urlscan.io logo urlscan.io
SecurityTrails logo

petitions.signforgood.com Open in urlscan Pro
35.153.36.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://help.americares.org/site/R?i=jnzVeDz9YAko9-6ICiwy4iHSV_OHnnXSycQTioyAdCB2zfkZuwiPVA
Effective URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Submission: On December 15 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 28 HTTP transactions. The main IP is 35.153.36.96, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is petitions.signforgood.com.
TLS certificate: Issued by Amazon on November 9th 2022. Valid for: a year.
This is the only time petitions.signforgood.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.123.153.76 15148 (BLACKBAUD...)
9 35.153.36.96 14618 (AMAZON-AES)
2 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
6 2600:9000:245... 16509 (AMAZON-02)
1 52.216.184.123 16509 (AMAZON-02)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.194.31.36 16509 (AMAZON-02)
2 2a03:2880:f00... 32934 (FACEBOOK)
28 10
1    74.123.153.76 (United States)

ASN15148 (BLACKBAUD-ASN, US)
PTR: cluster2.convio.net
help.americares.org
9    35.153.36.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-36-96.compute-1.amazonaws.com
petitions.signforgood.com
2    2a02:26f0:11a::217:9a58 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
6    2600:9000:2450:8e00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
1    52.216.184.123 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
als-totem.s3.amazonaws.com
1    2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    18.194.31.36 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-31-36.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
Apex Domain
Subdomains		 Transfer
9 signforgood.com
petitions.signforgood.com
320 KB
8 sharethis.com
ws.sharethis.com — Cisco Umbrella Rank: 8871
l.sharethis.com — Cisco Umbrella Rank: 4708
83 KB
3 typekit.net
use.typekit.net — Cisco Umbrella Rank: 464
p.typekit.net — Cisco Umbrella Rank: 615
14 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
89 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 304
84 KB
1 amazonaws.com
als-totem.s3.amazonaws.com — Cisco Umbrella Rank: 261301
126 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 1149
7 KB
1 americares.org
help.americares.org
1 KB
28 9
Domain Requested by
9 petitions.signforgood.com petitions.signforgood.com
6 ws.sharethis.com petitions.signforgood.com
ws.sharethis.com
2 connect.facebook.net petitions.signforgood.com
connect.facebook.net
2 l.sharethis.com ws.sharethis.com
petitions.signforgood.com
2 www.google-analytics.com petitions.signforgood.com
www.google-analytics.com
2 ajax.googleapis.com petitions.signforgood.com
2 use.typekit.net petitions.signforgood.com
1 p.typekit.net use.typekit.net
1 als-totem.s3.amazonaws.com petitions.signforgood.com
1 ajax.aspnetcdn.com petitions.signforgood.com
1 help.americares.org 1 redirects
28 11

This site contains no links.

Subject Issuer Validity Valid
petitions.signforgood.com
Amazon		 2022-11-09 -
2023-12-07		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
sharethis.com
Amazon		 2022-06-19 -
2023-07-18		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-24 -
2022-12-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Frame ID: 092D8C119C7067FA0971FBF211A37D91
Requests: 25 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: C8FEC758FFB683BE7CF2DD02A44B0195
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://help.americares.org/site/R?i=jnzVeDz9YAko9-6ICiwy4iHSV_OHnnXSycQTioyAdCB2zfkZuwiPVA HTTP 302
    https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

28
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

10
IPs

4
Countries

743 kB
Transfer

1462 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://help.americares.org/site/R?i=jnzVeDz9YAko9-6ICiwy4iHSV_OHnnXSycQTioyAdCB2zfkZuwiPVA HTTP 302
    https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request holiday-stc-2022
petitions.signforgood.com/
Redirect Chain
  • http://help.americares.org/site/R?i=jnzVeDz9YAko9-6ICiwy4iHSV_OHnnXSycQTioyAdCB2zfkZuwiPVA
  • https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.36.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-36-96.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
a9aa87126c5a380bda8d53b0235dbdd1ef6daaabbe59b2a297cdaf3dd5e48b88

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
10409
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 22:33:15 GMT
ETag
W/"28a9-kTziOuP4pDsXRE4yu09ycw"
Server
nginx/1.18.0
X-Powered-By
Express

Redirect headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri http://help.americares.org/site/XFrameViolation
Content-Type
text/html
Date
Thu, 15 Dec 2022 22:33:14 GMT
Keep-Alive
timeout=15, max=500
Location
https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Pragma
no-cache
Server
Apache
X-Content-Type-Options
nosniff
X-Frame-Options
allow-from 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com
styles5.2.css
petitions.signforgood.com/static/css/ 		16 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/static/css/styles5.2.css
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.36.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-36-96.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
b6056e86321363715e98bc762aa81fc044577102a59d36a80718142c93a7334c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 22:33:15 GMT
Last-Modified
Mon, 27 Jun 2022 14:21:54 GMT
Server
nginx/1.18.0
ETag
W/"3f6e-181a58a4fd0"
X-Powered-By
Express
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16238
qvb4vcc.css
use.typekit.net/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qvb4vcc.css
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
25a2f5bec20ac1342335b5f769cb2cf1e898d51b3a45ea3dd5082940c49faf57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 15 Dec 2022 22:33:15 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
889
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 18:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 18:17:41 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/ 		195 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d87043ac816dbfadae73fcc32f84eadb9a665cf97ae938bea9702a27d3e9a54a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51711
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 01:13:32 GMT
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/jquery.validate.min.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCC) /
Resource Hash
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7946393
x-cache
HIT
content-length
6807
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:42:30 GMT
server
ECAcc (frc/4CCC)
etag
"0b7a471d033d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
modernizr.custom.45138.js
petitions.signforgood.com/static/js/modernizr/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/static/js/modernizr/modernizr.custom.45138.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.36.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-36-96.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
7db3c445760c43f809f076da6a4f6b249ac93b442ab6b1631e5c09a64d524092

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 22:33:15 GMT
Last-Modified
Mon, 27 Jun 2022 14:21:54 GMT
Server
nginx/1.18.0
ETag
W/"1f23-181a58a4fd0"
X-Powered-By
Express
Content-Type
application/javascript
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7971
mailcheck.min.js
petitions.signforgood.com/static/js/mailcheck/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/static/js/mailcheck/mailcheck.min.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.36.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-36-96.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
7090005d203e5e17807ca94e1992fd57076443c8a0aad133803acdc40a1a13ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 22:33:15 GMT
Last-Modified
Mon, 27 Jun 2022 14:21:54 GMT
Server
nginx/1.18.0
ETag
W/"8f9-181a58a4fd0"
X-Powered-By
Express
Content-Type
application/javascript
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2297
main.js
petitions.signforgood.com/static/js/prefab_main/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/static/js/prefab_main/main.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.36.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-36-96.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
bf0b6b1821aba37aee00fc10d02eec69ee8a13a51d15c0ac915207758aa8dbbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 22:33:15 GMT
Last-Modified
Mon, 27 Jun 2022 14:21:54 GMT
Server
nginx/1.18.0
ETag
W/"2201-181a58a4fd0"
X-Powered-By
Express
Content-Type
application/javascript
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8705
jquery.backstretch.min.js
petitions.signforgood.com/static/js/backstretch/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/static/js/backstretch/jquery.backstretch.min.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.36.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-36-96.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
741ec5b0ee0e5b7e0b46b4597cce9946e50ed320bdb3e78459d44d2098bf4048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 22:33:15 GMT
Last-Modified
Mon, 27 Jun 2022 14:21:54 GMT
Server
nginx/1.18.0
ETag
W/"66e-181a58a4fd0"
X-Powered-By
Express
Content-Type
application/javascript
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1646
buttons.js
ws.sharethis.com/button/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/buttons.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:8e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
049ba97efd5e51f8dcaaf2383aae4b00bfbab1eb715124666ac72e3a9408d234
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 06:55:45 GMT
content-encoding
gzip
via
1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
CDG50-P4
age
56250
x-cache
Hit from cloudfront
content-length
16989
server
nginx/1.20.1
etag
W/"634f1855-edb3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
WnznNPXeFsVgm2K31OjkkEpGEbsC0OgqHJWtPTCXWjnk7tOsm4fyHQ==
expires
Sun, 18 Dec 2022 06:55:45 GMT
intlTelInput.css
petitions.signforgood.com/intl-tel-input/css/ 		27 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/intl-tel-input/css/intlTelInput.css
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.36.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-36-96.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
437e649ff48cf805b99a8b0abe1f5c7687d66765d940408f1542d55afe0b07a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 22:33:15 GMT
Last-Modified
Tue, 04 Apr 2017 22:17:54 GMT
Server
nginx/1.18.0
ETag
W/"6d39-15b3b0bb250"
X-Powered-By
Express
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27961
intlTelInput.min.js
petitions.signforgood.com/intl-tel-input/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/intl-tel-input/js/intlTelInput.min.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.36.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-36-96.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
afa256c4c0c2f29087fcb97123cb12b51d9af01263cdda68e6d11a0088b25049

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 22:33:15 GMT
Last-Modified
Thu, 01 Mar 2018 10:51:56 GMT
Server
nginx/1.18.0
ETag
W/"5afe-161e130a0e0"
X-Powered-By
Express
Content-Type
application/javascript
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23294
utils.js
petitions.signforgood.com/intl-tel-input/js/ 		221 KB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://petitions.signforgood.com/intl-tel-input/js/utils.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.36.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-36-96.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
fc5d3634a35396df921415c955f1e37292a681beb68ebfb24cce7e86546890f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 22:33:15 GMT
Last-Modified
Thu, 01 Mar 2018 10:51:13 GMT
Server
nginx/1.18.0
ETag
W/"374f2-161e12ff8e8"
X-Powered-By
Express
Content-Type
application/javascript
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
226546
AMCR-552.png
als-totem.s3.amazonaws.com/emailimages/22462/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://als-totem.s3.amazonaws.com/emailimages/22462/AMCR-552.png
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.123 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ab0b8a881631df1f0f233fdfc7349ca76e142b2aa003449935e448e0bcf407dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 22:33:17 GMT
Last-Modified
Fri, 02 Dec 2022 22:29:41 GMT
Server
AmazonS3
x-amz-request-id
3YE2GWEF3X8FCFPY
ETag
"0fe59fdc851eda49650208142121d0b1-1"
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
128534
x-amz-id-2
Pbyn7qhkBi3cT8nOvLG31lDN3b190BVUZBuNzU9dDOXgs8fa/WLMMfACP2i0W92MY6FslwChQMg=
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=qvb4vcc&ht=tk&f=10327.40458.40459.40460.40461.40466.40467&a=9978398&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qvb4vcc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:33:16 GMT
last-modified
Sun, 01 May 2022 15:58:42 GMT
server
nginx
etag
"626eae32-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 22:27:24 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
352
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 16 Dec 2022 00:27:24 GMT
async-buttons.js
ws.sharethis.com/button/ 		89 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/async-buttons.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:8e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:59:51 GMT
content-encoding
gzip
via
1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
CDG50-P4
age
242908
x-cache
Hit from cloudfront
content-length
18813
server
nginx/1.20.1
etag
W/"634f1895-16245"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
upj975CER3Zdk6FUhyiwtP2YKFoRLmu0YT4S10jTCno_SqX0Z31mIg==
expires
Fri, 16 Dec 2022 03:04:48 GMT
pview
l.sharethis.com/ 		0
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1671143596615.17974&hostname=petitions.signforgood.com&location=%2Fholiday-stc-2022&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fpetitions.signforgood.com%2Fholiday-stc-2022%3Fcode%3Djtk553-fr-fl&sop=false&description=Please%2C%20will%20you%20sign%20our%20card%20to%20say%20thank%20you%20to%20our%20emergency%20relief%20workers%20who%20are%20risking%20their%20lives%20to%20bring%20brighter%20futures%20to%20millions%20around%20the%20world%3F
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.31.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-31-36.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 22:33:16 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://petitions.signforgood.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
793dd9de11dd1aca4f02038c4930afee7cb754d44ec1db9581958a2695e88cf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 22:33:16 GMT
content-md5
W5YqoYmw7bCDj2PI2SB33Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
5+kJyQBzoELLdJpkSgwveSReBVvj25nF10OFdTGYjhEz+ODsfJ5eT3f2oeQGVjEOknZSMKE0VYvsdHyW84JWdA==
x-fb-trip-id
2071890597
x-fb-content-md5
b1dc193b569a0af6c7aa3e58a4b644dd
cross-origin-opener-policy
same-origin-allow-popups
etag
"e897570a73516c3862dfd992e529d6ca"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Thu, 15 Dec 2022 22:45:22 GMT
l
use.typekit.net/af/c2b6e5/00000000000000007735afee/30/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/c2b6e5/00000000000000007735afee/30/l?subset_id=2&fvd=n4&v=3
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
797b242daf327f0ce6fb46a623ef102174bfe4e2dfcd7896a8f3b3a2d37c309e

Request headers

Referer
https://petitions.signforgood.com/
Origin
https://petitions.signforgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:33:16 GMT
server
nginx
etag
"fcf166f34c3dba0a6174fffb71bb6611ee8af795"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13092
buttons-secure.css
ws.sharethis.com/button/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/css/buttons-secure.css
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:8e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 06:38:03 GMT
content-encoding
gzip
via
1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 18 Oct 2022 21:20:21 GMT
server
nginx/1.20.1
x-amz-cf-pop
CDG50-P4
age
57314
etag
W/"634f1895-5a76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-robots-tag
noindex, nofollow
content-length
3851
x-amz-cf-id
ic3fZrXbiCcEretq_UiLzrWw_cuipvLZIMDvzhEXe2ioZDQOKgsjAg==
sdk.js
connect.facebook.net/en_US/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8528ed40d9969e48e1f7f41ee522a285
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b87fab831b2e781943548e8c6eb9c843766eeae0142ad463af291d6a2b13c034
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://petitions.signforgood.com/
Origin
https://petitions.signforgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 22:33:16 GMT
content-md5
IHJDouyKOPj7Sv/R+NumNQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88442
x-fb-rlafr
0
x-fb-debug
l5+p2tX1Qz6TsP6SnczDcSeFy9poIwpArudv5xG6klZussB9G2kjeWn2yidkIseV/EnQyLBPtd1yJ3qrbUZr6g==
x-fb-content-md5
a8fa3afa886fe561cbdb2f05c6579a62
cross-origin-opener-policy
same-origin-allow-popups
etag
"3f51d5d7616d6eeb70462ebe50a15374"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 20:25:52 GMT
pview
l.sharethis.com/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1671143596615.17974&hostname=petitions.signforgood.com&location=%2Fholiday-stc-2022&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fpetitions.signforgood.com%2Fholiday-stc-2022%3Fcode%3Djtk553-fr-fl&sop=false&description=Please%2C%20will%20you%20sign%20our%20card%20to%20say%20thank%20you%20to%20our%20emergency%20relief%20workers%20who%20are%20risking%20their%20lives%20to%20bring%20brighter%20futures%20to%20millions%20around%20the%20world%3F&description=Please%2C%20will%20you%20sign%20our%20card%20to%20say%20thank%20you%20to%20our%20emergency%20relief%20workers%20who%20are%20risking%20their%20lives%20to%20bring%20brighter%20futures%20to%20millions%20around%20the%20world%3F&img_pview=true
Requested by
Host: petitions.signforgood.com
URL: https://petitions.signforgood.com/holiday-stc-2022?code=jtk553-fr-fl
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.31.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-31-36.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://petitions.signforgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 22:33:16 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=609405383&t=pageview&_s=1&dl=https%3A%2F%2Fpetitions.signforgood.com%2Fholiday-stc-2022%3Fcode%3Djtk553-fr-fl&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1003239742&gjid=1573473156&cid=1137738537.1671143597&tid=UA-9499230-25&_gid=68894603.1671143597&_r=1&_slc=1&z=440722223
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://petitions.signforgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 22:33:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://petitions.signforgood.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
ws.sharethis.com/secure5x/ Frame C8FE 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/index.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:8e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
08b0059e13504e41d859fc5692edfe0c99a13d0106fdc1ba91e40cebccea4dee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://petitions.signforgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54778
content-encoding
gzip
content-length
4080
content-type
text/html
date
Thu, 15 Dec 2022 07:20:21 GMT
etag
W/"634f1895-390f"
last-modified
Tue, 18 Oct 2022 21:20:21 GMT
server
nginx/1.20.1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront)
x-amz-cf-id
_-Svj2yEU9z_desCGHbH59G7ce9iQ5ZW1O6invqMF6CTj6Y-vylVFg==
x-amz-cf-pop
CDG50-P4
x-cache
Hit from cloudfront
x-robots-tag
noindex, nofollow
stcommon.1f60705adac788a51a8240cf535237b0.js
ws.sharethis.com/secure5x/js/ Frame C8FE 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:8e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/secure5x/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 02:51:08 GMT
content-encoding
gzip
via
1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
CDG50-P4
age
9747730
x-cache
Hit from cloudfront
content-length
5630
server
nginx/1.20.1
etag
W/"62bdf287-40f6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
DeWDJ_TaP_Ps5AYRMjyWUNMx5XJTcEABaJLRLOeAbU9TNitEC4NcRg==
expires
Fri, 25 Aug 2023 02:51:08 GMT
st.e96255eb8fe81c93a11306efbce27be2.js
ws.sharethis.com/secure5x/js/ Frame C8FE 		132 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/js/st.e96255eb8fe81c93a11306efbce27be2.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:8e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
3512e0f4bfb557504799492a4c255173e066fe6304e584928d60a14a910252f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/secure5x/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 23:15:55 GMT
content-encoding
gzip
via
1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
CDG50-P4
age
5008643
etag
W/"634f1895-211a0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
sSBr-YEypu4OK-q0oV8UZn5XytVjM7YXPLc-_nIxYYlJ19BArjlesw==
expires
Wed, 18 Oct 2023 23:15:55 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| $ function| jQuery function| DP_jQuery_1671143596606 object| html5 object| Modernizr function| yepnope object| Kicksend function| initializeValidation object| Base64 function| Base64DecodeUrl function| repopulateForm function| movePartnersDiv object| jQuery111305269293325526054 string| GoogleAnalyticsObject function| ga boolean| switchTo5x object| stlib function| _$d function| _$d0 function| _$d_ function| _$d1 function| _$d2 function| _$de function| _$dt object| _all_services boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| customProduct string| stWidgetVersion object| stButtons object| stWidget boolean| sop_pview_logged object| ShareThisEvent object| stLight boolean| st_showing object| intlTelInputUtils function| fbAsyncInit function| init_hash boolean| showHoverbarReskinned boolean| isEsiLoaded boolean| stShowNewMobileWidget boolean| isMobileButtonLoaded boolean| stRecentServices boolean| iswhatsappCustomButton boolean| isKikCustomButton boolean| stIsLoggedIn object| servicesLoggedIn object| stFastShareObj boolean| useFastShare object| stButtonsLib function| Shareable function| shareLog string| __stPubGA object| async_buttons function| foursquareCallback function| __stgetPubGA function| plusoneCallback object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __buffer string| arg string| baseURL string| messageSet

5 Cookies

Domain/Path Name / Value
help.americares.org/ Name: JSESSIONID
Value: AF62DAFB0202415E1BEF8F4347964DAE.app20113b
help.americares.org/ Name: redirector_cookie
Value: 19670291719:
.signforgood.com/ Name: _ga
Value: GA1.2.1137738537.1671143597
.signforgood.com/ Name: _gid
Value: GA1.2.68894603.1671143597
.signforgood.com/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
als-totem.s3.amazonaws.com
connect.facebook.net
help.americares.org
l.sharethis.com
p.typekit.net
petitions.signforgood.com
use.typekit.net
ws.sharethis.com
www.google-analytics.com
152.199.19.160
18.194.31.36
2600:9000:2450:8e00:3:c04e:c780:93a1
2a00:1450:400d:807::200a
2a00:1450:400d:807::200e
2a02:26f0:11a::217:9a58
2a02:26f0:11a::6867:4832
2a03:2880:f007:8:face:b00c:0:1
35.153.36.96
52.216.184.123
74.123.153.76
049ba97efd5e51f8dcaaf2383aae4b00bfbab1eb715124666ac72e3a9408d234
08b0059e13504e41d859fc5692edfe0c99a13d0106fdc1ba91e40cebccea4dee
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
25a2f5bec20ac1342335b5f769cb2cf1e898d51b3a45ea3dd5082940c49faf57
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
3512e0f4bfb557504799492a4c255173e066fe6304e584928d60a14a910252f9
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
437e649ff48cf805b99a8b0abe1f5c7687d66765d940408f1542d55afe0b07a5
7090005d203e5e17807ca94e1992fd57076443c8a0aad133803acdc40a1a13ed
741ec5b0ee0e5b7e0b46b4597cce9946e50ed320bdb3e78459d44d2098bf4048
793dd9de11dd1aca4f02038c4930afee7cb754d44ec1db9581958a2695e88cf8
797b242daf327f0ce6fb46a623ef102174bfe4e2dfcd7896a8f3b3a2d37c309e
7db3c445760c43f809f076da6a4f6b249ac93b442ab6b1631e5c09a64d524092
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a9aa87126c5a380bda8d53b0235dbdd1ef6daaabbe59b2a297cdaf3dd5e48b88
ab0b8a881631df1f0f233fdfc7349ca76e142b2aa003449935e448e0bcf407dd
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
afa256c4c0c2f29087fcb97123cb12b51d9af01263cdda68e6d11a0088b25049
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6056e86321363715e98bc762aa81fc044577102a59d36a80718142c93a7334c
b87fab831b2e781943548e8c6eb9c843766eeae0142ad463af291d6a2b13c034
bf0b6b1821aba37aee00fc10d02eec69ee8a13a51d15c0ac915207758aa8dbbd
d87043ac816dbfadae73fcc32f84eadb9a665cf97ae938bea9702a27d3e9a54a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc5d3634a35396df921415c955f1e37292a681beb68ebfb24cce7e86546890f8