudflare
etag
"9db9761c5f1576500109faf1e37bd184"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34a1fb112346-FRA
expires
Tue, 21 May 2019 04:42:27 GMT
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.change.org

Response headers

Content-Type
application/x-font-woff;charset=utf-8
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMT3DV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
9e2a3141f224fcb47d4a6f58c23a91b2750de8ff3dec7e4f2813b8b2327c6336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8878
x-xss-protection
0
server
cafe
etag
7931731040408874328
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 May 2019 04:42:27 GMT
bat.js
bat.bing.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
06768ff08a78f24b60973b047561141c4413864fa2d3ac9292fb0b217a81f917

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:27 GMT
content-encoding
gzip
last-modified
Fri, 08 Mar 2019 01:08:18 GMT
x-msedge-ref
Ref A: 5E9C6B3AD4EA41E381513D39BA5176FC Ref B: VIEEDGE0816 Ref C: 2019-05-14T04:42:27Z
access-control-allow-origin
*
etag
"0ed1a6a4bd5d41:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7002
collect
www.google-analytics.com/r/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=704854410&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2F&ul=en-us&de=UTF-8&dt=Change.org%20%C2%B7%20Starten%20Sie%20Ihre%20Kampagne!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAEABE~&jid=1675346057&gjid=2096645225&cid=1726017004.1557808948&tid=UA-85960574-2&_gid=167629975.1557808948&_r=1&gtm=2wg521NMT3DV&z=560440231
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame D628 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftsXMUAAAAALlWG1yUWFRGkwxc7P-ZFroKILkc&co=aHR0cHM6Ly93d3cuY2hhbmdlLm9yZzo0NDM.&hl=en&v=v1557124394329&size=invisible&cb=23e1sz6yxs1r
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1557124394329/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WRgJULsD+9oAfcKuuQfe3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LftsXMUAAAAALlWG1yUWFRGkwxc7P-ZFroKILkc&co=aHR0cHM6Ly93d3cuY2hhbmdlLm9yZzo0NDM.&hl=en&v=v1557124394329&size=invisible&cb=23e1sz6yxs1r
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.change.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.change.org/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 14 May 2019 04:42:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-WRgJULsD+9oAfcKuuQfe3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11615
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
fbevents.js
connect.facebook.net/en_US/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15397
x-xss-protection
0
pragma
public
x-fb-debug
bv3zT8YzZ3PTgWdUpRpU5Z8QiUUudjy/UEiLM78MfL4uyq5qZAGH8krwFMPdDZlibQfwr9rElY77naHAiWkWIg==
date
Tue, 14 May 2019 04:42:27 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/?random=1557808947703&cv=9&fst=1557808947703&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.change.org%2F&tiba=Change.org%20%C2%B7%20Starten%20Sie%20Ihre%20Kampagne!&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
051c571ef97a62fa640363cedf3c2082e1d8af3f31908197a05e2ec28dec8268
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2019 04:42:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
952
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5321513&Ver=2&mid=509a2581-efe7-614c-bb35-914548a1d58d&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Change.org%20%C2%B7%20Starten%20Sie%20Ihre%20Kampagne!&p=https%3A%2F%2Fwww.change.org%2F&r=&lt=1316&evt=pageLoad&msclkid=N&rn=789756
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Tue, 14 May 2019 04:42:27 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: A7FB0DFB86D54D298C2293445B0C5894 Ref B: VIEEDGE0816 Ref C: 2019-05-14T04:42:27Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/991363857/ 		42 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/991363857/?random=1557808947703&cv=9&fst=1557806400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.change.org%2F&tiba=Change.org%20%C2%B7%20Starten%20Sie%20Ihre%20Kampagne!&async=1&fmt=3&cdct=2&is_vtc=1&random=2422161481&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/991363857/ 		42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/991363857/?random=1557808947703&cv=9&fst=1557806400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.change.org%2F&tiba=Change.org%20%C2%B7%20Starten%20Sie%20Ihre%20Kampagne!&async=1&fmt=3&cdct=2&is_vtc=1&random=2422161481&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2019 04:42:27 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1081902691834097
connect.facebook.net/signals/config/ 		207 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1081902691834097?v=2.8.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fcce66314321d66ab77ad3728e162757d200a621fa43859ad5449512aaedc5e0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
56215
x-xss-protection
0
pragma
public
x-fb-debug
JTtUoolsl23HBHk0ZHMJ25fR2WCWH21laQiCASL2iB0U2vOwsE2CwdnLuunAXF1549fwr4Grqv/R3+65a+VADg==
date
Tue, 14 May 2019 04:42:27 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.47
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
QHaa8Vazw80R58cAelsX4bUtTEynXs9aHHuMZzMiJwJfiepnMcEI1lhQABwtEI27JqV+hu52mdvX2GoQjU8AwA==
date
Tue, 14 May 2019 04:42:27 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
Change-Calibre-Regular.woff2
static.change.org/fonts/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.change.org/fonts/Change-Calibre-Regular.woff2
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.5.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://assets-fe.change.org/rendr-fe/css/rendr-d8qTsKufpK_4IzikT4obM_9wqr0i1SbU7F-NaR_h7qA.css.gz
Origin
https://www.change.org

Response headers

date
Tue, 14 May 2019 04:42:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
access-control-max-age
3000
content-type
application/octet-stream
content-length
30956
last-modified
Tue, 19 Apr 2016 05:44:47 GMT
server
cloudflare
etag
"58b40d8b77ba9c43a803a9779a22f8c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
x-amz-version-id
kWNZjdaKXPzoQBC5TZ48DMAGUj.3kpR3
access-control-allow-origin
https://www.change.org
cache-control
public, max-age=1382400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
4d6a34a54b3f64c7-FRA
expires
Thu, 30 May 2019 04:42:28 GMT
Change-Calibre-Bold.woff2
static.change.org/fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.change.org/fonts/Change-Calibre-Bold.woff2
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.5.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://assets-fe.change.org/rendr-fe/css/rendr-d8qTsKufpK_4IzikT4obM_9wqr0i1SbU7F-NaR_h7qA.css.gz
Origin
https://www.change.org

Response headers

date
Tue, 14 May 2019 04:42:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
access-control-max-age
3000
content-type
application/octet-stream
content-length
32028
last-modified
Tue, 19 Apr 2016 05:45:19 GMT
server
cloudflare
etag
"682c36331f52784f4ea0b00d69b95d2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
x-amz-version-id
3jrU_Dju8RrOkM9darm4OVCeQ.ZT6UeB
access-control-allow-origin
https://www.change.org
cache-control
public, max-age=1382400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
4d6a34a54b4164c7-FRA
expires
Thu, 30 May 2019 04:42:28 GMT
platform.js
apis.google.com/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
5ef32ffe7b00b9fd37d65504af7f78f91a85421829f3d336cd2ba6510a8aa38e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-mWJM8Jt48QbEkkn/khitfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"91cbf05c6419db81e867c3dcc945a6da"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Tue, 14 May 2019 04:42:28 GMT
sdk.js
connect.facebook.net/de_DE/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/sdk.js
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
ccfdc3bea211def2f7c326bccbe8b96c3a809a3ab62eb8f25d79654f7a23a88e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
2jufS74ZKTHulAzWz4V4Vg==
status
200
date
Tue, 14 May 2019 04:42:28 GMT
vary
Accept-Encoding
content-length
1779
x-fb-debug
XPPRcoIUYMAUes7y3ehb0awj54Su9fR1+fJWEu70HiEwQ9SPKqzs8fpHYzVRJ4i8vlKK+ZOeCoEjoZgFHUIwGw==
x-fb-content-md5
e7d5a31f76aa349b0cac83a3bbaa378e
etag
"3765a118343e4b88d67f918f35d85c3f"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 May 2019 04:50:29 GMT
js
maps.googleapis.com/maps/api/ 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBwot59Cgi_SoxwakkTkAvni7930r0eJs4&libraries=places&sensor=false&callback=__loadGooglePlaces
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
05d14d231ef929410654a59b5d0e92864967e656fa44591636eaa599b8341a21
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:28 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
vary
Accept-Language
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=15
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
34287
x-xss-protection
0
expires
Tue, 14 May 2019 05:12:28 GMT
iframe_api
www.youtube.com/ 		859 B
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
12c0bc0ed4f34ad6251de0db7eb2db8f52cb37191482f98c1e9ac8f78dcfbdac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:28 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 EST
discover_feed
www.change.org/api-proxy/-/ 		34 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/discover_feed?page=0&initial_request=true&locale=de-DE&recommendable_locale=false&recommendation_filter=default&show_subscriptions=false&show_followed_topics=true&show_followed_movements=false&is_homepage=true&ip_country_code=DE
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
949d047d028ca6721066d7d7a73a553073f3a6629de61644659015de33d33a43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.change.org/
X-CSRF-Token
afd9afed132ff4217abb1872ec6ef06e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 14 May 2019 04:42:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
server
cloudflare
etag
W/"89b2-7Oi7I/sLv4M43/s42xjR8xv/2ds"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
status
200
cache-control
no-cache
accept-ranges
bytes
cf-ray
4d6a34a61d3a2346-FRA
content-length
6208
x-request-id
acd50f1b-7ff1-482f-b8bb-578e1e20f7f6
event_tracker
www.change.org/api-proxy/-/ 		2 B
324 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/event_tracker?_csrf=afd9afed132ff4217abb1872ec6ef06e
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
Origin
https://www.change.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 May 2019 04:42:28 GMT
x-content-type-options
nosniff
server
cloudflare
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun
5d51100958 99.99 0.004520 0032 e6be
content-type
application/json; charset=utf-8
status
200
cache-control
no-cache
cf-ray
4d6a34a66d702346-FRA
content-length
2
x-request-id
b0e6eb99-47cd-4e34-9a28-64511dd4aba6
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&aip=1&a=704854410&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Change.org%20%C2%B7%20Starten%20Sie%20Ihre%20K...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=1570618130.1557808948&jid=1746478695&_gid=108657605.1557808948&gjid=1127264339&_v=j73&z=320011718
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1570618130.1557808948&jid=1746478695&_v=j73&z=320011718
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1570618130.1557808948&jid=1746478695&_v=j73&z=320011718&slf_rd=1&random=4056393909
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1570618130.1557808948&jid=1746478695&_v=j73&z=320011718&slf_rd=1&random=4056393909
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2019 04:42:28 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 May 2019 04:42:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1570618130.1557808948&jid=1746478695&_v=j73&z=320011718&slf_rd=1&random=4056393909
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1081902691834097&ev=PageView&dl=https%3A%2F%2Fwww.change.org%2F&rl=&if=false&ts=1557808948228&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1557808948227.502963471&it=1557808947764&coo=false&rqm=GET
Requested by
Host: www.change.org
URL: https://www.change.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 14 May 2019 04:42:28 GMT
sdk.js
connect.facebook.net/de_DE/ 		195 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/sdk.js?hash=ec41785e2795e691cbec747bbec8857b&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6e1bb7cc671813a947a3c0f7198255aba1de55d804e668c3dec97d3322254bdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.change.org/
Origin
https://www.change.org

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
1LCzVc7c6v6MPXWUJ+EJBw==
status
200
date
Tue, 14 May 2019 04:42:28 GMT
vary
Accept-Encoding
content-length
59273
x-fb-debug
X6eRBbt2OX+gGIX21cDzcwk4IGMmOA7+W9ZFXPfnIFVp/+z3T2aWNTS6J4lrxjKGia12e0tAOzCVRrjuyvsffw==
x-fb-content-md5
e6c79a6347bdfc0e3905a5c37267b0fb
etag
"3db17a756c8c03892d4cf59fed22f353"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 13 May 2020 03:25:29 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflTZdOF2/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflTZdOF2/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7c3eca218afc1869a365fac68fac54b1dd93d0531cc2abe49860d6e3db8983c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 21:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26332
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8035
x-xss-protection
0
last-modified
Fri, 10 May 2019 00:20:22 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Tue, 21 May 2019 21:23:36 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.BRw_LCfvRBo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM745n2H0ItdwpR0pkGBX8xc2KUHQ/ 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.BRw_LCfvRBo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM745n2H0ItdwpR0pkGBX8xc2KUHQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
78bec4c3ddff4854bc9b30750eace47ed3aa6a13586882a3c23d810c0efbeb00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 18:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 11 May 2019 10:46:42 GMT
server
sffe
age
34950
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
36750
x-xss-protection
0
expires
Tue, 12 May 2020 18:59:58 GMT
iframe
accounts.google.com/o/oauth2/ Frame 4DBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.BRw_LCfvRBo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM745n2H0ItdwpR0pkGBX8xc2KUHQ/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9zxbHgSUKznLzrLsgdY4Sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.change.org/
accept-encoding
gzip, deflate, br
cookie
NID=183=GQd8KGAgrLETMJPCgHN77XWVV2295-9odpdf4GM9J-eMTTbNkFJc0XlboMVaaEVPF1lD5Z1Gbt-GgwE5m9CPZrTHF17w5bZA0NTMKQELOVpLtlGmZMAXaWOLS3v4b5sQkSTv6dFxzoBnOzA4avoD8Wv-512cNcK4SetnFs52ApI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.change.org/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 14 May 2019 04:42:28 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-9zxbHgSUKznLzrLsgdY4Sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame F64C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=ec41785e2795e691cbec747bbec8857b&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01a:5:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.change.org/
accept-encoding
gzip, deflate, br
cookie
fr=01IVaQxEVsu3anQwX..Bc2kc0...1.0.Bc2kc0.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.change.org/

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Tue, 12 May 2020 22:21:19 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
mhWFmaYljnDpYbFlnigr9jJzEyENO/v1LEyscCs3Zi1MxCKUTAATQ6rCnlniRrCU7fV1G0sq8Hy49frlAsAxXQ==
content-length
11044
date
Tue, 14 May 2019 04:42:28 GMT
log
errors.client.optimizely.com/ 		13 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.174.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-172-174-181.compute-1.amazonaws.com
Software
/
Resource Hash
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method
POST
Origin
https://www.change.org
Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 14 May 2019 04:42:29 GMT
Allow
POST,OPTIONS
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.change.org
Access-Control-Max-Age
1800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin
Content-Length
13
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 5452
Redirect Chain
  • https://www.facebook.com/connect/ping?client_id=48409868550&domain=www.change.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D4...
  • https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=ec41785e2795e691cbec747bbec8857b&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01a:5:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.change.org/
accept-encoding
gzip, deflate, br
cookie
fr=01IVaQxEVsu3anQwX..Bc2kc0...1.0.Bc2kc0.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.change.org/

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Tue, 12 May 2020 22:21:19 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
mhWFmaYljnDpYbFlnigr9jJzEyENO/v1LEyscCs3Zi1MxCKUTAATQ6rCnlniRrCU7fV1G0sq8Hy49frlAsAxXQ==
content-length
11044
date
Tue, 14 May 2019 04:42:28 GMT

Redirect headers

status
302
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
location
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44#cb=f3caf6e392abc7c&domain=www.change.org&origin=https%3A%2F%2Fwww.change.org%2Ff30e777b14890ec&relation=parent&error=unknown_user
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
sVhp5MQ9ZSnATlTLYG/6P4itRuMinbArtZm1eIT3VB/FgdKMpD8D39Hl/rP1nhWLxJAT1tW3S8tupZqU4w+gcA==
content-length
0
date
Tue, 14 May 2019 04:42:28 GMT
chk_captcha_v3
www.change.org/cdn-cgi/l/ 		0
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.change.org/cdn-cgi/l/chk_captcha_v3?req_id=4d6a349f797b2346&t=03AOLTBLT7I-SmDR-VGi4sco6qRi5zuGvNG_82UUO7_UtngXCfLZX5SSEmRiwu2crMzg7QZK_nXlXLafcD7OlsrJxP6RsGSjJhev3uyP8hGMn3nfVhnN_PFnDPrQ1tlz4m7tRtsnP9yabsYzowyQKTwPQ8ZhPam0DBcIibge0QaehCzUsD_WiFgVOZ7o5lJmSm839JKcf-hvUnpXuTcqXa5OGSxsaq_T8JwAd08-6M6xCCfvYIVMC6xkpf0gNgjlTJGVjjvi4eW6RRghe4Ey30Ze-M0l1sc28JxaJTib4AvUkbkB0na_bxaGgXHwtE-6vZ6XAZwC6dSJ1A
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Tue, 14 May 2019 04:42:28 GMT
server
cloudflare
cf-ray
4d6a34a96f252346-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
like.php
www.facebook.com/v3.2/plugins/ Frame 68BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=48409868550&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df2ab8a57632ff84%26domain%3Dwww.change.org%26origin%3Dhttps%253A%252F%252Fwww.change.org%252Ff30e777b14890ec%26relation%3Dparent.parent&container_width=40&href=https%3A%2F%2Fwww.facebook.com%2Fchange.org&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=ec41785e2795e691cbec747bbec8857b&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/like.php?action=like&app_id=48409868550&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df2ab8a57632ff84%26domain%3Dwww.change.org%26origin%3Dhttps%253A%252F%252Fwww.change.org%252Ff30e777b14890ec%26relation%3Dparent.parent&container_width=40&href=https%3A%2F%2Fwww.facebook.com%2Fchange.org&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.change.org/
accept-encoding
gzip, deflate, br
cookie
fr=01IVaQxEVsu3anQwX..Bc2kc0...1.0.Bc2kc0.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.change.org/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
facebook-api-version
v3.2
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
1vyPU1Mbah/AlUULIiakRuXmKrBhpvoVCiBtQDc/tDO0u2DmrsRi/N21KfzI+s1WuQsDqjX+WvkKqNjNEiD6TA==
date
Tue, 14 May 2019 04:42:28 GMT
/
www.facebook.com/tr/ 		44 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1081902691834097&ev=Microdata&dl=https%3A%2F%2Fwww.change.org%2F&rl=&if=false&ts=1557808948732&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Change.org%22%2C%22og%3Atitle%22%3A%22Starten%20Sie%20Ihre%20Kampagne!%22%2C%22og%3Adescription%22%3A%22Change.org%20ist%20die%20gr%C3%B6%C3%9Fte%20Petitionsplattform%20der%20Welt.%20%C3%9Cber%20200%20Millionen%20Nutzerinnnen%20und%20Nutzer%20setzen%20sich%20mithilfe%20der%20Plattform%20f%C3%BCr%20Ver%C3%A4nderung%20ein.%22%2C%22og%3Alocale%22%3A%22de_DE%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.change.org%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.change.org%2Ffavicon%2Ffavicon-400x400.png%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Meta]=%7B%22title%22%3A%22Change.org%20%C2%B7%20Starten%20Sie%20Ihre%20Kampagne!%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.47&r=stable&ec=1&o=30&fbp=fb.1.1557808948227.502963471&it=1557808947764&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 14 May 2019 04:42:28 GMT
/
www.facebook.com/tr/ 		44 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=48409868550&ev=fb_page_view&dl=https%3A%2F%2Fwww.change.org%2F&rl=&if=false&ts=1557808948757&cd[view_event]=homepage_view&sw=1600&sh=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 14 May 2019 04:42:28 GMT
discover_feed
www.change.org/api-proxy/-/ 		24 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/discover_feed?page=1&initial_request=false&locale=de-DE&recommendable_locale=false&recommendation_filter=default&show_subscriptions=false&show_followed_topics=true&show_followed_movements=false&is_homepage=true&ip_country_code=DE
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe2a9be7173b35132c7a3374de949cc12b3739336bc02b5e9fab5a5e836c350
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.change.org/
X-CSRF-Token
afd9afed132ff4217abb1872ec6ef06e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 14 May 2019 04:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
server
cloudflare
etag
W/"5eb9-RNr1qXrQgI13/Qknxv9d8RsLKN4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
status
200
cache-control
no-cache
accept-ranges
bytes
cf-ray
4d6a34ab88582346-FRA
content-length
5594
x-request-id
3f5c2645-b63c-410f-88ff-233ea6cc0f8a
sPiJTjOZySKYkPq-400x400-noPad.jpg
assets.change.org/photos/5/ij/tj/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/5/ij/tj/sPiJTjOZySKYkPq-400x400-noPad.jpg?1557481159
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
624e5fd7e028d0e936d1b5b6fdfbfafe1d5987b583d2cc96ff8ccbf921faae7e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=13010, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
12972
last-modified
Fri, 10 May 2019 09:39:20 GMT
server
cloudflare
etag
"92d0907f08c1c332a8545ea54d0148a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34ab88592346-FRA
expires
Tue, 21 May 2019 04:42:29 GMT
sPiJTjOZySKYkPq-800x450-noPad.jpg
assets.change.org/photos/5/ij/tj/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/5/ij/tj/sPiJTjOZySKYkPq-800x450-noPad.jpg?1557481159
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
288b4e291e42a38d457d7a24e3c0cff5bc36172668277c786b0eff6fae22443a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=20047, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
19975
last-modified
Fri, 10 May 2019 09:39:20 GMT
server
cloudflare
etag
"e1fbb6b7a6a0ea9d595bf8f6af2a5540"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34ab885a2346-FRA
expires
Tue, 21 May 2019 04:42:29 GMT
kXIFhTOXNfvwdrR-128x128-noPad.jpg
assets.change.org/photos/5/if/ht/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/5/if/ht/kXIFhTOXNfvwdrR-128x128-noPad.jpg?1557480283
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
33aae65326906ad14efb653e2be7a431e433c0f68b9c5d588358bb0f2ffefcb7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
4038
last-modified
Fri, 10 May 2019 09:24:44 GMT
server
cloudflare
etag
"fd2938ee55ba90da919922f643e07def"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34ab885b2346-FRA
expires
Tue, 21 May 2019 04:42:29 GMT
zKqdLZgOdjxTApH-400x400-noPad.jpg
assets.change.org/photos/7/qd/lz/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/7/qd/lz/zKqdLZgOdjxTApH-400x400-noPad.jpg?1557319223
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e625917fd05a3eb846bc422196d357a21f6484a06cd71616f06872b6ddc4a87c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=41259, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
39780
last-modified
Wed, 08 May 2019 12:40:24 GMT
server
cloudflare
etag
"a699a027b3c0059943d19134a59b831d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34ab885c2346-FRA
expires
Tue, 21 May 2019 04:42:29 GMT
zKqdLZgOdjxTApH-800x450-noPad.jpg
assets.change.org/photos/7/qd/lz/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/7/qd/lz/zKqdLZgOdjxTApH-800x450-noPad.jpg?1557319223
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
da8f75ac4c94f9791185aac92c96eae012d66b7a5343e8b2c818bb238abe84c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=79297, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
76420
last-modified
Wed, 08 May 2019 12:40:24 GMT
server
cloudflare
etag
"2ae49763afe386b9500fe4214f3e6601"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34ab885d2346-FRA
expires
Tue, 21 May 2019 04:42:29 GMT
irqahrHmdKmfqtH-128x128-noPad.jpg
assets.change.org/photos/9/qa/hr/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/9/qa/hr/irqahrHmdKmfqtH-128x128-noPad.jpg?1557302181
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
07d6dbd2edacfd99535be0f4e5bc7f99121cd8508cc44893db909df80d69befb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
4667
last-modified
Wed, 08 May 2019 07:56:22 GMT
server
cloudflare
etag
"7caf4fe25a6fa44b21bf6ead01d667f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34ab885e2346-FRA
expires
Tue, 21 May 2019 04:42:29 GMT
log
errors.client.optimizely.com/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.174.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-172-174-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.change.org/
Origin
https://www.change.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://www.change.org
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Tue, 14 May 2019 04:42:29 GMT
Content-Type
text/plain
events_tracker
www.change.org/api-proxy/-/ 		2 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/events_tracker
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.change.org/
Origin
https://www.change.org
X-CSRF-Token
afd9afed132ff4217abb1872ec6ef06e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Requested-With
XMLHttpRequest
Content-Type
application/json

Response headers

date
Tue, 14 May 2019 04:42:30 GMT
x-content-type-options
nosniff
server
cloudflare
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun
98ab3cd867 99.99 0.013168 0032 e6be
content-type
application/json; charset=utf-8
status
200
cache-control
no-cache
cf-ray
4d6a34b04b762346-FRA
content-length
2
x-request-id
9773791e-46e2-46bd-bc96-006a02c2f964
krDvNgoQIQieHjH-400x400-noPad.jpg
assets.change.org/photos/1/dv/ng/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/1/dv/ng/krDvNgoQIQieHjH-400x400-noPad.jpg?1557303746
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
501b9a87d9a52bb050ac7a2781498cdc706aa53eccb6578f6a40d00f86c20ec7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=38827, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
37314
last-modified
Wed, 08 May 2019 08:22:27 GMT
server
cloudflare
etag
"8e3026cea3dd7bb6007e8878d6865c7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34b06b8e2346-FRA
expires
Tue, 21 May 2019 04:42:29 GMT
krDvNgoQIQieHjH-800x450-noPad.jpg
assets.change.org/photos/1/dv/ng/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/1/dv/ng/krDvNgoQIQieHjH-800x450-noPad.jpg?1557303746
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d948173ea73ac0abe1b3c344327ea8a913245a51367de8060e1f6b38222681c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=53005, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
50352
last-modified
Wed, 08 May 2019 08:22:27 GMT
server
cloudflare
etag
"5a8ad2c954c583bf11da1e2d146ed203"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34b06b902346-FRA
expires
Tue, 21 May 2019 04:42:29 GMT
VrSEYzxjTsTbDiJ-128x128-noPad.jpg
assets.change.org/photos/0/se/yz/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/0/se/yz/VrSEYzxjTsTbDiJ-128x128-noPad.jpg?1556525923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6a3b043d039df760f25104b4b502c11b554ab8238b8ec57c188cc7733fade92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
5961
last-modified
Mon, 29 Apr 2019 08:18:44 GMT
server
cloudflare
etag
"9cbfef3e18c7f4a250b61e5e95813808"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34b06b922346-FRA
expires
Tue, 21 May 2019 04:42:29 GMT
nJuTJPpCLVawhYD-400x400-noPad.jpg
assets.change.org/photos/4/ut/jp/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/4/ut/jp/nJuTJPpCLVawhYD-400x400-noPad.jpg?1556114766
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a461bc0e2191a115d19c8f33d1e41e9abcc851d1b7eaf9bff58bbc9ca6fc0fa1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=27134, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
26649
last-modified
Wed, 24 Apr 2019 14:06:07 GMT
server
cloudflare
etag
"6bffbd14bcb150159c383af432ed7d04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34b06b942346-FRA
expires
Tue, 21 May 2019 04:42:29 GMT
nJuTJPpCLVawhYD-800x450-noPad.jpg
assets.change.org/photos/4/ut/jp/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/4/ut/jp/nJuTJPpCLVawhYD-800x450-noPad.jpg?1556114766
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a2bbeecdb34fa5edb4ea2110169ebb550b4a3ce88020a1f53405f3bad9a9d5e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=56877, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
55580
last-modified
Wed, 24 Apr 2019 14:06:07 GMT
server
cloudflare
etag
"3303e96ee8e47e8ae90490200727dd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34b06b952346-FRA
expires
Tue, 21 May 2019 04:42:29 GMT
ZzcPwGcLDGdppqw-128x128-noPad.jpg
assets.change.org/photos/2/cp/wg/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.change.org/photos/2/cp/wg/ZzcPwGcLDGdppqw-128x128-noPad.jpg?1555574620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
435c46057c24e7d261f03144d98deb091fa291dd22297bb50b8951b7bac1d37e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 04:42:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
4534
last-modified
Thu, 18 Apr 2019 08:03:41 GMT
server
cloudflare
etag
"efb5336dc9878561e4abb95b6875d5a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4d6a34b06b982346-FRA
expires
Tue, 21 May 2019 04:42:29 GMT
events_tracker
www.change.org/api-proxy/-/ 		2 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/events_tracker
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/react-fe/changeAssets-a9fd675d33194e2e0045.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.4.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.change.org/
Origin
https://www.change.org
X-CSRF-Token
afd9afed132ff4217abb1872ec6ef06e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Requested-With
XMLHttpRequest
Content-Type
application/json

Response headers

date
Tue, 14 May 2019 04:42:30 GMT
x-content-type-options
nosniff
server
cloudflare
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun
519ec555aa 99.99 0.003998 0032 e6be
content-type
application/json; charset=utf-8
status
200
cache-control
no-cache
cf-ray
4d6a34b1cc692346-FRA
content-length
2
x-request-id
577bb57b-a7a1-4e95-b557-16cdcb4d565b
common.js
maps.googleapis.com/maps-api-v3/api/js/35/10a/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/35/10a/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBwot59Cgi_SoxwakkTkAvni7930r0eJs4&libraries=places&sensor=false&callback=__loadGooglePlaces
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c9700b1331c4ee58f74792ace407d6b5e113fd358cc6cb9bee8166a689691166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 21:02:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Jan 2019 17:38:17 GMT
server
sffe
age
5730019
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
25939
x-xss-protection
1; mode=block
expires
Sat, 07 Mar 2020 21:02:14 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/35/10a/ 		134 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/35/10a/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBwot59Cgi_SoxwakkTkAvni7930r0eJs4&libraries=places&sensor=false&callback=__loadGooglePlaces
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fa802705ee95c596e2ae8ecf3718bb8f566229a395efb83a77f7d56c46afc34c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 03:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Jan 2019 17:38:17 GMT
server
sffe
age
5707416
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
51692
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 03:18:57 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
210 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.change.org%2F&4sAIzaSyBwot59Cgi_SoxwakkTkAvni7930r0eJs4&callback=_xdc_._zcf2j9&key=AIzaSyBwot59Cgi_SoxwakkTkAvni7930r0eJs4&token=92630
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/35/10a/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
e3630447ceced70a539cc4bd32ad11e3adbe0efa7420c462b7f8855e364f9770
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2019 04:42:33 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=5
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| changeTargetingData object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| dataLayer number| domCompleteTime object| google_tag_data function| ga object| gaplugins function| postscribe object| google_tag_manager string| GoogleAnalyticsObject object| gaGlobal object| gaData object| uetq object| recaptcha function| removePreBundleEvents object| closure_lm_887438 function| fbq function| _fbq undefined| _ function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET object| __core-js_shared__ function| setImmediate function| clearImmediate object| Backbone object| core object| global object| System function| asap function| Observable object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| Stickyfill object| TwitterCldr function| FontFaceObserver function| fbAsyncInit object| __APOLLO_CLIENT__ function| __loadGooglePlaces object| optimizely object| airbrake object| TwitterCldrDataBundle object| gajus function| P function| onYouTubeIframeAPIReady object| scCGSHMRCache object| App object| FB object| YT object| YTConfig function| onYTReady object| gapi object| ___jsl object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| osapi object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| _xdc_

21 Cookies

Domain/Path Name / Value
.facebook.com/ Name: fr
Value: 01IVaQxEVsu3anQwX..Bc2kc0...1.0.Bc2kc0.
.youtube.com/ Name: YSC
Value: pYaJGHKslaA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: gdrIiBtv0p4
.youtube.com/ Name: GPS
Value: 1
.change.org/ Name: _fbp
Value: fb.1.1557808948227.502963471
.change.org/ Name: _gat
Value: 1
.change.org/ Name: __cf_bm
Value: 14ab2d181147510eeb619fa943c6c27697f53a0b-1557808948-1800-AZ/Zg2kmOv+75scn4q6kQjjDEWTj1jP83MMk7/dTvQFBbksg1Q+mX/99+ZlwFGl0JIXH1w7tZVulMHC/i07nCAJK0DgFm8BzNqexOSax7pSOgrZyFbfd20NOHZU23iBDog==
.change.org/ Name: _gcl_au
Value: 1.1.410639381.1557808948
.change.org/ Name: _gid
Value: GA1.2.108657605.1557808948
.change.org/ Name: _gaDE_gid
Value: GA1.2.167629975.1557808948
.google.com/ Name: NID
Value: 183=GQd8KGAgrLETMJPCgHN77XWVV2295-9odpdf4GM9J-eMTTbNkFJc0XlboMVaaEVPF1lD5Z1Gbt-GgwE5m9CPZrTHF17w5bZA0NTMKQELOVpLtlGmZMAXaWOLS3v4b5sQkSTv6dFxzoBnOzA4avoD8Wv-512cNcK4SetnFs52ApI
.change.org/ Name: _ga
Value: GA1.2.1570618130.1557808948
.change.org/ Name: _gat_UA-85960574-2
Value: 1
www.change.org/ Name: _change_lang
Value: %7B%22locale%22%3A%22de-DE%22%2C%22countryCode%22%3A%22DE%22%7D
.change.org/ Name: _gaDE
Value: GA1.2.1726017004.1557808948
.change.org/ Name: __cfruid
Value: cdc6a999db1c552d39eeb08f85bf586c21f36a21-1557808947
www.change.org/ Name: tracking_data
Value: %7B%22user_uuid%22%3A%22acc7d3e0-7602-11e9-a3da-ad2b6bf76fa4%22%7D
.youtube.com/ Name: PREF
Value: f1=50000000
www.change.org/ Name: _change_session
Value: 2574a2ed301581646248536265a64f7e
.www.change.org/ Name: G_ENABLED_IDPS
Value: google
.change.org/ Name: __cfduid
Value: de0a3ad688dafc63974f4930d6a851dc71557808947

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://*.pubnub.com https://bat.bing.com https://*.briteverify.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://api.stripe.com https://*.pubnub.com https://*.briteverify.com https://api.soundcloud.com https://api.airbrake.io; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.optimizely.com
chng.it
connect.facebook.net
errors.client.optimizely.com
googleads.g.doubleclick.net
maps.googleapis.com
platform.twitter.com
s.ytimg.com
s3.amazonaws.com
static.change.org
staticxx.facebook.com
stats.g.doubleclick.net
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
104.16.4.13
104.16.5.13
172.217.18.98
2606:2800:234:46c:e8b:1e2f:2bd:694
2620:1ec:c11::200
2a00:1450:4001:806::200d
2a00:1450:4001:815::200e
2a00:1450:4001:816::2003
2a00:1450:4001:818::200e
2a00:1450:4001:81a::200a
2a00:1450:4001:81b::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:821::2008
2a00:1450:400c:c08::9c
2a00:1450:400c:c0a::9c
2a02:26f0:6c00:181::13b8
2a03:2880:f01a:5:face:b00c:0:1
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.216.168.165
52.218.245.91
54.172.174.181
051c571ef97a62fa640363cedf3c2082e1d8af3f31908197a05e2ec28dec8268
05d14d231ef929410654a59b5d0e92864967e656fa44591636eaa599b8341a21
06768ff08a78f24b60973b047561141c4413864fa2d3ac9292fb0b217a81f917
0766bae51ad92c90c0953c4faa614c7a94f9ae86a7d6ca3f1eee07f9ae21538e
07d6dbd2edacfd99535be0f4e5bc7f99121cd8508cc44893db909df80d69befb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12aa261bd1c47407c0410c6b09e8d853327f6e2828b3a1bca5da80f64d53075e
12c0bc0ed4f34ad6251de0db7eb2db8f52cb37191482f98c1e9ac8f78dcfbdac
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
288b4e291e42a38d457d7a24e3c0cff5bc36172668277c786b0eff6fae22443a
2a2bbeecdb34fa5edb4ea2110169ebb550b4a3ce88020a1f53405f3bad9a9d5e
2f22aaf2e8367b02152b442ef28df7084601e0ded40c7d8f7b6f24be66b326fb
33aae65326906ad14efb653e2be7a431e433c0f68b9c5d588358bb0f2ffefcb7
36c79136d49ce13d0e5795e6fc464bc1c5e90b7c4f9026fd92d8e7f3d61d49d4
3d948173ea73ac0abe1b3c344327ea8a913245a51367de8060e1f6b38222681c
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
435c46057c24e7d261f03144d98deb091fa291dd22297bb50b8951b7bac1d37e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48dda6258a9b16defc8d0fe8237725202004935d8b9df96be3205798b845e45c
501b9a87d9a52bb050ac7a2781498cdc706aa53eccb6578f6a40d00f86c20ec7
533635138feb9f518f363e95dfb3e4fa771ea9b5a926979abe0330dc6c351c91
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
55b772ddd4d6756e0edf1cd0a6f98eaf19fe9ea9ef1a8726e92a07cc070f856a
5ef32ffe7b00b9fd37d65504af7f78f91a85421829f3d336cd2ba6510a8aa38e
620ce0ea96beadd9bf3c515f6b32d51b1bde4b703d6ae2e3a2cf26258aade8ed
624e5fd7e028d0e936d1b5b6fdfbfafe1d5987b583d2cc96ff8ccbf921faae7e
6e1bb7cc671813a947a3c0f7198255aba1de55d804e668c3dec97d3322254bdc
73eff004931b828011651aa084bece51ef9e4d3758ded4e32757329ba70c2f45
77ca93b0ab9fa4aff82338a44f8a1b33ff70aabd22d526d4ec5f8d691fe1eea0
78bec4c3ddff4854bc9b30750eace47ed3aa6a13586882a3c23d810c0efbeb00
7c3eca218afc1869a365fac68fac54b1dd93d0531cc2abe49860d6e3db8983c6
7fe2a9be7173b35132c7a3374de949cc12b3739336bc02b5e9fab5a5e836c350
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8dc767a8d28462c838f97daf56727ca611ad361a4cee61f3ea53c2dc52a7f897
949d047d028ca6721066d7d7a73a553073f3a6629de61644659015de33d33a43
97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa
9e2a3141f224fcb47d4a6f58c23a91b2750de8ff3dec7e4f2813b8b2327c6336
9fa75064afd87a6bad2cc446b36b6faa40928d425bf24b4891cc58d21cb41f64
a461bc0e2191a115d19c8f33d1e41e9abcc851d1b7eaf9bff58bbc9ca6fc0fa1
a9ccd7448193615616cf3e35ac3537bc8b645171cf493a7303ddf57139a75320
b2b7c0d1ea7c554773993a02775bea6915e750cb7b4baf0841dad0f1870e95b7
b6a3b043d039df760f25104b4b502c11b554ab8238b8ec57c188cc7733fade92
bb68acb0fe88e04ef80b9309e31f4d187dc70c3c42446e62cb27b5ad7a083118
be37f8282da90163d8c4dc44c9429d2612e69d45576880ca08a4979df7fcd358
bff9f3fe8b86a381d48d31e81faf3151b4c1460d6366397dbeeea0ee6f2c7114
c2ca9f8386f6e6dfdd82035df98e5cfa506d90149789d63dddf6b0a1029acd4b
c8026b8be2c6eab9734f3aa22604b2dd1c83f43539a54931065d89e4a42a29de
c9700b1331c4ee58f74792ace407d6b5e113fd358cc6cb9bee8166a689691166
ccfdc3bea211def2f7c326bccbe8b96c3a809a3ab62eb8f25d79654f7a23a88e
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
da8f75ac4c94f9791185aac92c96eae012d66b7a5343e8b2c818bb238abe84c6
e3630447ceced70a539cc4bd32ad11e3adbe0efa7420c462b7f8855e364f9770
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e625917fd05a3eb846bc422196d357a21f6484a06cd71616f06872b6ddc4a87c
e7965580a4c9c649df4226b087363dd36058148d51f7f70d2bab12cf52c17296
e8ba554cee7e643609a98b5194ca64c8fa7e3cd788897d4131c58c7413f54727
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fa802705ee95c596e2ae8ecf3718bb8f566229a395efb83a77f7d56c46afc34c
fcce66314321d66ab77ad3728e162757d200a621fa43859ad5449512aaedc5e0