urlscan.io logo urlscan.io
SecurityTrails logo

changetheref.org Open in urlscan Pro
35.209.73.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://changetheref.org/
Effective URL: https://changetheref.org/
Submission: On July 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 27 HTTP transactions. The main IP is 35.209.73.190, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is changetheref.org.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 30th 2021. Valid for: a year.
This is the only time changetheref.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    35.209.73.190 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 190.73.209.35.bc.googleusercontent.com
changetheref.org
www.changetheref.org
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:20::681a:d57 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.juicer.io
1    108.138.7.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-20.fra56.r.cloudfront.net
cdn.linearicons.com
4    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Apex Domain
Subdomains		 Transfer
12 changetheref.org
changetheref.org
www.changetheref.org
1 MB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
4 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 677
syndication.twitter.com — Cisco Umbrella Rank: 869
133 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 gstatic.com
fonts.gstatic.com
91 KB
2 juicer.io
assets.juicer.io — Cisco Umbrella Rank: 17595
114 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
439 B
1 linearicons.com
cdn.linearicons.com — Cisco Umbrella Rank: 38005
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
40 KB
27 9
Domain Requested by
11 changetheref.org 2 redirects changetheref.org
4 fonts.googleapis.com changetheref.org
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
changetheref.org
2 platform.twitter.com changetheref.org
platform.twitter.com
2 fonts.gstatic.com fonts.googleapis.com
2 assets.juicer.io changetheref.org
1 syndication.twitter.com platform.twitter.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.changetheref.org changetheref.org
1 cdn.linearicons.com changetheref.org
1 www.googletagmanager.com changetheref.org
27 11
Subject Issuer Validity Valid
*.changetheref.org
AlphaSSL CA - SHA256 - G2		 2021-09-30 -
2022-11-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-17 -
2023-05-17		 a year crt.sh
cdn.linearicons.com
Amazon		 2022-01-21 -
2023-02-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://changetheref.org/
Frame ID: C01314674B8434C69DFD878D3C9BD679
Requests: 25 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fchangetheref.org
Frame ID: D0E3A928912E7004419EFE2706143588
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Gun Safety - Change the Ref Organization

Page URL History Show full URLs

  1. http://changetheref.org/ HTTP 301
    https://changetheref.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

96 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

1592 kB
Transfer

4422 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://changetheref.org/ HTTP 301
    https://changetheref.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://changetheref.org/wp-content/cache/autoptimize/css/autoptimize_1f5ffa28e049a107918f6a4f28ebded9.css HTTP 302
  • https://changetheref.org/wp-content/cache/autoptimize/css/autoptimize_fallback.css

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
changetheref.org/
Redirect Chain
  • http://changetheref.org/
  • https://changetheref.org/
38 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.73.190 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.73.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
41403c395dc53c7cb9ec025f6b81364ac7a9ec632b8e0bd8acb76511edafd7bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 11 Jul 2022 19:37:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://changetheref.org/wp-json/>; rel="https://api.w.org/", <https://changetheref.org/wp-json/wp/v2/pages/204>; rel="alternate"; type="application/json", <https://changetheref.org/>; rel=shortlink
referrer-policy
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-httpd
1
x-proxy-cache
HIT
x-tec-api-origin
https://changetheref.org
x-tec-api-root
https://changetheref.org/wp-json/tribe/events/v1/
x-tec-api-version
v1

Redirect headers

Connection
keep-alive
Content-Length
233
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 11 Jul 2022 19:37:25 GMT
Host-Header
6b7412fb82ca5edfd0917e3957f05d89
Location
https://changetheref.org/
Server
nginx
X-Proxy-Cache
MISS
X-Proxy-Cache-Info
0301 NC:000000 UP:
autoptimize_fallback.css
changetheref.org/wp-content/cache/autoptimize/css/
Redirect Chain
  • https://changetheref.org/wp-content/cache/autoptimize/css/autoptimize_1f5ffa28e049a107918f6a4f28ebded9.css
  • https://changetheref.org/wp-content/cache/autoptimize/css/autoptimize_fallback.css
1 MB
123 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://changetheref.org/wp-content/cache/autoptimize/css/autoptimize_fallback.css
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Server
35.209.73.190 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.73.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
edbab5e8cf7a22ffe6a91eb848f6835202644252226794077a7e06f53f779c65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:37:26 GMT
content-encoding
br
last-modified
Mon, 11 Jul 2022 19:37:01 GMT
server
nginx
etag
W/"62cc7bdd-104c5b"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 11 Jul 2023 19:37:26 GMT

Redirect headers

date
Mon, 11 Jul 2022 19:37:26 GMT
x-tec-api-origin
https://changetheref.org
x-redirect-by
WordPress
x-proxy-cache-info
0302 NC:000000 UP:SKIP_CACHE_NO_CACHE
x-cache-enabled
True
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-tec-api-root
https://changetheref.org/wp-json/tribe/events/v1/
x-tec-api-version
v1
referrer-policy
server
nginx
content-type
text/html; charset=UTF-8
location
/wp-content/cache/autoptimize/css/autoptimize_fallback.css
x-httpd
1
cache-control
no-cache, must-revalidate, max-age=0
link
<https://changetheref.org/wp-json/>; rel="https://api.w.org/"
x-proxy-cache
MISS
expires
Wed, 11 Jan 1984 05:00:00 GMT
js
www.googletagmanager.com/gtag/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-115329403-1
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5cab3f10c09569238f71d1ba0b780d5e867b34f09d8e09dc7d903f4e09daff2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:37:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40356
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:31:59 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Jul 2022 19:37:26 GMT
embed.css
assets.juicer.io/ 		88 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.juicer.io/embed.css?ver=6.0
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2921e0f7e573d0215da556bddd12ea978960e95845487d16952cc52f1cc6683

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
7293fe6249f390ac-FRA
date
Mon, 11 Jul 2022 19:37:26 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2022 11:01:14 GMT
server
cloudflare
age
3765
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNqPcyQ4HbR8LsEji4YXq3PbYFZddgJJulQuQGqPXu%2FZ%2BGU2Av%2FEey4ot%2BVNrO9lod5Q%2FX7WQ1S%2Bod0RmK%2F1Gapnq2DdfHmoJL%2FqpaCoxwT0kxadPiVI7XN03lj4m%2BTsh27TKdFhA3qwNsi02nk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
icon-font.min.css
cdn.linearicons.com/free/1.0.0/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.linearicons.com/free/1.0.0/icon-font.min.css?ver=6.0
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:28:01 GMT
content-encoding
gzip
age
4450963
x-cache
Hit from cloudfront
content-length
1672
access-control-allow-origin
*
last-modified
Wed, 27 May 2015 16:04:10 GMT
server
AmazonS3
etag
"0b704046d76bb4d3929be4f7f20472f5"
access-control-allow-methods
GET
content-type
text/css
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
cache-control
max-age=31000000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
x-edge-origin-shield-bytes
557
x-amz-cf-id
AM5dK5aK4215X6PeqgLI4hUnjgdlPWAincc4KxxGHYSiIeSzT4ZAKQ==
css
fonts.googleapis.com/ 		23 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C300%2C400%2C600%2C700%2C800&ver=6.0
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d04b8a2da34d3d02f01e37864968ef2dde04863e5e3c931cb6e6b7b767ef97e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:31:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Jul 2022 19:37:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Jul 2022 19:37:26 GMT
css
fonts.googleapis.com/ 		1 KB
503 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Great+Vibes&ver=6.0
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54f4cb12e20b501f97ad6d8c4b8cb467ec0301b1ad74e79b5bbb1c673ee0f96a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 17:42:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Jul 2022 19:37:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Jul 2022 19:37:26 GMT
css
fonts.googleapis.com/ 		16 KB
1000 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Abel%3A300%2C300italic%2C400%2C400italic%2C500%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%257C%2C900%2C900italic%7CArimo%3A300%2C300italic%2C400%2C400italic%2C500%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%257C%2C900%2C900italic&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f4b4f15169865853595062aa187ea151a6f435d01aa8d90acdbcdedd9d0979c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:37:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Jul 2022 19:37:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Jul 2022 19:37:26 GMT
autoptimize_single_44e31a75d3859ab0b912535097679ba4.css
changetheref.org/wp-content/cache/autoptimize/css/ 		102 B
291 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://changetheref.org/wp-content/cache/autoptimize/css/autoptimize_single_44e31a75d3859ab0b912535097679ba4.css?ver=6.9.0
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.73.190 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.73.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
dd7872de34b034ca02127151de5449a506775ed153721104917393370778a81c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:37:26 GMT
content-encoding
br
last-modified
Mon, 11 Jul 2022 19:37:00 GMT
server
nginx
etag
W/"62cc7bdc-66"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 11 Jul 2023 19:37:26 GMT
jquery.min.js
changetheref.org/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://changetheref.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.73.190 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.73.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:37:26 GMT
content-encoding
br
last-modified
Fri, 23 Jul 2021 23:04:39 GMT
server
nginx
etag
W/"60fb4b07-15db1"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 11 Jul 2023 19:37:26 GMT
embed-no-jquery.js
assets.juicer.io/ 		506 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.juicer.io/embed-no-jquery.js?ver=6.0
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741c9e406dc697884b05aa74517e58789661c2bfc52eb24e6df9d26bf2fe7123

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
7293fe6249f590ac-FRA
date
Mon, 11 Jul 2022 19:37:26 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2022 11:01:14 GMT
server
cloudflare
age
1842
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pG5Htn8j4c7hJ0%2FExmIvLMo4MgZO%2B8wm%2BDd7XzNH%2Bpq3nE2jUGvLcr6Jm5YmAwaobTiuJi86NjmtY%2BiyzY9j5UgQ6ns2z2kEUoFzZzOmwfyxEEDY4KfVl1uf%2F2rUrJJkIrr01iA3dR1l%2BiDXLEs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
site-logo-tiny-again.png
www.changetheref.org/wp-content/uploads/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.changetheref.org/wp-content/uploads/site-logo-tiny-again.png
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.73.190 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.73.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f26c65784109cc3f521c8928bc68e01b966aca4b782e13855d4ca79f1d38d423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:37:26 GMT
last-modified
Mon, 01 Oct 2018 03:55:51 GMT
server
nginx
etag
"5bb19ac7-7c0d"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
31757
expires
Tue, 11 Jul 2023 19:37:26 GMT
new-homepage-cropped.jpg
changetheref.org/wp-content/uploads/ 		302 KB
303 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://changetheref.org/wp-content/uploads/new-homepage-cropped.jpg
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.73.190 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.73.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b4c3f30abcbeaeb49f2e4e0b7a9ae1847695de8691bd4796c25b93e33e18c9fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:37:26 GMT
last-modified
Wed, 26 Jun 2019 15:58:16 GMT
server
nginx
etag
"5d139618-4b840"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
309312
expires
Tue, 11 Jul 2023 19:37:26 GMT
css
fonts.googleapis.com/ 		26 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&ver=6.9.0
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a4ed6192a5661e60f1dd77d79b4024b6315008210b15b6162835108e008c8866
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:26:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Jul 2022 19:37:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Jul 2022 19:37:26 GMT
autoptimize_7f0b0f09f6c3ca817bc6250ebadbfdd5.js
changetheref.org/wp-content/cache/autoptimize/js/ 		1 MB
328 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://changetheref.org/wp-content/cache/autoptimize/js/autoptimize_7f0b0f09f6c3ca817bc6250ebadbfdd5.js
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.73.190 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.73.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2cda0725fbc3bfa65d201293b0c7e2df211262984dbe6ff71060fa312ec8014f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:37:27 GMT
content-encoding
br
last-modified
Mon, 11 Jul 2022 19:37:00 GMT
server
nginx
etag
W/"62cc7bdc-12d360"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 11 Jul 2023 19:37:27 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115329403-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1890
date
Mon, 11 Jul 2022 19:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 11 Jul 2022 21:05:57 GMT
wp-emoji-release.min.js
changetheref.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://changetheref.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.73.190 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.73.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:37:27 GMT
content-encoding
br
last-modified
Fri, 27 May 2022 00:02:57 GMT
server
nginx
etag
W/"62901531-48b9"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 11 Jul 2023 19:37:27 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1594003318&t=pageview&_s=1&dl=https%3A%2F%2Fchangetheref.org%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Gun%20Safety%20-%20Change%20the%20Ref%20Organization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=470005243&gjid=200490642&cid=1458919176.1657568247&tid=UA-115329403-1&_gid=846603060.1657568247&_r=1&gtm=2ou760&did=dNDMyYj&gdid=dNDMyYj&z=2069506081
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://changetheref.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 19:37:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://changetheref.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1594003318&t=pageview&_s=2&dl=https%3A%2F%2Fchangetheref.org%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Gun%20Safety%20-%20Change%20the%20Ref%20Organization&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1458919176.1657568247&tid=UA-115329403-1&_gid=846603060.1657568247&gtm=2ou760&did=dNDMyYj&gdid=dNDMyYj&z=13350809
Requested by
Host: changetheref.org
URL: https://changetheref.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 08:33:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39850
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-115329403-1&cid=1458919176.1657568247&jid=470005243&gjid=200490642&_gid=846603060.1657568247&_u=YEBAAUAAAAAAAC~&z=294387213
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://changetheref.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 11 Jul 2022 19:37:27 GMT
content-type
text/plain
access-control-allow-origin
https://changetheref.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C300%2C400%2C600%2C700%2C800&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://changetheref.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:16:38 GMT
x-content-type-options
nosniff
age
26449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 12:16:38 GMT
fontello.woff
changetheref.org/wp-content/themes/candidate/font/ 		338 KB
339 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://changetheref.org/wp-content/themes/candidate/font/fontello.woff?51867504
Requested by
Host: changetheref.org
URL: https://changetheref.org/wp-content/cache/autoptimize/css/autoptimize_fallback.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.73.190 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.73.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f882bbfc87dfc4cc440c7d29d8321d0c19e338654b67571b48d5cee9bfdbf4e6

Request headers

Referer
https://changetheref.org/wp-content/cache/autoptimize/css/autoptimize_fallback.css
Origin
https://changetheref.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:37:27 GMT
last-modified
Tue, 26 Apr 2022 11:45:48 GMT
server
nginx
etag
"6267db6c-548b8"
x-proxy-cache-info
DT:1
content-type
font/woff
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
346296
expires
Tue, 11 Jul 2023 19:37:27 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v29/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C300%2C400%2C600%2C700%2C800&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://changetheref.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 10:35:09 GMT
x-content-type-options
nosniff
age
32538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47924
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 10:35:09 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: changetheref.org
URL: https://changetheref.org/wp-content/cache/autoptimize/js/autoptimize_7f0b0f09f6c3ca817bc6250ebadbfdd5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://changetheref.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:37:27 GMT
Content-Encoding
gzip
Age
824
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29459
x-tw-cdn
VZ
Last-Modified
Thu, 02 Jun 2022 18:12:37 GMT
Server
ECS (frb/67C0)
Etag
"5d21dece96ce474f5f1ac122cbdef6eb+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
the_grid.ttf
changetheref.org/wp-content/plugins/the-grid/frontend/assets/fonts/ 		33 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://changetheref.org/wp-content/plugins/the-grid/frontend/assets/fonts/the_grid.ttf
Requested by
Host: changetheref.org
URL: https://changetheref.org/wp-content/cache/autoptimize/css/autoptimize_fallback.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.73.190 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.73.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a90132d0c3ec0a1cd36bf50e490740d1562bd1c836573116c5dca932b25c9a52

Request headers

Referer
https://changetheref.org/wp-content/cache/autoptimize/css/autoptimize_fallback.css
Origin
https://changetheref.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:37:27 GMT
content-encoding
br
last-modified
Mon, 01 Oct 2018 03:26:59 GMT
server
nginx
etag
W/"5bb19403-8314"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/x-font-ttf
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 11 Jul 2023 19:37:27 GMT
widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html
platform.twitter.com/widgets/ Frame D0E3 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fchangetheref.org
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://changetheref.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
513780
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Jul 2022 19:37:27 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 02 Jun 2022 18:01:40 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67A7)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
settings
syndication.twitter.com/ Frame D0E3 		580 B
540 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=2c2047983dde0f9b3d15e88afe9e04b771a0bc5a
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fchangetheref.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time
106
date
Mon, 11 Jul 2022 19:37:27 GMT
content-encoding
gzip
last-modified
Mon, 11 Jul 2022 19:37:27 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
46012a4a4981b70403264116c45c2ddda3c9d3d0ac48b0858838bf1c2b802484
content-length
260

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| paththeme string| owner_email string| color_loader string| content_animation string| sticky_header string| added_text string| added_text2 object| google_tag_manager object| dataLayer string| em_version boolean| em_track_user string| em_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| ExactMetricsDualTracker object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag function| __gaTracker object| _wpemojiSettings undefined| $ function| jQuery undefined| _ undefined| Backbone function| EventEmitter object| eventie function| imagesLoaded function| strftime function| strftimeTZ function| strftimeUTC function| localizedStrftime function| jQueryBridget function| getWindowSize function| EvEmitter function| matchesSelector object| fizzyUIUtils function| Outlayer function| Packery function| _u object| JuicerBackbone object| Juicer object| JST object| Skim object| exactmetrics_frontend function| setREVStartSize object| RS_MODULES object| tribe_l10n_datatables object| ajaxVars object| tg_global_var object| vcData object| to_like_post object| gaplugins object| gaGlobal object| gaData function| ExactMetrics object| ExactMetricsObject object| $jscomp object| $jscomp$this function| PhotoBlocks function| qualifyURL function| jackboxFrameReady function| throttle function| debounce object| The_Grid object| tg_meta_data object| tg_custom_sorter undefined| tg_cmk undefined| tg_cma string| tg_debounce_resize string| tg_is_mobile function| anime function| getSize object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID boolean| _R_is_Editor object| html5 object| Modernizr function| yepnope function| Masonry function| Instafeed string| _old object| Jacked function| CJ function| CJcss function| CJpercentage function| CJspecial function| StackBlurImage function| createSetter function| createGetter number| vdata1657568247337 function| _V_ function| VideoJS function| getStyleProperty function| docReady function| TG_Layout object| classie function| TG_Slider function| tgInterval function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox number| jInterval object| twemoji object| wp object| __twttrll object| twttr object| __twttr

3 Cookies

Domain/Path Name / Value
.changetheref.org/ Name: _ga
Value: GA1.2.1458919176.1657568247
.changetheref.org/ Name: _gid
Value: GA1.2.846603060.1657568247
.changetheref.org/ Name: _gat_gtag_UA_115329403_1
Value: 1

1 Console Messages

Source Level URL
Text
rendering error
Message:
Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.juicer.io
cdn.linearicons.com
changetheref.org
fonts.googleapis.com
fonts.gstatic.com
platform.twitter.com
stats.g.doubleclick.net
syndication.twitter.com
www.changetheref.org
www.google-analytics.com
www.googletagmanager.com
104.244.42.200
108.138.7.20
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:d57
2a00:1450:4001:801::2008
2a00:1450:4001:811::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c08::9b
35.209.73.190
2cda0725fbc3bfa65d201293b0c7e2df211262984dbe6ff71060fa312ec8014f
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3
3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158
41403c395dc53c7cb9ec025f6b81364ac7a9ec632b8e0bd8acb76511edafd7bc
54f4cb12e20b501f97ad6d8c4b8cb467ec0301b1ad74e79b5bbb1c673ee0f96a
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5cab3f10c09569238f71d1ba0b780d5e867b34f09d8e09dc7d903f4e09daff2e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d04b8a2da34d3d02f01e37864968ef2dde04863e5e3c931cb6e6b7b767ef97e
741c9e406dc697884b05aa74517e58789661c2bfc52eb24e6df9d26bf2fe7123
7f4b4f15169865853595062aa187ea151a6f435d01aa8d90acdbcdedd9d0979c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4ed6192a5661e60f1dd77d79b4024b6315008210b15b6162835108e008c8866
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a90132d0c3ec0a1cd36bf50e490740d1562bd1c836573116c5dca932b25c9a52
b2921e0f7e573d0215da556bddd12ea978960e95845487d16952cc52f1cc6683
b4c3f30abcbeaeb49f2e4e0b7a9ae1847695de8691bd4796c25b93e33e18c9fe
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53
dd7872de34b034ca02127151de5449a506775ed153721104917393370778a81c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
edbab5e8cf7a22ffe6a91eb848f6835202644252226794077a7e06f53f779c65
f26c65784109cc3f521c8928bc68e01b966aca4b782e13855d4ca79f1d38d423
f882bbfc87dfc4cc440c7d29d8321d0c19e338654b67571b48d5cee9bfdbf4e6