www.change.org Open in urlscan Pro
104.17.88.51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://chng.it/s8CRkQ4X
Effective URL:
https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruite...
Submission: On February 07 via manual (February 7th 2024, 12:20:16 pm UTC) from BR — Scanned from IT

Summary HTTP 60 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 60 HTTP transactions. The main IP is 104.17.88.51, located in and belongs to CLOUDFLARENET, US. The main domain is www.change.org. The Cisco Umbrella rank of the primary domain is 63120.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 16th 2023. Valid for: a year.

This is the only time www.change.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.32.27.96 13.32.27.96	16509 (AMAZON-02) (AMAZON-02)
2 17	104.17.88.51 104.17.88.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	104.17.89.51 104.17.89.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.214.39 52.222.214.39	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	52.55.92.172 52.55.92.172	14618 (AMAZON-AES) (AMAZON-AES)
2	3.220.116.39 3.220.116.39	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c0a::54	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:883::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14d0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
60	12

1 13.32.27.96 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-96.fra56.r.cloudfront.net

chng.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.17.88.51 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.17.89.51 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-39.fra56.r.cloudfront.net

snippet.maze.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.55.92.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-92-172.compute-1.amazonaws.com

notifier-configs.airbrake.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.220.116.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-116-39.compute-1.amazonaws.com

prompts.maze.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:883::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14d0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

client.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-pxnslc0hv5.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	change.org 2 redirects www.change.org — Cisco Umbrella Rank: 63120 assets.change.org — Cisco Umbrella Rank: 73330 static.change.org — Cisco Umbrella Rank: 105361	1005 KB
4	gstatic.com fonts.gstatic.com	76 KB
4	maze.co snippet.maze.co — Cisco Umbrella Rank: 6756 prompts.maze.co — Cisco Umbrella Rank: 6862	9 KB
3	px-cloud.net client.px-cloud.net — Cisco Umbrella Rank: 4757 collector-pxnslc0hv5.px-cloud.net — Cisco Umbrella Rank: 116471	77 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 236	722 B
2	airbrake.io notifier-configs.airbrake.io — Cisco Umbrella Rank: 7507	492 B
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 824	201 KB
1	google.com accounts.google.com — Cisco Umbrella Rank: 23	80 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 600	19 KB
1	chng.it 1 redirects chng.it — Cisco Umbrella Rank: 247347	471 B
60	10

	Domain	Requested by
27	assets.change.org	www.change.org
15	www.change.org	2 redirects www.change.org assets.change.org
4	fonts.gstatic.com	www.change.org
2	static.change.org
2	collector-pxnslc0hv5.px-cloud.net	www.change.org
2	bam.nr-data.net	www.change.org
2	prompts.maze.co	www.change.org
2	notifier-configs.airbrake.io	www.change.org
2	snippet.maze.co	www.change.org
1	client.px-cloud.net	www.change.org
1	cdn.optimizely.com	www.change.org
1	accounts.google.com	www.change.org
1	js-agent.newrelic.com	www.change.org
1	chng.it	1 redirects
60	14

This site contains links to these domains. Also see Links.

Domain
help.change.org
guide.change.org
twitter.com
www.facebook.com
www.instagram.com
policies.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-14`	a year	crt.sh
*.maze.co Amazon RSA 2048 M02	`2023-04-06` - `2024-05-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.airbrake.io SSL.com RSA SSL subCA	`2023-10-11` - `2024-11-10`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
client.botchk.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2023-08-15` - `2024-09-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
Frame ID: 7A63C6ABABDCE40DD019457C4FA8C0B0
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Petizione · MOVIMENTO RIO LIVRE DE HELICÓPTEROS SEM LEI · Change.org

Page URL History Show full URLs

https://chng.it/s8CRkQ4X HTTP 301
http://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b... HTTP 301
https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b... HTTP 307
https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

60
Requests

100 %
HTTPS

31 %
IPv6

10
Domains

14
Subdomains

12
IPs

4
Countries

1465 kB
Transfer

4538 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://help.change.org/it_IT
Title: Aiuto

Search URL Search Domain Scan URL

URL: https://guide.change.org/home-italia
Title: Guide

Search URL Search Domain Scan URL

URL: https://twitter.com/ChangeItalia
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Change.orgItalia
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/change.org_italia
Title: Instagram

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Informativa sulla Privacy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Termini di servizio

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://chng.it/s8CRkQ4X HTTP 301
http://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f/exp/wa/washarecopy_37877693_pt-BR/2/1330324687?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505 HTTP 301
https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f/exp/wa/washarecopy_37877693_pt-BR/2/1330324687?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505 HTTP 307
https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f Show response
www.change.org/p/
Redirect Chain

https://chng.it/s8CRkQ4X
http://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f/exp/wa/washarecopy_37877693_pt-BR/2/1330324687?recruiter=1330324687&utm_source=share_pe...
https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f/exp/wa/washarecopy_37877693_pt-BR/2/1330324687?recruiter=1330324687&utm_source=share_p...
https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&ut...

182 KB
43 KB

618ms
618ms

Document
text/html

104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51811a231ee23bb1d44d09f6c3e09584fc05603ae1fd1a21ccf18ec989ed755

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: 'unsafe-inline' 'unsafe-eval' d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net .change.org change-production.s3.amazonaws.com change-public-stuff.s3.amazonaws.com .google.ca .googleadservices.com .youtube.com .doubleclick.net .google.com .googleapis.com .googletagmanager.com .google-analytics.com .gstatic.com .recaptcha.net .ytimg.com .facebook.com .facebook.net .fbcdn.net fbrpc:// fb-messenger://* .twitter.com .twimg.com .ads-twitter.com ajax.cdnjs.com cdnjs.cloudflare.com service.force.com .salesforceliveagent.com .braintreegateway.com .paypalobjects.com .paypal.com .braintree-api.com .stripe.com .dlocal.com .optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com px-cdn.net .px-cdn.net .px-client.net .px-cloud.net pxchk.net .pxchk.net p2a.co .profitwell.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net .messagebird.com secure.everyaction.com d3rse9xjbp8270.cloudfront.net .ngpvan.com js2.verygoodvault.com .cloudflarestream.com code.jquery.com cdn.embedly.com player.vimeo.com bat.bing.com soundcloud.com .soundcloud.com www.instagram.com www.flickr.com .staticflickr.com .voteamerica.com .jotform.com actionnetwork.org .airbrake.io browser-update.org .tiktok.com .bannerbear.com us-central1-niftic-agency.cloudfunctions.net/openai/generate-draft .maze.co cdn.iframe.ly change.my.salesforce.com help.change.org; font-src 'self' data: .change.org d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net fonts.gstatic.com d3rse9xjbp8270.cloudfront.net; img-src * blob: data:; form-action 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 851b95d4ef430d68-MXP
content-encoding: gzip
content-security-policy: default-src 'self' blob: 'unsafe-inline' 'unsafe-eval' d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net *.change.org change-production.s3.amazonaws.com change-public-stuff.s3.amazonaws.com *.google.ca *.googleadservices.com *.youtube.com *.doubleclick.net *.google.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.recaptcha.net *.ytimg.com *.facebook.com *.facebook.net *.fbcdn.net fbrpc://* fb-messenger://* *.twitter.com *.twimg.com *.ads-twitter.com ajax.cdnjs.com cdnjs.cloudflare.com service.force.com *.salesforceliveagent.com *.braintreegateway.com *.paypalobjects.com *.paypal.com *.braintree-api.com *.stripe.com *.dlocal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com px-cdn.net *.px-cdn.net *.px-client.net *.px-cloud.net pxchk.net *.pxchk.net p2a.co *.profitwell.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.messagebird.com secure.everyaction.com d3rse9xjbp8270.cloudfront.net *.ngpvan.com js2.verygoodvault.com *.cloudflarestream.com code.jquery.com cdn.embedly.com player.vimeo.com bat.bing.com soundcloud.com *.soundcloud.com www.instagram.com www.flickr.com *.staticflickr.com *.voteamerica.com *.jotform.com actionnetwork.org *.airbrake.io browser-update.org *.tiktok.com *.bannerbear.com us-central1-niftic-agency.cloudfunctions.net/openai/generate-draft *.maze.co cdn.iframe.ly change.my.salesforce.com help.change.org; font-src 'self' data: *.change.org d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net fonts.gstatic.com d3rse9xjbp8270.cloudfront.net; img-src * blob: data:; form-action 'self'; frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 12:20:09 GMT
etag: W/"2d8c2-4FdZGD+PA6MF2J9uRvLxJF7FqX8"
permissions-policy: browsing-topics=()
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-change-cache: MISS
x-change-render-mode: SSR
x-content-type-options: nosniff
x-frame-options: sameorigin
x-request-id: 7nHBFKGJ6tnL9zp6zDhh9

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 851b95cf7bf50d68-MXP
content-length: 673
content-security-policy: default-src 'self' blob: 'unsafe-inline' 'unsafe-eval' d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net *.change.org change-production.s3.amazonaws.com change-public-stuff.s3.amazonaws.com *.google.ca *.googleadservices.com *.youtube.com *.doubleclick.net *.google.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.recaptcha.net *.ytimg.com *.facebook.com *.facebook.net *.fbcdn.net fbrpc://* fb-messenger://* *.twitter.com *.twimg.com *.ads-twitter.com ajax.cdnjs.com cdnjs.cloudflare.com service.force.com *.salesforceliveagent.com *.braintreegateway.com *.paypalobjects.com *.paypal.com *.braintree-api.com *.stripe.com *.dlocal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com px-cdn.net *.px-cdn.net *.px-client.net *.px-cloud.net pxchk.net *.pxchk.net p2a.co *.profitwell.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.messagebird.com secure.everyaction.com d3rse9xjbp8270.cloudfront.net *.ngpvan.com js2.verygoodvault.com *.cloudflarestream.com code.jquery.com cdn.embedly.com player.vimeo.com bat.bing.com soundcloud.com *.soundcloud.com www.instagram.com www.flickr.com *.staticflickr.com *.voteamerica.com *.jotform.com actionnetwork.org *.airbrake.io browser-update.org *.tiktok.com *.bannerbear.com us-central1-niftic-agency.cloudfunctions.net/openai/generate-draft *.maze.co cdn.iframe.ly change.my.salesforce.com help.change.org; font-src 'self' data: *.change.org d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net fonts.gstatic.com d3rse9xjbp8270.cloudfront.net; img-src * blob: data:; form-action 'self'; frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 12:20:09 GMT
location: /p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
permissions-policy: browsing-topics=()
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept
x-content-type-options: nosniff
x-frame-options: sameorigin
x-request-id: 9kP867KgBrBCzzzCPzmkh

GET
H2 200 ErLuLlOvtdQZtDn-800x450-noPad.jpg
assets.change.org/photos/3/lu/ll/ 24 KB
25 KB 147ms
80ms Image
image/webp 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/3/lu/ll/ErLuLlOvtdQZtDn-800x450-noPad.jpg?1707254037

Requested by

Host: www.change.org
URL: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16eb0216c1843dcd7d1579d8f9983ce0824e79d3a0a991ec9fb6df3128aae41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5021
cf-polished: qual=85, origFmt=jpeg, origSize=34553
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="ErLuLlOvtdQZtDn-800x450-noPad.webp"
content-length: 25004
cf-bgj: imgq:85,h2pri
last-modified: Tue, 06 Feb 2024 21:13:58 GMT
server: cloudflare
etag: "cd2640f62541fedb809318b4d790f816"
vary: Accept
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 851b95d97e5d5264-MXP
expires: Wed, 14 Feb 2024 12:20:09 GMT

GET
H2 200 maze-universal-loader.js Show response
snippet.maze.co/ 2 KB
1 KB 115ms
29ms Script
text/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.maze.co/maze-universal-loader.js?t=1707308409926&apiKey=8963a461-ada8-4ace-b48d-b6916798054d
Requested by: Host: www.change.org
URL: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b93ccb52dc2c07cdfc4875fcf5c92fc9f4645fa7302e501c944ce2fdf3852638

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: U4I_VnMhD_c5JGC3VjR_jk3Ew4NH.3Xr
content-encoding: gzip
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
date: Wed, 07 Feb 2024 12:16:30 GMT
last-modified: Thu, 01 Feb 2024 17:26:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 221
x-amz-server-side-encryption: AES256
etag: W/"3f2bab1c90ad93b0ab99f551c748e6fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=43200
x-amz-cf-id: zxm-2m119Rja8RmLCOk18gGxrA1OgOHXRX-rsLV5OCuksh92gqfgIQ==

GET
H2 200 EaYWGrXOGiZkEZP-48x48-noPad.jpg
assets.change.org/photos/6/yw/gr/ 1 KB
2 KB 1112ms
1112ms Image
image/jpeg 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/6/yw/gr/EaYWGrXOGiZkEZP-48x48-noPad.jpg?1707254288

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72343663a4191ecd520dfbaa14f514dcc81e062c2cee4d7a7fb18dd8c6542d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 21:18:09 GMT
server: cloudflare
etag: "02cdbe5d4150b3e4ec9a0cdc13494bd2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 851b95da1f8a5264-MXP
content-length: 1394
expires: Wed, 14 Feb 2024 12:20:10 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 122ms
62ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:07:13 GMT
x-content-type-options: nosniff
age: 97977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12852
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 09:07:13 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v27/ 12 KB
13 KB 114ms
55ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:50:17 GMT
x-content-type-options: nosniff
age: 62993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12688
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:50:17 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5DRASf6M7VBj.woff2
fonts.gstatic.com/s/notosans/v27/ 45 KB
45 KB 82ms
27ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5DRASf6M7VBj.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eec366449f5086374781ac01be546c3216d7a57453775ce4c33fec89488faa01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:34:17 GMT
x-content-type-options: nosniff
age: 153953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45752
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 17:34:17 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr4TRASf6M7VBj.woff2
fonts.gstatic.com/s/notosans/v27/ 6 KB
6 KB 123ms
68ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr4TRASf6M7VBj.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69b71359de5ac53eb55c188d3b02ed8a75db3d671fe89d4151fa3129a2640c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:47:46 GMT
x-content-type-options: nosniff
age: 63144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6044
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:47:46 GMT

GET
H2 200 contextualScaffold.js Show response
snippet.maze.co/static/4d1f9d8/ 20 KB
7 KB 30ms
30ms Script
text/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.maze.co/static/4d1f9d8/contextualScaffold.js
Requested by: Host: www.change.org
URL: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bfa1d20737e0db09c51366930bcbb51c0e9fe5ac00f24c27211fd0069fdb87c0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: QJ6tsD6LPVKzmembr.8jqTvCFzspg6As
content-encoding: gzip
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
date: Wed, 07 Feb 2024 12:11:44 GMT
last-modified: Thu, 01 Feb 2024 17:26:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 507
x-amz-server-side-encryption: AES256
etag: W/"0b6bfd65e0967c6644cdd46295b203ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000, immutable
x-amz-cf-id: tJl4X5vqMu7pM7xpn1XTigWBjkaLTHuiW2SnFN_cJ_obgGVG-1ujuQ==

GET
H2 200 runtime.dc65fe25234ccdd3c624.js Show response
assets.change.org/corgi/assets/js/c799145/ 43 KB
24 KB 85ms
46ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/runtime.dc65fe25234ccdd3c624.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7d00ef8a41cfe96a24b94f6ffabbb67c58552876ad35d04228ecf0cd118e031

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:34 GMT
server: cloudflare
etag: W/"04283efb862ee8ab8a183eaf7c108d14"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db7a1a5250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 design-system.74ed6f1add9d07f80fc2.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/change/ 113 KB
34 KB 108ms
70ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/change/design-system.74ed6f1add9d07f80fc2.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c24e1358e033a3449d2c2a9443b70891c7ef32391672e4a2e8a7f4417fbbfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:34 GMT
server: cloudflare
etag: W/"6291480e4935ca65ab43f18e57d75bdd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db9a635250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 core.5ef397784316624c7a9b.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/change/ 87 KB
28 KB 95ms
56ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/change/core.5ef397784316624c7a9b.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2cb5ebd46544a9df6306e17ed3e805d06e49e631c7778825b4c10a9af3f8df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:34 GMT
server: cloudflare
etag: W/"763c0f5ec5c9fad1fbdaf254e08d4c95"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db9a575250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 misc.580354e7e589a90f7442.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/ 884 KB
269 KB 110ms
72ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/misc.580354e7e589a90f7442.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db27ef7b81d62c6610a86d9829a51987bda579aab06a79889055dc44ac651ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:35 GMT
server: cloudflare
etag: W/"bd7e5625de72d203dec24e22a19aca91"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db9a5a5250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 components.b75d16dfa0f24199001e.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/change/ 139 KB
34 KB 132ms
94ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/change/components.b75d16dfa0f24199001e.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5313700ce93482f1312e8e5a6dfe4adcc70b867d85da89bb2c0cf4b6670868e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:34 GMT
server: cloudflare
etag: W/"3732ac0bb338debab2d5fad3ed393838"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db9a585250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 react.a84f8feb779a788b82cc.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/ 205 KB
68 KB 109ms
71ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/react.a84f8feb779a788b82cc.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d3e746c7318619e614f30c8952a7bd4f2cf16ab4f2e283d30cc045c38df6276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:35 GMT
server: cloudflare
etag: W/"c2e89919884826a452962d6794235544"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db9a5f5250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 config.477ff00c0b57feb0e6dd.js Show response
assets.change.org/corgi/assets/js/c799145/ 19 KB
6 KB 110ms
71ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/config.477ff00c0b57feb0e6dd.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785fa7bca0334ef47df0919c0c56b10acf5713323b6df8cff79ecb5ce8c349c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:32 GMT
server: cloudflare
etag: W/"d49317c0f2248b1579172542a8527e6d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db9a625250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 config.2b1d7d445f1809e0baee.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/change/ 178 KB
32 KB 109ms
71ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/change/config.2b1d7d445f1809e0baee.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a3746234b6dfd850368e1fd08c34555fb494ad85159e0230f4efeb85bb03727

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:34 GMT
server: cloudflare
etag: W/"331b1cc01dee53a15977a7688799ec2a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db9a5d5250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 runtime.a56fd8271ef59a5da97c.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/ 3 KB
1 KB 95ms
56ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/runtime.a56fd8271ef59a5da97c.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd3dd674f63c84c3d61c5d1ecb8613d7f8385affe4f206752b4e9bca301e6e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:35 GMT
server: cloudflare
etag: W/"17b0a184a18fc13a57a12d0d8565dbec"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db9a5e5250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 html-parser.61b45dda825b5c4e8a3e.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/ 164 KB
69 KB 112ms
74ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/html-parser.61b45dda825b5c4e8a3e.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b0a41decd23b867b0aec0bbc07279026c88f4c8f8a7d477fe2bafd15b44b744

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 416
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:34 GMT
server: cloudflare
etag: W/"45496653dfda2482d77ef60eea3752cc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db9a665250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 design-system.c664820350bd04d7d8e9.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/ 83 KB
29 KB 94ms
55ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/design-system.c664820350bd04d7d8e9.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

635d9d9adb15facd73f68e1ad30fdb361006c9e37a2c8e51fc13b522634a24dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:34 GMT
server: cloudflare
etag: W/"494c148ce1fd4309327da71c655e6ba0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db7a215250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 webapp-info.6a02b8fbbced36c8e99f.js Show response
assets.change.org/corgi/assets/js/c799145/ 389 B
521 B 109ms
71ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/webapp-info.6a02b8fbbced36c8e99f.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

842b7580f13ffdf10f0c24a5cee79fb392319334eb644eaf361e214c0c6472a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:35 GMT
server: cloudflare
etag: W/"92ee54bf22b088b847484d475a119459"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db9a615250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 shared.cca73130b8808e4525a0.js Show response
assets.change.org/corgi/assets/js/c799145/ 330 KB
84 KB 125ms
87ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/shared.cca73130b8808e4525a0.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90dcb75b7c8f1fc7b7406669f14774ad49a7e568fe4a7ee77966d2cf527ef370

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:34 GMT
server: cloudflare
etag: W/"a00b9a9134407ea9715e73e07c7efa13"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db9a595250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 main.935b8524be656b636954.js Show response
assets.change.org/corgi/assets/js/c799145/ 69 KB
24 KB 108ms
70ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/main.935b8524be656b636954.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2ed5987546c12ebf650215a5626a27e312d9853f98a99f2b90a14a5d370c715

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 416
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:32 GMT
server: cloudflare
etag: W/"34f257adae9ad3772ffc933531300593"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db9a655250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 petition.2f225d7b7e5b15c4866f.js Show response
assets.change.org/corgi/assets/js/c799145/pages/ 9 KB
4 KB 77ms
39ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/pages/petition.2f225d7b7e5b15c4866f.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a6df27d584308330f703ac17ae1dd7930992c7188d3a01939e8c1585189b99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:33 GMT
server: cloudflare
etag: W/"26215cd1d0cd9b215fdfe438ec86b848"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db7a1f5250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 form.fb4b01f6ed843578fadb.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/ 24 KB
8 KB 109ms
71ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/form.fb4b01f6ed843578fadb.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1c3e66b58836a01e0a5c24848b97dd5a927d6adafb7cc37e6ad15f927b8d20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:35 GMT
server: cloudflare
etag: W/"cee0a92827b721a768eb63277ddaa49e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db9a545250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 googlemaps.05c10491d4cd957494a6.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/ 6 KB
3 KB 82ms
44ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/googlemaps.05c10491d4cd957494a6.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc9f1001f58ac5e1df03c3f9b5d75f8980f85b6a26e5d0b674c64a721c8ada0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:35 GMT
server: cloudflare
etag: W/"9f3fb265548c2552d3f7ca47a6eb4e4e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db7a205250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 react-qrcode-logo.42e9c2f78deaab87f19e.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/ 25 KB
10 KB 78ms
40ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/react-qrcode-logo.42e9c2f78deaab87f19e.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77b5ed39cca19756f75520d8dedd3ec8896ff9406689218cba733c3bb49caf15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:35 GMT
server: cloudflare
etag: W/"f39312159c7c1ab72aacee96413da392"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db7a1b5250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 decision-makers.8de882eb1cd94ade4954.js Show response
assets.change.org/corgi/assets/js/c799145/shared/ 16 KB
4 KB 92ms
55ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/shared/decision-makers.8de882eb1cd94ade4954.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c6e2c4b20f8ef70ecd442473ff85d29898cc1ba40eed138a8cdf2201e07cd18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:34 GMT
server: cloudflare
etag: W/"7023a8299cf3e3e90f21e3101d1297f1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db7a255250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 membership.799c04c7710371442287.js Show response
assets.change.org/corgi/assets/js/c799145/shared/ 10 KB
4 KB 82ms
45ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/shared/membership.799c04c7710371442287.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78c1d4735479f31625011bfd0283296cde39fb8253557e0e19ae5fc8ae4e04e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 415
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:34 GMT
server: cloudflare
etag: W/"d39efe051c8936e77b82236a7c1a3d63"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db7a285250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

GET
H2 200 petition_details.5a486a09193e634fa4e1.js Show response
assets.change.org/corgi/assets/js/c799145/pages/ 130 KB
35 KB 75ms
38ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/pages/petition_details.5a486a09193e634fa4e1.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d06ffeb5e4bb14cac0562ac19a381cbf77c429d2c64b1e7ddfbe1f1c90b1717

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 416
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:33 GMT
server: cloudflare
etag: W/"fe9dc000a2b8460ae7432bc51bf34d49"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95db7a235250-MXP
expires: Thu, 06 Feb 2025 12:20:10 GMT

POST
H2 200 session Show response
www.change.org/api-proxy/graphql/ 1 KB
849 B 849ms
848ms Fetch
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/graphql/session?utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&lang=it-IT&country_code=IT&referrer=&op=FeCoreSession

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db71e199f0634fb4c1f89b3fb494e49f905ddba7c15fa3dc5e9a8782d8b60a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

tracestate: 839@nr=0-1-839-793665896-db8cced9d80749e3----1707308410344
traceparent: 00-dc40696acc7faf5d40bf9798fba1e468-db8cced9d80749e3-01
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjgzOSIsImFwIjoiNzkzNjY1ODk2IiwiaWQiOiJkYjhjY2VkOWQ4MDc0OWUzIiwidHIiOiJkYzQwNjk2YWNjN2ZhZjVkNDBiZjk3OThmYmExZTQ2OCIsInRpIjoxNzA3MzA4NDEwMzQ0fX0=
content-type: application/json
accept: application/json
Referer: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
x-requested-with: http-link

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
etag: W/"407-eUAwZigWEpdxJ8jg0kBFXR9O9Ko"
content-type: application/json; charset=utf-8
x-graphql: true
cache-control: no-store
cf-ray: 851b95dcbf110d68-MXP
x-request-id: ddfe0f67-cc58-4a6f-9601-2224ef362990

OPTIONS
H2 204 config.json
notifier-configs.airbrake.io/2020-06-18/config/257900/ 0
0 392ms
125ms Preflight 52.55.92.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifier-configs.airbrake.io/2020-06-18/config/257900/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.8&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.139%20Safari%2F537.36&language=JavaScript
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.92.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-92-172.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://www.change.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
allow: OPTIONS, GET
date: Wed, 07 Feb 2024 12:20:10 GMT

GET
H2 200 config.json Show response
notifier-configs.airbrake.io/2020-06-18/config/257900/ 222 B
492 B 126ms
126ms XHR
application/json 52.55.92.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://notifier-configs.airbrake.io/2020-06-18/config/257900/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.8&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.139%20Safari%2F537.36&language=JavaScript
Requested by: Host: www.change.org
URL: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.92.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-92-172.compute-1.amazonaws.com
Software: /
Resource Hash: 6ebd1c8a6d409c68947941abf07b7598ee13cd12af97a3b2fa3da4a8a5afcf60

Request headers

accept: application/json
cache-control: no-cache,no-store
Referer: https://www.change.org/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 12:20:10 GMT
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 222
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=UTF-8

OPTIONS
H2 204 widgets
prompts.maze.co/api/ 0
0 393ms
125ms Preflight 3.220.116.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prompts.maze.co/api/widgets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.116.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-116-39.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key,x-maze-correlation-id,x-maze-snippet-src
Access-Control-Request-Method: POST
Origin: https://www.change.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-api-key,x-maze-correlation-id,x-maze-snippet-src
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 600
date: Wed, 07 Feb 2024 12:20:11 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
19 KB 54ms
19ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1216.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: MElzWumrf8lREc3kORDlSWHVtEZAK4m8
content-encoding: br
via: 1.1 varnish
date: Wed, 07 Feb 2024 12:20:11 GMT
strict-transport-security: max-age=300
x-amz-request-id: 6X4HHVSWGGFM71AQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 19141
x-amz-id-2: Zaal58rfNYSaeoaGZKS1ySfwzNAipJ0f169gCde1XPrTS7erpCdJT0IW2qn1kBtgSgLwTTuoqxM=
x-served-by: cache-mxp6943-MXP
last-modified: Wed, 18 Oct 2023 21:31:16 GMT
server: AmazonS3
x-timer: S1707308411.088267,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 158401

POST
H2 200 widgets Show response
prompts.maze.co/api/ 2 B
156 B 131ms
131ms Fetch
application/json 3.220.116.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prompts.maze.co/api/widgets
Requested by: Host: www.change.org
URL: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.116.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-116-39.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

x-maze-snippet-src: contextual-widget
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
x-maze-correlation-id: 1707308410081-4548.167499488405
Content-Type: application/json
Accept: application/json
Referer: https://www.change.org/
x-api-key: 8963a461-ada8-4ace-b48d-b6916798054d

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 12:20:11 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
content-type: application/json; charset=utf-8

GET
H/1.1 200 a0fbd2be65 Show response
bam.nr-data.net/1/ 56 B
394 B 177ms
133ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/a0fbd2be65?a=793665896&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=3452&ck=0&ref=https://www.change.org/p/movimento-rio-livre-de-helic%25C3%25B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f&be=2275&fe=3392&dc=2457&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1707308407653,%22n%22:0,%22f%22:1446,%22dn%22:1446,%22dne%22:1446,%22c%22:1446,%22ce%22:1446,%22rq%22:1447,%22rp%22:2065,%22rpe%22:2454,%22dl%22:2068,%22di%22:2457,%22ds%22:2457,%22de%22:2457,%22dc%22:3391,%22l%22:3391,%22le%22:3393%7D,%22navigation%22:%7B%7D%7D&fp=2301&fcp=2301&ja=%7B%22appVersion%22:%223.1550.0%22,%22appVersionNormalized%22:%220003.1550.0000%22,%22locale%22:%22it-IT%22%7D&jsonp=NREUM.setToken
Requested by: Host: www.change.org
URL: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 56
x-served-by: cache-mxp6921-MXP

GET
H2 200 client Show response
accounts.google.com/gsi/ 206 KB
80 KB 136ms
66ms Script
application/javascript 2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2b40eb68b27729015148b5fa585694014c30fb4a2381c8ff8f34c4f0e37a525

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-w_pVS664zQ7oeaX8fZCwmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-w_pVS664zQ7oeaX8fZCwmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 07 Feb 2024 12:20:11 GMT

GET
H2 200 it-IT.json Show response
www.change.org/corgi/i18n/ 153 KB
42 KB 44ms
44ms Fetch
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/corgi/i18n/it-IT.json?cb=1&hash=0723dc3ad2d9b581fd0afa42082bd90789e2536c1146c7d684e822795b8b4689-07e64d10de3a350c98d0de5b3effaec674636c1fd3d09bb5c88578ff99aeda68

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afbf42da98ef5c28a8d8620c6bb90f68717d8e72b43ad2f755d72b203b903395

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: 'unsafe-inline' 'unsafe-eval' d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net .change.org change-production.s3.amazonaws.com change-public-stuff.s3.amazonaws.com .google.ca .googleadservices.com .youtube.com .doubleclick.net .google.com .googleapis.com .googletagmanager.com .google-analytics.com .gstatic.com .recaptcha.net .ytimg.com .facebook.com .facebook.net .fbcdn.net fbrpc:// fb-messenger://* .twitter.com .twimg.com .ads-twitter.com ajax.cdnjs.com cdnjs.cloudflare.com service.force.com .salesforceliveagent.com .braintreegateway.com .paypalobjects.com .paypal.com .braintree-api.com .stripe.com .dlocal.com .optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com px-cdn.net .px-cdn.net .px-client.net .px-cloud.net pxchk.net .pxchk.net p2a.co .profitwell.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net .messagebird.com secure.everyaction.com d3rse9xjbp8270.cloudfront.net .ngpvan.com js2.verygoodvault.com .cloudflarestream.com code.jquery.com cdn.embedly.com player.vimeo.com bat.bing.com soundcloud.com .soundcloud.com www.instagram.com www.flickr.com .staticflickr.com .voteamerica.com .jotform.com actionnetwork.org .airbrake.io browser-update.org .tiktok.com .bannerbear.com us-central1-niftic-agency.cloudfunctions.net/openai/generate-draft .maze.co cdn.iframe.ly change.my.salesforce.com help.change.org; font-src 'self' data: .change.org d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net fonts.gstatic.com d3rse9xjbp8270.cloudfront.net; img-src * blob: data:; form-action 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
tracestate: 839@nr=0-1-839-793665896-046dc6df31978d68----1707308411199
traceparent: 00-0b026b5958fde41466d9133b675da10e-046dc6df31978d68-01
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjgzOSIsImFwIjoiNzkzNjY1ODk2IiwiaWQiOiIwNDZkYzZkZjMxOTc4ZDY4IiwidHIiOiIwYjAyNmI1OTU4ZmRlNDE0NjZkOTEzM2I2NzVkYTEwZSIsInRpIjoxNzA3MzA4NDExMTk5fX0=

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
content-security-policy: default-src 'self' blob: 'unsafe-inline' 'unsafe-eval' d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net *.change.org change-production.s3.amazonaws.com change-public-stuff.s3.amazonaws.com *.google.ca *.googleadservices.com *.youtube.com *.doubleclick.net *.google.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.recaptcha.net *.ytimg.com *.facebook.com *.facebook.net *.fbcdn.net fbrpc://* fb-messenger://* *.twitter.com *.twimg.com *.ads-twitter.com ajax.cdnjs.com cdnjs.cloudflare.com service.force.com *.salesforceliveagent.com *.braintreegateway.com *.paypalobjects.com *.paypal.com *.braintree-api.com *.stripe.com *.dlocal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com px-cdn.net *.px-cdn.net *.px-client.net *.px-cloud.net pxchk.net *.pxchk.net p2a.co *.profitwell.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.messagebird.com secure.everyaction.com d3rse9xjbp8270.cloudfront.net *.ngpvan.com js2.verygoodvault.com *.cloudflarestream.com code.jquery.com cdn.embedly.com player.vimeo.com bat.bing.com soundcloud.com *.soundcloud.com www.instagram.com www.flickr.com *.staticflickr.com *.voteamerica.com *.jotform.com actionnetwork.org *.airbrake.io browser-update.org *.tiktok.com *.bannerbear.com us-central1-niftic-agency.cloudfunctions.net/openai/generate-draft *.maze.co cdn.iframe.ly change.my.salesforce.com help.change.org; font-src 'self' data: *.change.org d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net fonts.gstatic.com d3rse9xjbp8270.cloudfront.net; img-src * blob: data:; form-action 'self'; frame-ancestors 'self'
content-encoding: gzip
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
age: 21134
server: cloudflare
etag: W/"26273-PLRdjnfDEkQMSshSN2W+paSm09I"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=54000
permissions-policy: browsing-topics=()
cf-ray: 851b95e2098b0d68-MXP

GET
H2 200 it-IT-js.ae3f3a11b40940154f38.js Show response
assets.change.org/corgi/assets/js/c799145/i18n/countries/locale/ 8 KB
3 KB 34ms
34ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/i18n/countries/locale/it-IT-js.ae3f3a11b40940154f38.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4839923f545068d08d130581c8ae6e09ea3dead69cd4745f248e61fd3b944dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 410
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:32 GMT
server: cloudflare
etag: W/"e1d04ddfb848ebe310f343cedaf5aa5c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95e20f795250-MXP
expires: Thu, 06 Feb 2025 12:20:11 GMT

GET
H2 200 csrf-token
www.change.org/api-proxy/-/ 0
0 236ms
236ms Fetch 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/csrf-token?cb=1707308411208

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
tracestate: 839@nr=0-1-839-793665896-a720289dff613664----1707308411208
traceparent: 00-cf75ca938698cc27fa9f1b1254d495c9-a720289dff613664-01
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjgzOSIsImFwIjoiNzkzNjY1ODk2IiwiaWQiOiJhNzIwMjg5ZGZmNjEzNjY0IiwidHIiOiJjZjc1Y2E5Mzg2OThjYzI3ZmE5ZjFiMTI1NGQ0OTVjOSIsInRpIjoxNzA3MzA4NDExMjA4fX0=

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
x-csrf-token: e2c84711ddff2aee81b243a0f81dfb12
last-modified: Wed, 07 Feb 2024 12:20:11 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
accept-ranges: bytes
cf-ray: 851b95e219a60d68-MXP
content-length: 0
x-request-id: 7b90cfc4-a7ee-49a6-b722-eebfc46e779f

POST
H2 200 graphql Show response
www.change.org/api-proxy/ 1 KB
576 B 250ms
250ms Fetch
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/graphql?op=FeCoreFeatureConfigs

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b99465b623cb5b1e38c389d94812f119d078a4e12cc6d56bad62ff8d0dc9ea45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

tracestate: 839@nr=0-1-839-793665896-944b4fd54f4508f6----1707308411210
traceparent: 00-71b9ed15f1269a6aa725a296a4a593d4-944b4fd54f4508f6-01
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjgzOSIsImFwIjoiNzkzNjY1ODk2IiwiaWQiOiI5NDRiNGZkNTRmNDUwOGY2IiwidHIiOiI3MWI5ZWQxNWYxMjY5YTZhYTcyNWEyOTZhNGE1OTNkNCIsInRpIjoxNzA3MzA4NDExMjEwfX0=
content-type: application/json
accept: application/json
Referer: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
x-requested-with: http-link

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
etag: W/"41b-svMNVzspoKtmdL/mGM6sepqRSw0"
content-type: application/json; charset=utf-8
x-graphql: true
cache-control: no-store
cf-ray: 851b95e219aa0d68-MXP
x-request-id: da3deec1-1172-4c09-82aa-54cdc586a88f

POST
H2 200 graphql Show response
www.change.org/api-proxy/ 112 B
232 B 271ms
271ms Fetch
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/graphql?op=MediaHits

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5471222b24178df36b9ea924873e3503a29802a08010c3f254e00dacd321add

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

tracestate: 839@nr=0-1-839-793665896-d78ce5a2eba48cd3----1707308411538
traceparent: 00-6ed2d9f77adf322a19f6632971f32eaa-d78ce5a2eba48cd3-01
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjgzOSIsImFwIjoiNzkzNjY1ODk2IiwiaWQiOiJkNzhjZTVhMmViYTQ4Y2QzIiwidHIiOiI2ZWQyZDlmNzdhZGYzMjJhMTlmNjYzMjk3MWYzMmVhYSIsInRpIjoxNzA3MzA4NDExNTM4fX0=
content-type: application/json
accept: application/json
Referer: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
x-requested-with: http-link

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
etag: W/"70-lGCMOTwNy6vritnCvVMitzcRM58"
content-type: application/json; charset=utf-8
x-graphql: true
cache-control: no-store
cf-ray: 851b95e42dba0d68-MXP
x-request-id: 67e9f304-6bc8-410a-bf57-618daa3a6d40

GET
H2 200 phone.93e1073979d53a63fc4f.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/ 342 KB
88 KB 56ms
56ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/phone.93e1073979d53a63fc4f.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab24b68bc29656352552ea2ee8c2c0f979f289c679617f9a11283ba803d75478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 389
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:35 GMT
server: cloudflare
etag: W/"8c302866ff0c590f8f83ee88fdc4fd8d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95e46b6c5250-MXP
expires: Thu, 06 Feb 2025 12:20:11 GMT

GET
H2 200 recaptcha.917890c9cc0a10f1141c.js Show response
assets.change.org/corgi/assets/js/c799145/vendors/ 7 KB
3 KB 54ms
54ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/vendors/recaptcha.917890c9cc0a10f1141c.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7de24d47162eda77e512d34933f14de9be614a82449773d2c14e8fbb2f940b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 389
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:35 GMT
server: cloudflare
etag: W/"0f192b74935e8b57c8ea7df4b8dc69fc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95e46b705250-MXP
expires: Thu, 06 Feb 2025 12:20:11 GMT

GET
H2 200 petition_details_sign_form.ea36eb5937cf2b147116.js Show response
assets.change.org/corgi/assets/js/c799145/pages/ 43 KB
13 KB 42ms
42ms Script
text/javascript 104.17.89.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.change.org/corgi/assets/js/c799145/pages/petition_details_sign_form.ea36eb5937cf2b147116.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.89.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

695b0096bfcd67b55455b366bd52ae4a3f5344a6ea13d9602e81e59fdf96c45c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 389
x-amz-server-side-encryption: AES256
x-amz-expiration: expiry-date="Sun, 07 Feb 2027 00:00:00 GMT", rule-id="expiration_policy"
last-modified: Wed, 07 Feb 2024 12:11:33 GMT
server: cloudflare
etag: W/"0bdccf2f5842dc614e9c544f7ec48260"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=31536000
cf-ray: 851b95e46b735250-MXP
expires: Thu, 06 Feb 2025 12:20:11 GMT

POST
H2 200 graphql Show response
www.change.org/api-proxy/ 827 B
544 B 840ms
840ms Fetch
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/graphql?op=FeCoreFeatureConfigs&op=MembershipAwarenessFormData&op=PetitionDetailsPageStats&op=ShortUrl

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2875f99f08c61989976e148d2c3a199cca9bf9c3bfe85d41a7b522832dd49821

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

tracestate: 839@nr=0-1-839-793665896-1bad381387d76c76----1707308411584
traceparent: 00-393f84b65032b13a7e4e698e24c1de27-1bad381387d76c76-01
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjgzOSIsImFwIjoiNzkzNjY1ODk2IiwiaWQiOiIxYmFkMzgxMzg3ZDc2Yzc2IiwidHIiOiIzOTNmODRiNjUwMzJiMTNhN2U0ZTY5OGUyNGMxZGUyNyIsInRpIjoxNzA3MzA4NDExNTg0fX0=
content-type: application/json
accept: application/json
Referer: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
x-requested-with: http-link

Response headers

date: Wed, 07 Feb 2024 12:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
etag: W/"33b-VXeMTQq/seTH0sT5TDZrhkA4VCU"
content-type: application/json; charset=utf-8
x-graphql: true
cache-control: no-store
cf-ray: 851b95e47e290d68-MXP
x-request-id: 8e5feca0-39fc-4fe7-9518-e3163a0c9135

GET
H2 200 11391265293.js Show response
cdn.optimizely.com/js/ 698 KB
201 KB 106ms
28ms Script
text/javascript 2a02:26f0:3500:883::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/11391265293.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

56a8105b1638b2ed86e46e2816c0696453594c362d7645bd6a04d7b317147182

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: uGXpyESmwLZ4oBv9_YKp1BbqAF9ZZN1P
content-encoding: gzip
date: Wed, 07 Feb 2024 12:20:11 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: XZAYJGK0V456REFN
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 48289
x-amz-replication-status: PENDING
server-timing: cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="25";dur=0,cdnip;desc="2a02:26f0:3500:883::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1707308411646_388276626_2792377108_31_1678_25_28_146";dur=1
content-length: 204580
x-amz-id-2: eAzEtJV9as7SfYq6hVr5aqsJs4p6nHwznmN8TkxbrSNa00gmgQwBte/p5aEeP3GlcPyv/Thuy7E=
last-modified: Mon, 05 Feb 2024 14:49:29 GMT
server: AmazonS3
etag: "97ab5a74906031c6a0da35783bfa38ac"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 main.min.js Show response
client.px-cloud.net/PXNsLC0Hv5/ 171 KB
76 KB 159ms
40ms Script
application/javascript 2a02:26f0:3500:11::215:14d0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://client.px-cloud.net/PXNsLC0Hv5/main.min.js
Requested by: Host: www.change.org
URL: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5e6a6426001da5240b6d14f4681ff6c806bbcf7d2bc0d62c9a846eccb66d3aaa

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
content-encoding: gzip
etag: "2aa25-ZRI4P1H24Yc+T0lbTb+0SHEcrME"
x-px-hash: MzkyMzc2MTEwNGQzZDcwMTk4MTY2ZGY3MzhkYzc0OGU4OGEyNTBkMWU2ZDhlMmQ3NTU4OWVhNzc3YTA4NThjNQ==
vary: Accept-Encoding
active-cdn: Akamai
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: active-cdn,x-served-by,Akamai-Request-BC
cache-control: max-age=600
content-length: 77431

POST
H2 200 graphql Show response
www.change.org/api-proxy/ 139 B
244 B 261ms
260ms Fetch
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/graphql?op=PetitionPageVideos

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

318dc75021279c6de170f40eeda80f93ffe4b77275577d4480aec1a745086065

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

tracestate: 839@nr=0-1-839-793665896-f9c772091b9984f4----1707308411592
traceparent: 00-33d00a51863b815e62208f7e9b24cade-f9c772091b9984f4-01
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjgzOSIsImFwIjoiNzkzNjY1ODk2IiwiaWQiOiJmOWM3NzIwOTFiOTk4NGY0IiwidHIiOiIzM2QwMGE1MTg2M2I4MTVlNjIyMDhmN2U5YjI0Y2FkZSIsInRpIjoxNzA3MzA4NDExNTkyfX0=
content-type: application/json
accept: application/json
Referer: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
x-requested-with: http-link

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
etag: W/"8b-eCkCGi+RLQFd/yp0nJqyQsZ2Ymw"
content-type: application/json; charset=utf-8
x-graphql: true
cache-control: no-store
cf-ray: 851b95e48e4d0d68-MXP
x-request-id: 6e3cb8b6-f5f3-43d1-8cc1-cc0a96a6ebd6

POST
H2 200 et
www.change.org/api-proxy/-/ 2 B
261 B 774ms
773ms Ping
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/et?_csrf=e2c84711ddff2aee81b243a0f81dfb12

Requested by

Host: assets.change.org
URL: https://assets.change.org/corgi/assets/js/c799145/vendors/change/core.5ef397784316624c7a9b.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Feb 2024 12:20:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 851b95e49e720d68-MXP
content-length: 2
x-request-id: d1c685ae-343f-41a8-97b3-dd0356cb4923

POST
H2 200 graphql Show response
www.change.org/api-proxy/ 1 KB
594 B 809ms
809ms Fetch
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/graphql?op=FeCoreFeatureConfigs&op=ShortUrl~2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76da79137682edcd264734b6bea659b6e5fce6f09e00a219363792fd10da5c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

tracestate: 839@nr=0-1-839-793665896-f0fa0ec8e6f60dc5----1707308411625
traceparent: 00-5a54d48b9ceed6f2fea284543c324e83-f0fa0ec8e6f60dc5-01
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjgzOSIsImFwIjoiNzkzNjY1ODk2IiwiaWQiOiJmMGZhMGVjOGU2ZjYwZGM1IiwidHIiOiI1YTU0ZDQ4YjljZWVkNmYyZmVhMjg0NTQzYzMyNGU4MyIsInRpIjoxNzA3MzA4NDExNjI1fX0=
content-type: application/json
accept: application/json
Referer: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
x-requested-with: http-link

Response headers

date: Wed, 07 Feb 2024 12:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
etag: W/"41b-FQJICUwzmysC9t74F0+asLTc6zU"
content-type: application/json; charset=utf-8
x-graphql: true
cache-control: no-store
cf-ray: 851b95e4be870d68-MXP
x-request-id: d68d48f6-d711-43bd-84ff-5b7017102642

POST
H/1.1 200 a0fbd2be65 Show response
bam.nr-data.net/events/1/ 24 B
328 B 132ms
132ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/a0fbd2be65?a=793665896&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=3976&ck=0&ref=https://www.change.org/p/movimento-rio-livre-de-helic%25C3%25B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f
Requested by: Host: www.change.org
URL: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.change.org/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.change.org
access-control-allow-credentials: true
Connection: close
Content-Length: 24
x-served-by: cache-mxp6921-MXP

POST
H2 200 et
www.change.org/api-proxy/-/ 2 B
152 B 785ms
785ms Ping
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/et?_csrf=e2c84711ddff2aee81b243a0f81dfb12

Requested by

Host: assets.change.org
URL: https://assets.change.org/corgi/assets/js/c799145/vendors/change/core.5ef397784316624c7a9b.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Feb 2024 12:20:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 851b95e4eee30d68-MXP
content-length: 2
x-request-id: 107b510f-4983-4454-a7df-90fa896ee4ac

POST
H2 200 et
www.change.org/api-proxy/-/ 2 B
87 B 787ms
787ms Ping
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/et?_csrf=e2c84711ddff2aee81b243a0f81dfb12

Requested by

Host: assets.change.org
URL: https://assets.change.org/corgi/assets/js/c799145/vendors/change/core.5ef397784316624c7a9b.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Feb 2024 12:20:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 851b95e4fefe0d68-MXP
content-length: 2
x-request-id: a406ce67-6059-4552-92a0-c456e924dd41

POST
H2 200 collector Show response
collector-pxnslc0hv5.px-cloud.net/api/v2/ 540 B
784 B 143ms
94ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxnslc0hv5.px-cloud.net/api/v2/collector
Requested by: Host: www.change.org
URL: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4b75d48d87305cafdfa85eb558855d235edf21f500f91471f1bc2cc15bae483b

Request headers

Referer: https://www.change.org/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Feb 2024 12:20:11 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.change.org
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 540

GET
H2 200 main-image.png
static.change.org/membership/ 9 KB
9 KB 84ms
45ms Image
image/webp 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.change.org/membership/main-image.png

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d3d7d8e88a39c434a9b62ca175ec63581331e9ee959f87212e64a0325ccc534

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:12 GMT
x-amz-version-id: z5Y0AdMlU2JQrzrOY0PmZmtCAhN9AfTX
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 1825
cf-polished: origFmt=png, origSize=19283
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="main-image.webp"
content-length: 8790
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 08:56:37 GMT
server: cloudflare
etag: "f6ee2d8ad3f75052ca253ec24f1f517e"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1382400
accept-ranges: bytes
cf-ray: 851b95ea38b80e29-MXP
expires: Fri, 23 Feb 2024 12:20:12 GMT

GET
H2 200 paypal.svg
static.change.org/membership/ 4 KB
2 KB 91ms
52ms Image
image/svg+xml 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.change.org/membership/paypal.svg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2499a72dbbd16ae0a3a919f4259b1e41175d911d016e13adde5aa416da14a807

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:20:12 GMT
x-amz-version-id: nmOBpm3KuZijJb75elAhPphgahF4aXl7
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains
age: 2908
x-amz-server-side-encryption: AES256
last-modified: Fri, 03 Nov 2023 09:15:32 GMT
server: cloudflare
etag: W/"92ff00edb398df4573c01b0c0e5f8771"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-ray: 851b95ea38b90e29-MXP
expires: Fri, 23 Feb 2024 12:20:12 GMT

POST
H2 200 et
www.change.org/api-proxy/-/ 2 B
87 B 246ms
246ms Ping
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/et?_csrf=e2c84711ddff2aee81b243a0f81dfb12

Requested by

Host: assets.change.org
URL: https://assets.change.org/corgi/assets/js/c799145/vendors/change/core.5ef397784316624c7a9b.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Feb 2024 12:20:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 851b95ea091d0d68-MXP
content-length: 2
x-request-id: 2356f7f7-6a65-4e11-96ab-606e25ef7dfa

POST
H2 200 collector Show response
collector-pxnslc0hv5.px-cloud.net/api/v2/ 600 B
655 B 107ms
106ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxnslc0hv5.px-cloud.net/api/v2/collector
Requested by: Host: www.change.org
URL: https://www.change.org/p/movimento-rio-livre-de-helic%C3%B3pteros-sem-lei-c68ea8e2-a019-451b-877b-b70f0b17d50f?recruiter=1330324687&utm_source=share_petition&utm_campaign=psf_combo_share_message&utm_medium=whatsapp&utm_content=washarecopy_37877693_pt-BR%3A2&recruited_by_id=d72571b0-c5b2-11ee-b1aa-e7244916c505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 78b50770d28a8a1dda125e2e0c62043ee90e1cc153fc696bfc79ec24e7ad8d9e

Request headers

Referer: https://www.change.org/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Feb 2024 12:20:12 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.change.org
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.change.org/	1969-12-31 23:59:59	Name: __cfruid Value: 614212482b2464ad9252100aa7ed0505ea3fb76d-1707308408
.change.org/	1969-12-31 23:59:59	Name: _cfuvid Value: owG2gjq7FyiEbDu8v2OTo5dcczIYTKMWxyTBL5n2l8s-1707308408180-0-604800000
www.change.org/	1969-12-31 23:59:59	Name: _change_session Value: aa9604048271c0ae59cb21921018fdb2
www.change.org/	1970-01-20 18:16:34	Name: _change_lang Value: %7B%22locale%22%3A%22it-IT%22%2C%22countryCode%22%3A%22IT%22%7D
.change.org/	1970-01-21 03:51:08	Name: optimizelyOptOut Value: true
.change.org/	1969-12-31 23:59:59	Name: pxcts Value: 3da0a504-c5b3-11ee-8eca-59300f39e5d2
.change.org/	1970-01-21 03:00:44	Name: _pxvid Value: 3da08eb3-c5b3-11ee-8eca-021a4d9ea4f3
.change.org/	1970-01-20 18:15:08	Name: _px3 Value: 3f2ccaf7fff328922ce5432e254e626ef1631a3f8e678b8939c9a5ba19231dae:PHDQs/tQmWnNlrKN/2WrSkBOjzgGH8eZc+agKY+Qumjx+qDnZ/G4SW31yR7Z0zQYeMXPeIRcD1QwBQLU7OYFBA==:1000:mMrYFT9SQJzUhtHFnAuigtSjDaEmniTCmiILEp+O91o+/yQDA5ocIbLV3CJWsrvCmGExtNted2q+8dvK7NJ1G3jq+aw2efACcj9j4cXY+B/Mqmt5tsYMfLbLFxjdrTxnpoSE3Wcy5QAbKt9lF9TFl3DREz2VL4WHCzNTquge9qAJdnHpMy9oaUxJNj6xZ2Dfm5sXDxErnlBUSxFmAhqByBeeMoyeUoVh7kkrLSTTIDI=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' blob: 'unsafe-inline' 'unsafe-eval' d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net .change.org change-production.s3.amazonaws.com change-public-stuff.s3.amazonaws.com .google.ca .googleadservices.com .youtube.com .doubleclick.net .google.com .googleapis.com .googletagmanager.com .google-analytics.com .gstatic.com .recaptcha.net .ytimg.com .facebook.com .facebook.net .fbcdn.net fbrpc:// fb-messenger://* .twitter.com .twimg.com .ads-twitter.com ajax.cdnjs.com cdnjs.cloudflare.com service.force.com .salesforceliveagent.com .braintreegateway.com .paypalobjects.com .paypal.com .braintree-api.com .stripe.com .dlocal.com .optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com px-cdn.net .px-cdn.net .px-client.net .px-cloud.net pxchk.net .pxchk.net p2a.co .profitwell.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net .messagebird.com secure.everyaction.com d3rse9xjbp8270.cloudfront.net .ngpvan.com js2.verygoodvault.com .cloudflarestream.com code.jquery.com cdn.embedly.com player.vimeo.com bat.bing.com soundcloud.com .soundcloud.com www.instagram.com www.flickr.com .staticflickr.com .voteamerica.com .jotform.com actionnetwork.org .airbrake.io browser-update.org .tiktok.com .bannerbear.com us-central1-niftic-agency.cloudfunctions.net/openai/generate-draft .maze.co cdn.iframe.ly change.my.salesforce.com help.change.org; font-src 'self' data: .change.org d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net fonts.gstatic.com d3rse9xjbp8270.cloudfront.net; img-src * blob: data:; form-action 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
assets.change.org
bam.nr-data.net
cdn.optimizely.com
chng.it
client.px-cloud.net
collector-pxnslc0hv5.px-cloud.net
fonts.gstatic.com
js-agent.newrelic.com
notifier-configs.airbrake.io
prompts.maze.co
snippet.maze.co
static.change.org
www.change.org
104.17.88.51
104.17.89.51
13.32.27.96
151.101.194.137
162.247.243.29
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::54
2a02:26f0:3500:11::215:14d0
2a02:26f0:3500:883::13b8
3.220.116.39
35.190.10.96
52.222.214.39
52.55.92.172
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
16eb0216c1843dcd7d1579d8f9983ce0824e79d3a0a991ec9fb6df3128aae41e
1a3746234b6dfd850368e1fd08c34555fb494ad85159e0230f4efeb85bb03727
2499a72dbbd16ae0a3a919f4259b1e41175d911d016e13adde5aa416da14a807
2875f99f08c61989976e148d2c3a199cca9bf9c3bfe85d41a7b522832dd49821
2d3d7d8e88a39c434a9b62ca175ec63581331e9ee959f87212e64a0325ccc534
318dc75021279c6de170f40eeda80f93ffe4b77275577d4480aec1a745086065
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4839923f545068d08d130581c8ae6e09ea3dead69cd4745f248e61fd3b944dfc
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
4b75d48d87305cafdfa85eb558855d235edf21f500f91471f1bc2cc15bae483b
4c24e1358e033a3449d2c2a9443b70891c7ef32391672e4a2e8a7f4417fbbfc7
4d06ffeb5e4bb14cac0562ac19a381cbf77c429d2c64b1e7ddfbe1f1c90b1717
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
56a8105b1638b2ed86e46e2816c0696453594c362d7645bd6a04d7b317147182
5e6a6426001da5240b6d14f4681ff6c806bbcf7d2bc0d62c9a846eccb66d3aaa
635d9d9adb15facd73f68e1ad30fdb361006c9e37a2c8e51fc13b522634a24dc
695b0096bfcd67b55455b366bd52ae4a3f5344a6ea13d9602e81e59fdf96c45c
69b71359de5ac53eb55c188d3b02ed8a75db3d671fe89d4151fa3129a2640c77
6a6df27d584308330f703ac17ae1dd7930992c7188d3a01939e8c1585189b99a
6ebd1c8a6d409c68947941abf07b7598ee13cd12af97a3b2fa3da4a8a5afcf60
72343663a4191ecd520dfbaa14f514dcc81e062c2cee4d7a7fb18dd8c6542d6f
76da79137682edcd264734b6bea659b6e5fce6f09e00a219363792fd10da5c4f
77b5ed39cca19756f75520d8dedd3ec8896ff9406689218cba733c3bb49caf15
785fa7bca0334ef47df0919c0c56b10acf5713323b6df8cff79ecb5ce8c349c7
78b50770d28a8a1dda125e2e0c62043ee90e1cc153fc696bfc79ec24e7ad8d9e
78c1d4735479f31625011bfd0283296cde39fb8253557e0e19ae5fc8ae4e04e8
7d3e746c7318619e614f30c8952a7bd4f2cf16ab4f2e283d30cc045c38df6276
7de24d47162eda77e512d34933f14de9be614a82449773d2c14e8fbb2f940b29
7e1c3e66b58836a01e0a5c24848b97dd5a927d6adafb7cc37e6ad15f927b8d20
842b7580f13ffdf10f0c24a5cee79fb392319334eb644eaf361e214c0c6472a5
8c6e2c4b20f8ef70ecd442473ff85d29898cc1ba40eed138a8cdf2201e07cd18
90dcb75b7c8f1fc7b7406669f14774ad49a7e568fe4a7ee77966d2cf527ef370
9b0a41decd23b867b0aec0bbc07279026c88f4c8f8a7d477fe2bafd15b44b744
a5313700ce93482f1312e8e5a6dfe4adcc70b867d85da89bb2c0cf4b6670868e
a5471222b24178df36b9ea924873e3503a29802a08010c3f254e00dacd321add
a7d00ef8a41cfe96a24b94f6ffabbb67c58552876ad35d04228ecf0cd118e031
ab24b68bc29656352552ea2ee8c2c0f979f289c679617f9a11283ba803d75478
afbf42da98ef5c28a8d8620c6bb90f68717d8e72b43ad2f755d72b203b903395
b2cb5ebd46544a9df6306e17ed3e805d06e49e631c7778825b4c10a9af3f8df1
b93ccb52dc2c07cdfc4875fcf5c92fc9f4645fa7302e501c944ce2fdf3852638
b99465b623cb5b1e38c389d94812f119d078a4e12cc6d56bad62ff8d0dc9ea45
bd3dd674f63c84c3d61c5d1ecb8613d7f8385affe4f206752b4e9bca301e6e60
bfa1d20737e0db09c51366930bcbb51c0e9fe5ac00f24c27211fd0069fdb87c0
c2b40eb68b27729015148b5fa585694014c30fb4a2381c8ff8f34c4f0e37a525
c2ed5987546c12ebf650215a5626a27e312d9853f98a99f2b90a14a5d370c715
db27ef7b81d62c6610a86d9829a51987bda579aab06a79889055dc44ac651ec7
db71e199f0634fb4c1f89b3fb494e49f905ddba7c15fa3dc5e9a8782d8b60a7f
dc9f1001f58ac5e1df03c3f9b5d75f8980f85b6a26e5d0b674c64a721c8ada0d
e51811a231ee23bb1d44d09f6c3e09584fc05603ae1fd1a21ccf18ec989ed755
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
eec366449f5086374781ac01be546c3216d7a57453775ce4c33fec89488faa01
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

www.change.org Open in urlscan Pro 104.17.88.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

31 %IPv6

10 Domains

14 Subdomains

12 IPs

4 Countries

1465 kBTransfer

4538 kBSize

8 Cookies

7 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.change.org Open in urlscan Pro
104.17.88.51 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

31 %
IPv6

10
Domains

14
Subdomains

12
IPs

4
Countries

1465 kB
Transfer

4538 kB
Size

8
Cookies

60 HTTP transactions
0 data transactions