www.change.org Open in urlscan Pro
104.17.88.51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://chng.it/wwYrLx6s2K
Effective URL:
https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-host...
Submission: On May 04 via manual (May 4th 2022, 9:39:00 pm UTC) from US — Scanned from US

Summary HTTP 78 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 32 IPs in 2 countries across 23 domains to perform 78 HTTP transactions. The main IP is 104.17.88.51, located in and belongs to CLOUDFLARENET, US. The main domain is www.change.org. The Cisco Umbrella rank of the primary domain is 60174.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2021. Valid for: a year.

This is the only time www.change.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.225.63.93 13.225.63.93	16509 (AMAZON-02) (AMAZON-02)
26	104.17.88.51 104.17.88.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1400:d:4... 2600:1400:d:488::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.216.205.61 52.216.205.61	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:13:... 2600:141b:13::b833:9299	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::ac43:459c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.5.226.225 23.5.226.225	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
2	35.186.220.184 35.186.220.184	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21e... 2600:9000:21ea:9600:3:9a1f:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
2	13.225.63.15 13.225.63.15	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.228.124.54 34.228.124.54	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4006:820::200d	15169 (GOOGLE) (GOOGLE)
1	143.204.146.14 143.204.146.14	16509 (AMAZON-02) (AMAZON-02)
1	13.225.213.116 13.225.213.116	16509 (AMAZON-02) (AMAZON-02)
1	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1	199.232.36.157 199.232.36.157	54113 (FASTLY) (FASTLY)
1	54.230.163.101 54.230.163.101	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	184.28.190.66 184.28.190.66	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
2	34.222.178.233 34.222.178.233	16509 (AMAZON-02) (AMAZON-02)
78	32

1 13.225.63.93 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-93.ewr53.r.cloudfront.net

chng.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.17.88.51 (None, )

ASN13335 (CLOUDFLARENET, US)

www.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-fe.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:d:488::13b8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.205.61 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::b833:9299 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

client.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:459c (United States)

ASN13335 (CLOUDFLARENET, US)

browser-update.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.5.226.225 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-226-225.deploy.static.akamaitechnologies.com

a11391265293.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.220.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com

collector-pxnslc0hv5.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21ea:9600:3:9a1f:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

notifier-configs.airbrake.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2008 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.63.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-15.ewr53.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.228.124.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-124-54.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::200d (Staten Island, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.146.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-14.ewr52.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.213.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-213-116.ewr50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.163.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-101.ewr53.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.28.190.66 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-28-190-66.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2004 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.222.178.233 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-222-178-233.us-west-2.compute.amazonaws.com

fb-conversions.change.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	change.org www.change.org — Cisco Umbrella Rank: 60174 assets-fe.change.org — Cisco Umbrella Rank: 191118 assets.change.org — Cisco Umbrella Rank: 76025 static.change.org — Cisco Umbrella Rank: 93636 fb-conversions.change.org — Cisco Umbrella Rank: 122302	4 MB
7	google.com apis.google.com — Cisco Umbrella Rank: 179 accounts.google.com — Cisco Umbrella Rank: 120 www.google.com — Cisco Umbrella Rank: 20	60 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1219	69 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	254 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 920 script.hotjar.com — Cisco Umbrella Rank: 1202 vars.hotjar.com — Cisco Umbrella Rank: 1251	77 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 556	172 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	179 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 605	12 KB
3	px-cloud.net client.px-cloud.net — Cisco Umbrella Rank: 8595 collector-pxnslc0hv5.px-cloud.net — Cisco Umbrella Rank: 96682	56 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 751 a11391265293.cdn.optimizely.com — Cisco Umbrella Rank: 115980 logx.optimizely.com — Cisco Umbrella Rank: 1599	254 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 65	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
2	airbrake.io notifier-configs.airbrake.io — Cisco Umbrella Rank: 9370	555 B
1	t.co t.co — Cisco Umbrella Rank: 563	336 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 800	355 B
1	gstatic.com www.gstatic.com	34 KB
1	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 15453	9 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 963	10 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	78 KB
1	browser-update.org browser-update.org — Cisco Umbrella Rank: 8675	5 KB
1	amazonaws.com s3.amazonaws.com	4 KB
1	chng.it 1 redirects chng.it — Cisco Umbrella Rank: 135305	422 B
78	23

	Domain	Requested by
12	assets.change.org	www.change.org
8	www.change.org	www.change.org assets-fe.change.org
4	analytics.tiktok.com	www.change.org analytics.tiktok.com
4	connect.facebook.net	assets-fe.change.org connect.facebook.net www.change.org
4	maps.googleapis.com	assets-fe.change.org maps.googleapis.com
4	static.change.org	www.change.org assets-fe.change.org
3	www.facebook.com	assets-fe.change.org www.change.org
3	bat.bing.com	www.change.org bat.bing.com
3	accounts.google.com	apis.google.com www.change.org www.gstatic.com
2	fb-conversions.change.org	assets-fe.change.org
2	www.google.com	www.change.org
2	static.hotjar.com	www.change.org www.googletagmanager.com
2	www.google-analytics.com	assets-fe.change.org
2	notifier-configs.airbrake.io	assets-fe.change.org
2	collector-pxnslc0hv5.px-cloud.net	assets-fe.change.org
2	apis.google.com	assets-fe.change.org apis.google.com
2	assets-fe.change.org	www.change.org
1	googleads.g.doubleclick.net	www.googleadservices.com
1	t.co	www.change.org
1	analytics.twitter.com	www.change.org
1	www.gstatic.com	accounts.google.com
1	stats.g.doubleclick.net	assets-fe.change.org
1	public.profitwell.com	www.change.org
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	logx.optimizely.com	assets-fe.change.org
1	www.googletagmanager.com	assets-fe.change.org
1	a11391265293.cdn.optimizely.com	cdn.optimizely.com
1	browser-update.org	www.change.org
1	client.px-cloud.net	www.change.org
1	s3.amazonaws.com	www.change.org
1	cdn.optimizely.com	www.change.org
1	chng.it	1 redirects
78	35

This site contains links to these domains. Also see Links.

Domain
youtu.be
chng.it
change.org
gogetfunding.com
www.facebook.com
twitter.com
www.youtube.com
help.change.org
guide.change.org
www.instagram.com
policies.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
botchk.net R3	`2022-05-04` - `2022-08-02`	3 months	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.airbrake.io SSL.com RSA SSL subCA	`2021-11-18` - `2022-11-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-11` - `2022-05-12`	3 months	crt.sh
logx.optimizely.com Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.profitwell.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
fb-conversions.change.org R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
Frame ID: 2DB6A6F2BD0B1D07B5F7F2994322674B
Requests: 72 HTTP requests in this frame

Frame: https://a11391265293.cdn.optimizely.com/client_storage/a11391265293.html
Frame ID: 89B3845AAAC922FB1538831B74BF51D8
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 40F48ECB8DCA21679D4F164F4F6E47BA
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 58C53347820DDAF451911C85E985FC2F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Petition update · Submitting the Transcript and the Audio Records to the Greek Ombudsman · Change.org

Page URL History Show full URLs

https://chng.it/wwYrLx6s2K HTTP 301
https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-impriso... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

Page Statistics

78
Requests

100 %
HTTPS

50 %
IPv6

23
Domains

35
Subdomains

32
IPs

2
Countries

4843 kB
Transfer

17262 kB
Size

32
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://youtu.be/RlxmmbgXueA
Title: https://youtu.be/RlxmmbgXueA

Search URL Search Domain Scan URL

URL: https://chng.it/6LPcLFRzq4
Title: https://chng.it/6LPcLFRzq4

Search URL Search Domain Scan URL

URL: https://youtu.be/lXSrvFpFAT8
Title: https://youtu.be/lXSrvFpFAT8

Search URL Search Domain Scan URL

URL: https://youtu.be/1UlDuE6SMKA
Title: https://youtu.be/1UlDuE6SMKA

Search URL Search Domain Scan URL

URL: https://change.org/HostageOfEurope/
Title: https://change.org/HostageOfEurope/

Search URL Search Domain Scan URL

URL: https://gogetfunding.com/hostageofeurope/
Title: https://gogetfunding.com/hostageofeurope/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HostageOfEurope/
Title: https://www.facebook.com/HostageOfEurope/

Search URL Search Domain Scan URL

URL: https://twitter.com/AnwarNillufary/
Title: https://twitter.com/AnwarNillufary/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AnwarNillufary/
Title: https://www.youtube.com/user/AnwarNillufary/

Search URL Search Domain Scan URL

URL: https://help.change.org/s/?language=en_US
Title: Help

Search URL Search Domain Scan URL

URL: https://guide.change.org/
Title: Guides

Search URL Search Domain Scan URL

URL: https://twitter.com/Change
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/change.org
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/changedotorg
Title: Instagram

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://chng.it/wwYrLx6s2K HTTP 301
https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 30398302
www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/
Redirect Chain

https://chng.it/wwYrLx6s2K
https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_mediu...

6 MB
2 MB

1665ms
1562ms

Document
text/html

104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: 'unsafe-inline' 'unsafe-eval' d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net .change.org change-production.s3.amazonaws.com change-public-stuff.s3.amazonaws.com .google.ca .googleadservices.com .youtube.com .doubleclick.net .google.com .googleapis.com .googletagmanager.com .google-analytics.com .gstatic.com .recaptcha.net .ytimg.com .facebook.com .facebook.net .fbcdn.net fbrpc:// fb-messenger://* .twitter.com .twimg.com .ads-twitter.com vk.com .vk.com ajax.cdnjs.com cdnjs.cloudflare.com service.force.com .salesforceliveagent.com .braintreegateway.com .paypalobjects.com .paypal.com .stripe.com .optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com px-cdn.net .px-cdn.net .px-client.net .px-cloud.net pxchk.net .pxchk.net .hotjar.com: .hotjar.io wss://.hotjar.com p2a.co .profitwell.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net .messagebird.com .pushnotifications.pusher.com js.pusher.com secure.everyaction.com d3rse9xjbp8270.cloudfront.net .ngpvan.com js2.verygoodvault.com code.jquery.com cdn.embedly.com player.vimeo.com bat.bing.com soundcloud.com .soundcloud.com www.instagram.com www.flickr.com .staticflickr.com .voteamerica.com .jotform.com actionnetwork.org core.spreedly.com .airbrake.io browser-update.org .tiktok.com .bannerbear.com d2yyd1h5u9mauk.cloudfront.net web.delighted.com change.my.salesforce.com help.change.org; font-src 'self' data: .change.org d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net fonts.gstatic.com .hotjar.com .hotjar.io d3rse9xjbp8270.cloudfront.net; img-src * blob: data:; form-action 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 706462b78a5f67ec-MIA
content-encoding: gzip
content-security-policy: default-src 'self' blob: 'unsafe-inline' 'unsafe-eval' d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net *.change.org change-production.s3.amazonaws.com change-public-stuff.s3.amazonaws.com *.google.ca *.googleadservices.com *.youtube.com *.doubleclick.net *.google.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.recaptcha.net *.ytimg.com *.facebook.com *.facebook.net *.fbcdn.net fbrpc://* fb-messenger://* *.twitter.com *.twimg.com *.ads-twitter.com vk.com *.vk.com ajax.cdnjs.com cdnjs.cloudflare.com service.force.com *.salesforceliveagent.com *.braintreegateway.com *.paypalobjects.com *.paypal.com *.stripe.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com px-cdn.net *.px-cdn.net *.px-client.net *.px-cloud.net pxchk.net *.pxchk.net *.hotjar.com:* *.hotjar.io wss://*.hotjar.com p2a.co *.profitwell.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.messagebird.com *.pushnotifications.pusher.com js.pusher.com secure.everyaction.com d3rse9xjbp8270.cloudfront.net *.ngpvan.com js2.verygoodvault.com code.jquery.com cdn.embedly.com player.vimeo.com bat.bing.com soundcloud.com *.soundcloud.com www.instagram.com www.flickr.com *.staticflickr.com *.voteamerica.com *.jotform.com actionnetwork.org core.spreedly.com *.airbrake.io browser-update.org *.tiktok.com *.bannerbear.com d2yyd1h5u9mauk.cloudfront.net web.delighted.com change.my.salesforce.com help.change.org; font-src 'self' data: *.change.org d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net fonts.gstatic.com *.hotjar.com *.hotjar.io d3rse9xjbp8270.cloudfront.net; img-src * blob: data:; form-action 'self'
content-type: text/html; charset=utf-8
date: Wed, 04 May 2022 21:38:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
permissions-policy: fullscreen=(), geolocation=(*), microphone=(), camera=()
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: sameorigin
x-request-id: 38b962e9-f183-4dd0-b294-e1fb4e591aa1

Redirect headers

content-length: 0
date: Wed, 04 May 2022 21:38:50 GMT
location: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
server: AmazonS3
via: 1.1 8462ed2e9a829ba62d29d6a8e3a787d2.cloudfront.net (CloudFront)
x-amz-cf-id: sKx67DvEbZ6Gh9KLnjm4N4bh5ScfoMyLfN0_d08V1OSjeBR2Df4Zzg==
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront

GET
H2 200 11391265293.js Show response
cdn.optimizely.com/js/ 969 KB
252 KB 244ms
69ms Script
text/javascript 2600:1400:d:488::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/11391265293.js

Requested by

Host: www.change.org
URL: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:488::13b8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5cbcaa66e475ad2cb7ca6d03f4492d3b267527af9ccd6e12a7557e4b94c63625

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: xjSRazIB4gWTS93.opBVqd3GJsLvaEwM
content-encoding: gzip
etag: "e576d8740d0df833963b54404231a8f2"
x-amz-request-id: CGHZEW5E52E6120A
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 41217
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="67";dur=0,cdnip;desc="2600:1400:d:488::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 256997
x-amz-id-2: MBxHtFyHBlkerQ0tKIC/F92JXhDf1IHnbzohygClse4T2EuKCOS7RP2FQZTkCHkBz7Kw5jWbWLg=
last-modified: Wed, 04 May 2022 21:30:40 GMT
server: AmazonS3
date: Wed, 04 May 2022 21:38:51 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 rendr-p1yN8mwpcWXfjVMp2YNnh_IfnmVzGQtbQ0aL087mzhs.css
assets-fe.change.org/fe/css/ 168 KB
50 KB 177ms
48ms Stylesheet
text/css 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-fe.change.org/fe/css/rendr-p1yN8mwpcWXfjVMp2YNnh_IfnmVzGQtbQ0aL087mzhs.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a75c8df26c297165df8d5329d9836787f21f9e6573190b5b43468bd3cee6ce1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 21 Apr 2022 11:17:10 GMT
server: cloudflare
age: 1152224
etag: W/"9973b50ceb9022bfb68746780b4a1a7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1314000
cf-ray: 706462c249cd6dc8-MIA
expires: Fri, 20 May 2022 02:38:51 GMT

GET
H2 200 changeAssets-2db36faf758ce4d4c918.js Show response
assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/ 6 MB
1 MB 122ms
48ms Script
application/javascript 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dff0ddeefb82c9adbd95727463ff8f792654a25049d46a473b4699b999c42563

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19645
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 May 2022 15:22:26 GMT
server: cloudflare
etag: W/"e871aa17a06a3ad8a6f20e1bb0da3976-2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1314000
cf-ray: 706462c30bee2257-MIA
expires: Fri, 20 May 2022 02:38:52 GMT

GET
H2 200 522a71258ed71f081896eb0007450357feae591c33becff013914e700e4408d2_77c2b1e8a7f9b0d78df9d920d4fc16efdbfa5a62.js Show response
www.change.org/api-proxy/-/locale_data/rendr-fe/en-US/ 504 KB
125 KB 531ms
530ms Script
application/x-javascript 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/locale_data/rendr-fe/en-US/522a71258ed71f081896eb0007450357feae591c33becff013914e700e4408d2_77c2b1e8a7f9b0d78df9d920d4fc16efdbfa5a62.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c1c72af14cfca45510fb19b3e73a4e626847486455e4843d062698f70cc97a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
etag: W/"7e082-/C9q0DJE1EtaX9c0HG5MqQBREJg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 706462c2afa267ec-MIA
x-request-id: e8e6ca78-3625-438a-a0ef-a1a46a80651c

GET
H/1.1 200
OK Icon_google.png
s3.amazonaws.com/change-assets/iconography/ 3 KB
4 KB 269ms
81ms Image
image/png 52.216.205.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/change-assets/iconography/Icon_google.png
Requested by: Host: www.change.org
URL: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.205.61 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2f22aaf2e8367b02152b442ef28df7084601e0ded40c7d8f7b6f24be66b326fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 21:38:53 GMT
Last-Modified: Thu, 05 Jul 2018 18:28:51 GMT
Server: AmazonS3
x-amz-request-id: M0EP5P63F1TGW6AQ
ETag: "369517fb3742230ce26a804ab17c7566"
Content-Type: image/png
x-amz-version-id: qQUwThkyHB.uliIE2wlK0jg7nLP7XyC0
Accept-Ranges: bytes
Content-Length: 3333
x-amz-id-2: wJQQH8Xcl3HAs5FHLzZNteVcP2WaJF3M1XAekArBel9v745ovNHWaG5Zn+PctY/MDLQbM7ljDYI=

GET
H2 200 imuDcDfdciafHZc-128x128-noPad.jpg
assets.change.org/photos/4/ud/cd/ 3 KB
4 KB 560ms
431ms Image
image/jpeg 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/4/ud/cd/imuDcDfdciafHZc-128x128-noPad.jpg?1509558761

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9647ba2bcf1f60767c74a12f152b36ebe47da78b0c8fb9d7e4f6fa9aba7fd9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 01 Nov 2017 17:52:42 GMT
server: cloudflare
etag: "b527cf53f84d881156a28d77711e3a08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 706462c36ba99add-MIA
content-length: 3515
expires: Wed, 11 May 2022 21:38:52 GMT

GET
H2 200 itcIBVyfNCrDAmy-800x450-noPad.jpg
assets.change.org/photos/1/ci/bv/ 87 KB
87 KB 1053ms
925ms Image
image/jpeg 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/1/ci/bv/itcIBVyfNCrDAmy-800x450-noPad.jpg?1648824897

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bc8016f63436258cd404b4e728f9fbb6640d991d960a8085c994b27214f4e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 01 Apr 2022 14:54:57 GMT
server: cloudflare
etag: "a87544ecca094678105965456e3d760f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 706462c36bab9add-MIA
content-length: 88589
expires: Wed, 11 May 2022 21:38:52 GMT

GET
H2 200 cc-badges-ppmcvdam.png
static.change.org/payment-options/ 10 KB
11 KB 168ms
66ms Image
image/webp 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.change.org/payment-options/cc-badges-ppmcvdam.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1109f06575461e12506210604c6bc3327909e9d62c43ba26bfbbfc134aa72993

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5013
cf-polished: origFmt=png, origSize=15330
content-type: image/webp
last-modified: Wed, 13 Dec 2017 23:43:50 GMT
content-disposition: inline; filename="cc-badges-ppmcvdam.webp"
content-length: 10516
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "c6235f4a9b54cfecaa26270f58b57aa0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: N4SI4WlBSLPCu5KnXbnJ4LlSaYTRizPe
cache-control: public, max-age=1382400
accept-ranges: bytes
cf-ray: 706462c34ee79ab3-MIA
expires: Fri, 20 May 2022 21:38:52 GMT

GET
H2 200 green-buzzworthy.svg
static.change.org/images/ 657 B
774 B 167ms
65ms Image
image/svg+xml 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.change.org/images/green-buzzworthy.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bf9f54a9d46d53a2e8506a9d305edd01518a4cf855b45d5ce710dc5dd9f927

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 26 Aug 2019 23:09:30 GMT
server: cloudflare
age: 262
etag: W/"2dadfe0285595186dc958c9b6079c7c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: giIHttNBhlkVdhDoL0IZkFLMdoOglwdn
content-type: image/svg+xml
cache-control: public, max-age=1382400
cf-ray: 706462c34ee49ab3-MIA
expires: Fri, 20 May 2022 21:38:52 GMT

GET
H2 200 main.min.js Show response
client.px-cloud.net/PXNsLC0Hv5/ 132 KB
55 KB 311ms
66ms Script
application/javascript 2600:141b:13::b833:9299
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://client.px-cloud.net/PXNsLC0Hv5/main.min.js
Requested by: Host: www.change.org
URL: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::b833:9299 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4dc096e7de86598e8347e6d43409caa7b4fc6c7ea318c802a72ae688ae54382b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:52 GMT
content-encoding: gzip
etag: "20f36-pWqZjZ+zb9tIFRx0KXGUdbHmHBk"
active-cdn: Akamai
x-px-hash: MzI5YTZhZjMwNGZhMmY5N2VhZGEyNjhiYWE5ODBmOTBjZGQ1YjA4YzQyMTIwMGY5NjI5ZGY5ZDExYWI0Mjc3Zg==
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: active-cdn,x-served-by
cache-control: max-age=600,stale-while-revalidate=86400,stale-if-error=3600
content-length: 55570

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d57b3c19380541f2d7fd3eb500da925eeff601029c8ef4f7f4cc773926077e17

Request headers

Referer
Origin: https://www.change.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 update.min.js Show response
browser-update.org/ 9 KB
5 KB 139ms
53ms Script
application/javascript 2606:4700:20::ac43:459c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-update.org/update.min.js
Requested by: Host: www.change.org
URL: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:459c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d55c7f0d381507af2908d61c122c4e6bbd5dc37645a1749ea3ba6df2dfe054a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Mar 2022 03:42:26 GMT
server: cloudflare
age: 2310961
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaTGErvMP%2FGlGnhIkj0xv5E9Isd%2BQGhT1s3jgJaQJUWGJY95RR96U%2BtSsv3O1KNn8Xw%2B%2F7wrtF4BtsOAFBhrd8yZp4cuqwAdUlHr16PpDNizxdlKmszY%2BnKZ4oqMKYINCDKvMcJJNvg12sinKRT8tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename=update.min.js
cf-ray: 706462c559709adf-MIA
expires: Sat, 09 Apr 2022 03:42:51 GMT

GET
H2 200 a11391265293.html Show response
a11391265293.cdn.optimizely.com/client_storage/ Frame 89B3 2 KB
1 KB 298ms
80ms Document
text/html 23.5.226.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a11391265293.cdn.optimizely.com/client_storage/a11391265293.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/11391265293.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.5.226.225 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-5-226-225.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

78a9f1e0feea988604f1a5c7b98941351c12b125cfe9d5cd5e6ef2510939cf2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.change.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 827
content-type: text/html; charset=utf-8
date: Wed, 04 May 2022 21:38:52 GMT
etag: "8182d590da4c31c8f1e8085046ab6f47"
last-modified: Wed, 04 May 2022 21:30:04 GMT
server: AmazonS3
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="65";dur=0,cdnip;desc="23.5.226.225";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: 5wPXv0lS6GGhOc9X6KfDi0PFTpUBt2yQH9Fh5RZnyo2lIs3dX8yyszmGjLyQ3WH0TkQ963HlRFo=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: ZMQJJGKFNW42VMB7
x-amz-server-side-encryption: AES256
x-amz-version-id: QbT.SR4FPh8fGeRAwYKa4oxI6hBADMwS

GET
H2 200 cookie_prefs Show response
www.change.org/api-proxy/-/ 78 B
221 B 151ms
151ms Fetch
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/cookie_prefs?cb=1

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f79ba357bfb7da557e56a236ed0bcbce40296f2dcc6bee2f0e21ea8d303a1ab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
etag: W/"4e-AGFVdnXXqsSWpu/Qy4lTwo3+J7I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 706462c81d6867ec-MIA
x-request-id: a2dd7a51-94ea-4a63-8774-269fe1fc9a6c

GET
H2 200 Change-Calibre-Regular.woff2
static.change.org/fonts/ 30 KB
31 KB 133ms
57ms Font
application/octet-stream 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.change.org/fonts/Change-Calibre-Regular.woff2

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/css/rendr-p1yN8mwpcWXfjVMp2YNnh_IfnmVzGQtbQ0aL087mzhs.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

552426fa67711398e49423a732526e763187afd768567b87e139fec853820809

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets-fe.change.org/
Origin: https://www.change.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 49
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-length: 30956
last-modified: Tue, 19 Apr 2016 05:44:47 GMT
server: cloudflare
etag: "58b40d8b77ba9c43a803a9779a22f8c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: kWNZjdaKXPzoQBC5TZ48DMAGUj.3kpR3
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=1382400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 706462c8baad0a02-MIA
expires: Fri, 20 May 2022 21:38:52 GMT

GET
H2 200 Change-Calibre-Bold.woff2
static.change.org/fonts/ 31 KB
31 KB 151ms
75ms Font
application/octet-stream 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.change.org/fonts/Change-Calibre-Bold.woff2

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/css/rendr-p1yN8mwpcWXfjVMp2YNnh_IfnmVzGQtbQ0aL087mzhs.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets-fe.change.org/
Origin: https://www.change.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-length: 32028
last-modified: Tue, 19 Apr 2016 05:45:19 GMT
server: cloudflare
etag: "682c36331f52784f4ea0b00d69b95d2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 3jrU_Dju8RrOkM9darm4OVCeQ.ZT6UeB
access-control-allow-origin: https://www.change.org
cache-control: public, max-age=1382400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 706462c8bab20a02-MIA
expires: Fri, 20 May 2022 21:38:52 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 243ms
87ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb05bc3976691db38d1c403ede59d1d2181fb64a6227b6ee1d849beba8f8c35d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20362
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Wed, 04 May 2022 21:38:53 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9fd532fc5ee3ba82"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 May 2022 21:38:53 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 161 KB
53 KB 245ms
100ms Script
text/javascript 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBwot59Cgi_SoxwakkTkAvni7930r0eJs4&libraries=places&sensor=false&callback=__loadGooglePlaces

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

f80b5e6c468f05c30944ea05a7c3c52561549e4b7cebe0c083319caedce57829

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:53 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53526
x-xss-protection: 0
expires: Wed, 04 May 2022 22:08:53 GMT

POST
H2 200 collector Show response
collector-pxnslc0hv5.px-cloud.net/api/v2/ 755 B
1008 B 153ms
75ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxnslc0hv5.px-cloud.net/api/v2/collector
Requested by: Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 125f1985d9743fda351839883c0ea9d35904a2163b8929ceaf60c8d3e972a576

Request headers

Referer: https://www.change.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 04 May 2022 21:38:52 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.change.org
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 755

GET
H2 200 config.json Show response
notifier-configs.airbrake.io/2020-06-18/config/122982/ 126 B
555 B 117ms
117ms XHR
binary/octet-stream 2600:9000:21ea:9600:3:9a1f:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notifier-configs.airbrake.io/2020-06-18/config/122982/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.7&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&language=JavaScript
Requested by: Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:9600:3:9a1f:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d44f17274699b16cb9886433221d59082f8f89f628ad153cfb6f3693ea0ef5a8

Request headers

accept: application/json
cache-control: no-cache,no-store
Referer: https://www.change.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
via: 1.1 a0baca8f5dcda9f46c3f17957eeb39aa.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 11:12:21 GMT
server: AmazonS3
x-amz-cf-pop: EWR50-C1
etag: "799c19a790b06a798ee290ffa4aed1ce"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 126
x-amz-cf-id: _B1Qbn4wAp84cQJv-zMhiXZoK-Ek3ZhcNvMcJW2eoflkLKph0kPPaA==

OPTIONS
H2 200 config.json
notifier-configs.airbrake.io/2020-06-18/config/122982/ Frame 0
0 256ms
77ms Preflight 2600:9000:21ea:9600:3:9a1f:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notifier-configs.airbrake.io/2020-06-18/config/122982/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.7&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&language=JavaScript
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:9600:3:9a1f:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://www.change.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: cache-control
access-control-allow-methods: GET
access-control-allow-origin: *
content-length: 0
date: Wed, 04 May 2022 21:38:54 GMT
server: AmazonS3
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 a0baca8f5dcda9f46c3f17957eeb39aa.cloudfront.net (CloudFront)
x-amz-cf-id: mmz6vSvtwGNFlinCQJTf-VpXe2snsxz-AU-uv1dT6K-_8KAkfTFIVw==
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront

GET
H2 200 comments Show response
www.change.org/api-proxy/-/ 45 B
180 B 522ms
521ms XHR
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/comments?commentable_type=PetitionUpdate&commentable_id=30398302&limit=3&offset=0

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfb4f5b998d87defe365a82d3f0b131eafa73e79ee253a4601f688408e4c7b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
X-CSRF-Token: 481ba6d614273d5df56bd6af20971cd3
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
X-Requested-With: jquery

Response headers

date: Wed, 04 May 2022 21:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
etag: W/"2d-ehamZYGYuk7NYPA4a+/1vv02a8w"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 706462ca2abf67ec-MIA
x-request-id: 426eccc6-a6cb-4080-a8f0-5285c334ad03

GET
H2 200 en-US Show response
www.change.org/api-proxy/-/petitions/promoted/ 87 KB
19 KB 843ms
842ms XHR
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/petitions/promoted/en-US?country_code=US&min_petitions=9&ip_country_code=US&ip_city=Miami&ip_region=FL&ip_postal_code=33018&channel=update_footer&petition_id=26511206

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60e2b713119fb1fa74b385d6e854fa0b10d448549277fdfbe1d3051122ed4b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
X-CSRF-Token: 481ba6d614273d5df56bd6af20971cd3
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
X-Requested-With: jquery

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
etag: W/"15ccb-c9SVN1MCZSELCOweNMwcfqKQe/A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 706462caac1767ec-MIA
x-request-id: 53af1845-0866-41f4-bf8b-1bd364df1764

GET
H2 200 imuDcDfdciafHZc-48x48-noPad.jpg
assets.change.org/photos/4/ud/cd/ 1 KB
1 KB 678ms
678ms Image
image/jpeg 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/4/ud/cd/imuDcDfdciafHZc-48x48-noPad.jpg?1509558761

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab294cb0ebb5837eda1c009fc76ac683e5fec73979be76bd7334d3a61ff9b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 01 Nov 2017 17:52:42 GMT
server: cloudflare
etag: "8f389b4c71a97dd482efb1497dda65a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 706462cadb819add-MIA
content-length: 1161
expires: Wed, 11 May 2022 21:38:53 GMT

POST
H2 200 store Show response
www.change.org/api-proxy/-/longlinks/ 71 B
343 B 307ms
306ms XHR
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/longlinks/store

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7190d6b3eea91cc54a143183b0fa2bf3ac76942a8754c28f15ab93422f312b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
X-CSRF-Token: 481ba6d614273d5df56bd6af20971cd3
X-Requested-With: axios
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 May 2022 21:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"47-iUilwYR3OUkG5BhsolQ4Ewtr06o"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 706462cafcdb67ec-MIA
x-request-id: 4998cac1-e2cb-4cd7-be1b-9fdd8b7af8c5

POST
H2 200 event_tracker
www.change.org/api-proxy/-/ 2 B
87 B 440ms
439ms Ping
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/event_tracker?_csrf=481ba6d614273d5df56bd6af20971cd3

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 04 May 2022 21:38:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 706462cafce567ec-MIA
content-length: 2
x-request-id: 649ce7cc-49fc-4e00-badc-cff97d55665f

POST
H2 200 event_tracker
www.change.org/api-proxy/-/ 2 B
118 B 439ms
438ms Ping
application/json 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.change.org/api-proxy/-/event_tracker?_csrf=481ba6d614273d5df56bd6af20971cd3

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 04 May 2022 21:38:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-ray: 706462cafcea67ec-MIA
content-length: 2
x-request-id: 3fb08bda-8e98-4d98-b581-e5891e79532b

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 224ms
69ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3299
date: Wed, 04 May 2022 20:43:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 04 May 2022 22:43:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 236 KB
78 KB 234ms
88ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NMT3DV

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3cda2eaef397111752ab6f081ed1ed3f20fbe3abdb5601d899e05a4817ea9aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79563
x-xss-protection: 0
last-modified: Wed, 04 May 2022 21:09:38 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 May 2022 21:38:53 GMT

GET
H2 200 hotjar-1693228.js Show response
static.hotjar.com/c/ 34 KB
6 KB 267ms
68ms Script
application/javascript 13.225.63.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1693228.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.63.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-63-15.ewr53.r.cloudfront.net

Software

Resource Hash

10ba08ada54705b770d921ea9033f2050bcbd86e5414cad352c7d4dabaa875a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 8
etag: W/76e68f3a972da494f0c359aef6fe9171
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: 77u4qbhi8ROhNZInVFJh5B0NHmK94pnsoK9LabTcd9LCiWLB1XGyfw==
via: 1.1 988ebab315003cc8902437cbdd7de09e.cloudfront.net (CloudFront)

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 220ms
70ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f2ba54bc79c204a72ffcc24406bbe91d9b77aec3257cd4a39a4e96faa892be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QogkoRpKrQtpPzBEXy0jWA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: eXtjK7MweG7XUKJnmO8oAI+KTGLe9p9+EhcaELte1kTgOwd7iOGihfu+3FePQnqy4hAjfZjJE2XJQjQ39Tsl+Q==
x-fb-trip-id: 1512268381
x-fb-content-md5: 963e8f66f801dcfa0a799a95bd50adb1
x-frame-options: DENY
date: Wed, 04 May 2022 21:38:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "fcb183332c5953b87b8a4e3e41a82a82"
timing-allow-origin: *
expires: Wed, 04 May 2022 21:52:37 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.iTmf4rxOyWc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw/ 108 KB
36 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.iTmf4rxOyWc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1757f7a288131ceeb5bc1276d57640278bc5eecbbcae016189c274981d2b45c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 00:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36550
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 00:33:10 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 237ms
97ms XHR
application/json 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.change.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
359 B 254ms
60ms XHR
text/plain 34.228.124.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.228.124.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-124-54.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.change.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 04 May 2022 21:38:53 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.change.org
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 59654e66-997e-43f8-9fcb-036da09e8faf

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 40F4 283 B
1 KB 317ms
162ms Document
text/html 2607:f8b0:4006:820::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.iTmf4rxOyWc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-LTnDn-AS2QlMWYZdnaV1OuFR7Iw/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200d Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

004e3e7fa847ba12ae23e24ae20e1245babb16091fe7a802abb52a3fdde68e87

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qjUVuGD6PwySbk/hzsDWPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.change.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qjUVuGD6PwySbk/hzsDWPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 21:38:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 288 KB
82 KB 144ms
72ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ba437ff41c3027103928d4e0fe6ddec6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

87e8e3b00e44c41345ad28e6f61b8d2f7803519911f8a6e8bf98be8dc2aa6a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.change.org/
Origin: https://www.change.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Rt3xZ6kDfgp1y259n2JYdw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84336
x-fb-rlafr: 0
x-fb-debug: RWsXdImKp8itb5AVVrxRzZpopzMzwQ1/0pdec6Gx7UtJShHBZ/y/AUTq8yROYVNHsdle9C2JiBZNws88bogEVg==
x-fb-content-md5: 2a07e0a5fd7c8c3cd9b94d2c88be1ea6
x-frame-options: DENY
date: Wed, 04 May 2022 21:38:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d0f5906f5fc6501e160b235005c7dbee"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 04 May 2023 19:39:03 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 223ms
82ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1485121156&t=timing&_s=1&dl=https%3A%2F%2Fwww.change.org%2Fp%2Fthe-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe%2Fu%2F30398302%3Frecruiter%3D746005144%26utm_source%3Dshare_update%26utm_medium%3Demail%26utm_campaign%3Dshare_email_responsive%26recruited_by_id%3D85effe70-66f8-11e7-aeef-8f55a38a5a37&ul=en-us&de=UTF-8&dt=Petition%20update%20%C2%B7%20Submitting%C2%A0the%20Transcript%20and%20the%20Audio%20Records%20to%20the%20Greek%20Ombudsman%20%C2%B7%20Change.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=node-timing.js&utv=First%20Render&utt=2241&_u=YEBAAEABAAAAAC~&jid=821480786&gjid=719710085&cid=1589871869.1651700334&tid=UA-5889778-1&_gid=1143499067.1651700334&_r=1&_slc=1&z=138277355

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 May 2022 21:38:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.change.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.d0a2aeb118e239528093.js Show response
script.hotjar.com/ 238 KB
62 KB 225ms
72ms Script
application/javascript 143.204.146.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d0a2aeb118e239528093.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1693228.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.146.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-146-14.ewr52.r.cloudfront.net

Software

Resource Hash

30487167d145a79b345ad5f6d8bac69224575af83c11a45ccc1e1da5725a73e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 08:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47027
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63366
access-control-allow-origin: *
last-modified: Wed, 04 May 2022 08:34:55 GMT
etag: "a7a180207593a609a9773fd8d037bf4f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6b40574acc577d1185c505c40886acc6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: V9y7fK7dTcaPoI2pxj9pBCMt0yGx7QSB1XDWQ_Q1-jleNU6fB_LQEw==

GET
H2 200 box-21ccaa45726c0f3c8c458f7a87eb2298.html Show response
vars.hotjar.com/ Frame 58C5 2 KB
1 KB 190ms
61ms Document
text/html 13.225.213.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1693228.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.213.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-213-116.ewr50.r.cloudfront.net
Software: /
Resource Hash: c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Referer: https://www.change.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1686398
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 09:12:15 GMT
etag: "6a4e2ae376c29011d2e53de65a08d0b7"
last-modified: Wed, 19 Jan 2022 11:29:02 GMT
vary: Accept-Encoding
via: 1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront)
x-amz-cf-id: CkPkDcCeC9M9XzDt3UvvPXRCj1fWOGdMV9TKYVxgn6dmryqTFMpUwQ==
x-amz-cf-pop: EWR50-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 242ms
96ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMT3DV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14897
x-xss-protection: 0
server: cafe
etag: 9926226332162747720
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 May 2022 21:38:53 GMT

GET
H2 200 hotjar-1693228.js Show response
static.hotjar.com/c/ 34 KB
6 KB 68ms
68ms Script
application/javascript 13.225.63.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1693228.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMT3DV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.63.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-63-15.ewr53.r.cloudfront.net

Software

Resource Hash

10ba08ada54705b770d921ea9033f2050bcbd86e5414cad352c7d4dabaa875a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 8
etag: W/76e68f3a972da494f0c359aef6fe9171
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: dNmFuAyMeg3_YzZfCyEGqI_izNB80yZ0llkvC5YCdxDH7oUIhOWyzQ==
via: 1.1 988ebab315003cc8902437cbdd7de09e.cloudfront.net (CloudFront)

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 28 KB
10 KB 220ms
68ms Script
application/javascript 199.232.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMT3DV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 93cc545f534a75a876beccc35125e563e20bb9857714482547fc151f07d57595

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:53 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 16:57:50 GMT
etag: "1ce6e12fa6e9b18909e94a06df1ef9cb+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 9561
x-served-by: cache-iad-kiad7000060-IAD, cache-lga21954-LGA

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 145ms
71ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: ppJF8robtmQg5MZZzGfR9rEfF7aq077riXUG89t9eoVvHXJcqic1jVHb0f3jcgB4sZ2Cj5p6AR4WKHtYyEZdJw==
x-frame-options: DENY
date: Wed, 04 May 2022 21:38:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 32 KB
9 KB 320ms
65ms Script
application/x-javascript 54.230.163.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=e6737e206fc55dc5a6c6cd8b050e7fbb
Requested by: Host: www.change.org
URL: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-101.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec23c6fa4eb8c10ba8a79423a28706e5ccf04482b3acda1f80e482f4a1e5e02e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 00:31:35 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 13:33:55 GMT
server: AmazonS3
age: 76040
etag: W/"b4277a00a5a4aa1e89fe357afbb62d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: R_hHoRWR4J1JmjlGBjQv0cRhPRcoeQHF
via: 1.1 2435a43ad9e6173e7352a49a09dd01b0.cloudfront.net (CloudFront)
cache-control: public,max-age=86400
x-amz-cf-pop: EWR53-C3
content-type: application/x-javascript
x-amz-cf-id: rensX-Tho8_CogQildV9714Uv6aqDokHBILUJj1b7P9Gq-MZymYOrw==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 151ms
61ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A896EC2D548A49629EE7F8FA279B5E88 Ref B: MIAEDGE1709 Ref C: 2022-05-04T21:38:53Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 04 May 2022 21:38:53 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 368ms
78ms Script
application/javascript 184.28.190.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9O1SLRC77U2Q7VA8R60&lib=ttq
Requested by: Host: www.change.org
URL: https://www.change.org/p/the-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe/u/30398302?recruiter=746005144&utm_source=share_update&utm_medium=email&utm_campaign=share_email_responsive&recruited_by_id=85effe70-66f8-11e7-aeef-8f55a38a5a37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-66.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ec88e9506673eb2528a9f57aa4136624cc5481b2ab3db552bb8ec24120951c94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 21:38:54 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205042138520101130070341ACBA22E
vary: Accept-Encoding
x-cache: TCP_MISS from a184-28-190-62.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,184.28.190.62
x-tt-trace-host: 01c59745f96e5c10708bd1a11ddb0d1fbbe41e3fc297ea713e83942573ddfe99df08a7adf5d6b23de5176790989a9598c478c969515d3b39e909b65e3ef209d437ed6eec1b862e4fa23cd93cefeaa1882b561f4cbb16f0e505a3e8b93135312e2c
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=11
x-akamai-request-id: 1c23f798
expires: Wed, 04 May 2022 21:38:54 GMT

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 40F4 2 KB
848 B 232ms
93ms Other
text/html 2607:f8b0:4006:820::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200d Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

689a28848062b4072435ff5120efebae88fe460c7c077195253a85df0489c1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 04 May 2022 21:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
440 B 205ms
73ms XHR
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5889778-1&cid=1589871869.1651700334&jid=821480786&gjid=719710085&_gid=1143499067.1651700334&_u=YEBAAEAAAAAAAC~&z=773466472

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.change.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 04 May 2022 21:38:53 GMT
content-type: text/plain
access-control-allow-origin: https://www.change.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.J7lmSCorJ8I.es5.O/d=1/rs=AOaEmlFnXtD_Ca5exWAMaajFhseP11LL9g/ Frame 40F4 97 KB
34 KB 220ms
70ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.J7lmSCorJ8I.es5.O/d=1/rs=AOaEmlFnXtD_Ca5exWAMaajFhseP11LL9g/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4cb23e790c7175635d66fae052eda760e98d7c71efc15925559e7959361850a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 06:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33718
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 22:40:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 06:31:02 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 237ms
93ms Fetch
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=48409868550&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.change.org%2Fp%2Fthe-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe%2Fu%2F30398302%3Frecruiter%3D746005144%26utm_source%3Dshare_update%26utm_medium%3Demail%26utm_campaign%3Dshare_email_responsive%26recruited_by_id%3D85effe70-66f8-11e7-aeef-8f55a38a5a37&sdk=joey&wants_cookie_data=true

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: aMP79WBz6/xtOg2PmtugO1RzPcy8SwpXCJrqP/9D0R+WLmNGHBZa4Pz33VsH08xk+LwQAZvgKGbg4j+2iYLg1g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Wed, 04 May 2022 21:38:54 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.change.org
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 142000274.js Show response
bat.bing.com/p/action/ 0
136 B 62ms
62ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/142000274.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7FF787E66B214176BC445DA68906ED6D Ref B: MIAEDGE1709 Ref C: 2022-05-04T21:38:53Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 04 May 2022 21:38:53 GMT

GET
H2 204 0
bat.bing.com/action/ 0
175 B 133ms
133ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=142000274&Ver=2&mid=96778b30-b51d-498f-9269-fa57890b6dc1&sid=9849bb30cbf211eca8fcc975b2cf0752&vid=9849ccb0cbf211ec9cf06912d1143be9&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Petition%20update%20%C2%B7%20Submitting%C2%A0the%20Transcript%20and%20the%20Audio%20Records%20to%20the%20Greek%20Ombudsman%20%C2%B7%20Change.org&p=https%3A%2F%2Fwww.change.org%2Fp%2Fthe-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe%2Fu%2F30398302%3Frecruiter%3D746005144%26utm_source%3Dshare_update%26utm_medium%3Demail%26utm_campaign%3Dshare_email_responsive%26recruited_by_id%3D85effe70-66f8-11e7-aeef-8f55a38a5a37&r=&lt=2569&evt=pageLoad&msclkid=N&sv=1&rn=820987

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CA774AAE002A4BFAADB7705D6D197DE0 Ref B: MIAEDGE1709 Ref C: 2022-05-04T21:38:53Z
date: Wed, 04 May 2022 21:38:53 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1081902691834097 Show response
connect.facebook.net/signals/config/ 487 KB
143 KB 72ms
71ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1081902691834097?v=2.9.58&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76c65af7d8901f2ce5184db01c9daf9cab15e6133c726918f77e980111984cb0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 146627
x-xss-protection: 0
pragma: public
x-fb-debug: wzgC1urcpMHg9QsyRtHYTqH40mZq7XCc+M52oMifw4og3E10UAZiOVrAiGi1wOlBIi7hDDjadTNvdPx869N5eg==
x-frame-options: DENY
date: Wed, 04 May 2022 21:38:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 204ms
65ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nweqj&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=3f0ba86d-5bec-4342-a19b-6363dabc04a9&tw_document_href=https%3A%2F%2Fwww.change.org%2Fp%2Fthe-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe%2Fu%2F30398302%3Frecruiter%3D746005144%26utm_source%3Dshare_update%26utm_medium%3Demail%26utm_campaign%3Dshare_email_responsive%26recruited_by_id%3D85effe70-66f8-11e7-aeef-8f55a38a5a37

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 6
date: Wed, 04 May 2022 21:38:53 GMT
server: tsa_b
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 9cf3bea6c0d485919e3dee3e6a39f2fea5f877b4efd70738a411435d8caba1dd
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
336 B 197ms
66ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nweqj&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=3f0ba86d-5bec-4342-a19b-6363dabc04a9&tw_document_href=https%3A%2F%2Fwww.change.org%2Fp%2Fthe-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe%2Fu%2F30398302%3Frecruiter%3D746005144%26utm_source%3Dshare_update%26utm_medium%3Demail%26utm_campaign%3Dshare_email_responsive%26recruited_by_id%3D85effe70-66f8-11e7-aeef-8f55a38a5a37

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 6
date: Wed, 04 May 2022 21:38:53 GMT
server: tsa_b
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: be2480093678e1f322b14b463f3ee97142079ec1be9d3f1ca0665327e29d33fd
content-length: 43

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ 2 KB
2 KB 231ms
88ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/?random=1651700333975&cv=9&fst=1651700333975&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.change.org%2Fp%2Fthe-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe%2Fu%2F30398302%3Frecruiter%3D746005144%26utm_source%3Dshare_update%26utm_medium%3Demail%26utm_campaign%3Dshare_email_responsive%26recruited_by_id%3D85effe70-66f8-11e7-aeef-8f55a38a5a37&tiba=Petition%20update%20%C2%B7%20Submitting%C2%A0the%20Transcript%20and%20the%20Audio%20Records%20to%20the%20Greek%20Ombudsman%20%C2%B7%20Change.org&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae7630631494cd79a7b91b38a4cf4322d295d04c0a3bd6eb81434447f3f6c507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 21:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1241
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collector Show response
collector-pxnslc0hv5.px-cloud.net/api/v2/ 419 B
437 B 149ms
76ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxnslc0hv5.px-cloud.net/api/v2/collector
Requested by: Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 96cee48d89271b51c6631afd3e2654284c795e82d1b814d9733e36b776eb8cad

Request headers

Referer: https://www.change.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 04 May 2022 21:38:53 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.change.org
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 419

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 233ms
87ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5889778-1&cid=1589871869.1651700334&jid=821480786&_u=YEBAAEAAAAAAAC~&z=404715834

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 21:38:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 BjZEVvJkpRiiaqa-400x225-noPad.jpg
assets.change.org/photos/2/ze/vv/ 23 KB
23 KB 65ms
61ms Image
image/jpeg 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/2/ze/vv/BjZEVvJkpRiiaqa-400x225-noPad.jpg?1618467011

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d7213b5483d3d3222b33a43a448d1ce01fd0f9afd72d72361b916aa083f768e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 345209
cf-polished: origSize=24521, status=webp_bigger
last-modified: Thu, 15 Apr 2021 06:10:12 GMT
content-length: 23700
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "23a7971acfa6a47053da25957866020f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 706462d13ac99add-MIA
expires: Wed, 11 May 2022 21:38:54 GMT

GET
H2 200 UnVSMtTIWzjGCuR-400x225-noPad.jpg
assets.change.org/photos/5/vs/mt/ 15 KB
15 KB 67ms
62ms Image
image/jpeg 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/5/vs/mt/UnVSMtTIWzjGCuR-400x225-noPad.jpg?1642928414

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

958010fe684e56ce4c12cba5c156b9cd185d831839a2743210e171329fd40c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 582050
cf-polished: origSize=15483, status=webp_bigger
last-modified: Sun, 23 Jan 2022 09:00:15 GMT
content-length: 15145
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "550d687abb3ef2f153acf39ad20de9c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 706462d13ad39add-MIA
expires: Wed, 11 May 2022 21:38:54 GMT

GET
H2 200 jEkUunRWfOGHGvI-400x225-noPad.jpg
assets.change.org/photos/5/ku/un/ 27 KB
27 KB 70ms
64ms Image
image/jpeg 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/5/ku/un/jEkUunRWfOGHGvI-400x225-noPad.jpg?1645110005

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fc100316489a541e5a460c39d96b9201368c6923634e16cf66cbaf3b0f60be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 460597
cf-polished: origSize=29140, status=webp_bigger
last-modified: Thu, 17 Feb 2022 15:00:05 GMT
content-length: 27652
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "a35973cc8ea54aafb3a452448efd75b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 706462d13ad59add-MIA
expires: Wed, 11 May 2022 21:38:54 GMT

GET
H2 200 kbkjKxFeOkJOgqW-400x225-noPad.jpg
assets.change.org/photos/5/kj/kx/ 10 KB
11 KB 93ms
88ms Image
image/jpeg 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/5/kj/kx/kbkjKxFeOkJOgqW-400x225-noPad.jpg?1646155882

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c147f59929087483ce64983fce9c09536b9524a04663cd403f42117af3bb024

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256382
cf-polished: origSize=10979, status=webp_bigger
last-modified: Tue, 01 Mar 2022 17:31:23 GMT
content-length: 10678
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "39687bb91c67ac2fabf2a4910e85068d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 706462d13ad79add-MIA
expires: Wed, 11 May 2022 21:38:54 GMT

GET
H2 200 sVhwKKjtrffSZDn-400x225-noPad.jpg
assets.change.org/photos/1/hw/kk/ 14 KB
14 KB 67ms
62ms Image
image/jpeg 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/1/hw/kk/sVhwKKjtrffSZDn-400x225-noPad.jpg?1640759317

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d921de6c26edb1d1e22cb8e9610318d176ea20134ec25d1fa4930b3cccf9122d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 553878
cf-polished: origSize=14713, status=webp_bigger
last-modified: Wed, 29 Dec 2021 06:28:38 GMT
content-length: 14213
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "d012d0440d51a6df8471cba808b78968"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 706462d13ad99add-MIA
expires: Wed, 11 May 2022 21:38:54 GMT

GET
H2 200 fdoUtBGUYrFwvOr-400x225-noPad.jpg
assets.change.org/photos/2/ou/tb/ 15 KB
15 KB 64ms
60ms Image
image/jpeg 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/2/ou/tb/fdoUtBGUYrFwvOr-400x225-noPad.jpg?1646108502

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

920fad1d875b033d3d7f3d251620da04edd9e74df630ee1621099c1182cb92bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 462182
cf-polished: origSize=15701, status=webp_bigger
last-modified: Tue, 01 Mar 2022 04:21:43 GMT
content-length: 15177
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "8c3c9ca585d344d86e5df8bae16c3f8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 706462d14adc9add-MIA
expires: Wed, 11 May 2022 21:38:54 GMT

GET
H2 200 VcYGVwNpHMSfjZv-400x225-noPad.jpg
assets.change.org/photos/5/yg/vw/ 14 KB
14 KB 58ms
53ms Image
image/jpeg 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/5/yg/vw/VcYGVwNpHMSfjZv-400x225-noPad.jpg?1601271617

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07242084ee5f0da0a9b3b41b2c8c2c0dbbb687a651bccfcb87d686edb648ab76

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 263067
cf-polished: origSize=14392, status=webp_bigger
last-modified: Mon, 28 Sep 2020 05:40:17 GMT
content-length: 13913
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "38e279adc3dbd7cf2974152c7447fc27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 706462d14add9add-MIA
expires: Wed, 11 May 2022 21:38:54 GMT

GET
H2 200 lmomqSExRAhnqoA-400x225-noPad.jpg
assets.change.org/photos/7/om/qs/ 34 KB
34 KB 93ms
89ms Image
image/jpeg 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/7/om/qs/lmomqSExRAhnqoA-400x225-noPad.jpg?1646504866

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f37acf5305390e5cb489ab9b18e91a9efa7fc7a8505a6fb5633a4fd8d41849d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 225396
cf-polished: origSize=36695, status=webp_bigger
last-modified: Sat, 05 Mar 2022 18:27:46 GMT
content-length: 34511
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "e7e6da0926f323b5418f253b29813272"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 706462d14adf9add-MIA
expires: Wed, 11 May 2022 21:38:54 GMT

GET
H2 200 apjCjlCFEPtMvxo-400x225-noPad.jpg
assets.change.org/photos/9/jc/jl/ 37 KB
38 KB 56ms
52ms Image
image/jpeg 104.17.88.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.change.org/photos/9/jc/jl/apjCjlCFEPtMvxo-400x225-noPad.jpg?1651329977

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.88.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d99a80064b94909db6eeaa909882d9a6ec7bd5eb369d5e217e52c393f1c8113

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 358140
cf-polished: origSize=41247, status=webp_bigger
last-modified: Sat, 30 Apr 2022 14:46:18 GMT
content-length: 38157
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "546c8be717b31247d6568da0377fe2f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 706462d14ae09add-MIA
expires: Wed, 11 May 2022 21:38:54 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 146ms
73ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=48409868550&ev=fb_page_view&dl=https%3A%2F%2Fwww.change.org%2Fp%2Fthe-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe%2Fu%2F30398302%3Frecruiter%3D746005144%26utm_source%3Dshare_update%26utm_medium%3Demail%26utm_campaign%3Dshare_email_responsive%26recruited_by_id%3D85effe70-66f8-11e7-aeef-8f55a38a5a37&rl=&if=false&ts=1651700334266&cd[view_event]=petition_update_view&cd[petition_id]=petition_26511206&cd[update_id]=update_30398302&cd[promotable]=true&cd[signed]=false&cd[kind]=news_coverage&sw=1600&sh=1200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 04 May 2022 21:38:54 GMT

POST
H2 200 events Show response
fb-conversions.change.org/ 0
163 B 359ms
114ms XHR
text/plain 34.222.178.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb-conversions.change.org/events

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.222.178.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-222-178-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.change.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.change.org
date: Wed, 04 May 2022 21:38:54 GMT
access-control-allow-credentials: true
vary: origin
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 84ms
72ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081902691834097&ev=PageView&dl=https%3A%2F%2Fwww.change.org%2Fp%2Fthe-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe%2Fu%2F30398302%3Frecruiter%3D746005144%26utm_source%3Dshare_update%26utm_medium%3Demail%26utm_campaign%3Dshare_email_responsive%26recruited_by_id%3D85effe70-66f8-11e7-aeef-8f55a38a5a37&rl=&if=false&ts=1651700334322&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=30&fbp=fb.1.1651700334319.629065386&eid=ob3_plugin-set_4c21dab3b23c453a0b89973583606fdced93f226e82ccc4d544e796478cb36c3&it=1651700333950&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 04 May 2022 21:38:54 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 87ms
82ms Script
application/javascript 184.28.190.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9O1SLRC77U2Q7VA8R60&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-66.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 21:38:54 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205042138540101130061970167F4E7
vary: Accept-Encoding
x-cache: TCP_MISS from a184-28-190-62.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,184.28.190.62
x-tt-trace-host: 01c59745f96e5c10708bd1a11ddb0d1fbbe41e3fc297ea713e83942573ddfe99df08a7adf5d6b23de5176790989a9598c4a18ed3494edc165528a5d9c30e3205d874b8519cc9ed6bce880aaa7832cdf03455b9ebfe6928c0ac94e17fa8cbd13510
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=12
x-akamai-request-id: 1c23fa91
expires: Wed, 04 May 2022 21:38:54 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 883 B
1 KB 80ms
80ms Script
application/javascript 184.28.190.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C9O1SLRC77U2Q7VA8R60&hostname=www.change.org
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9O1SLRC77U2Q7VA8R60&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-66.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2926def697a411e77a0dd06b4c07a9c1810f70d159143a8ab61c3cbadedddfca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-akamai-request-id: 1c23fad9
date: Wed, 04 May 2022 21:38:54 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-28-190-62.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=14
content-length: 351
pragma: no-cache
server: nginx
x-tt-logid: 202205042138540101130062050C775EF4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,184.28.190.62
x-tt-trace-host: 01c59745f96e5c10708bd1a11ddb0d1fbbe41e3fc297ea713e83942573ddfe99df08a7adf5d6b23de5176790989a9598c46b1a014a8fbd0d4b85e50c27757c5901be47ffacc9bab12783af714535790b1516eb7cd96aa210d037ea8d8756919ee2
expires: Wed, 04 May 2022 21:38:54 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/991363857/ 42 B
64 B 233ms
91ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/991363857/?random=1651700333975&cv=9&fst=1651698000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&frm=0&url=https%3A%2F%2Fwww.change.org%2Fp%2Fthe-united-nations-refugee-agency-unhcr-put-an-end-to-my-prolonged-imprisonment-in-greece-hostage-of-europe%2Fu%2F30398302%3Frecruiter%3D746005144%26utm_source%3Dshare_update%26utm_medium%3Demail%26utm_campaign%3Dshare_email_responsive%26recruited_by_id%3D85effe70-66f8-11e7-aeef-8f55a38a5a37&tiba=Petition%20update%20%C2%B7%20Submitting%C2%A0the%20Transcript%20and%20the%20Audio%20Records%20to%20the%20Greek%20Ombudsman%20%C2%B7%20Change.org&async=1&fmt=3&is_vtc=1&random=3927045093&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 21:38:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 40F4 49 B
95 B 93ms
92ms XHR
application/json 2607:f8b0:4006:820::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.change.org&client_id=404493852178-k7v3co66ahlgd8fu6327oia1b24bk916.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.J7lmSCorJ8I.es5.O/d=1/rs=AOaEmlFnXtD_Ca5exWAMaajFhseP11LL9g/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200d Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-JaPtjN2R34hXesVaWjQJ1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 21:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-JaPtjN2R34hXesVaWjQJ1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
expires: Wed, 04 May 2022 21:38:54 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
568 B 89ms
89ms Ping
application/octet-stream 184.28.190.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9O1SLRC77U2Q7VA8R60&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.190.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-190-66.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.change.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 May 2022 21:38:54 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220504213854010113006069115067EF
x-cache: TCP_MISS from a184-28-190-62.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,184.28.190.62
x-tt-trace-host: 01c59745f96e5c10708bd1a11ddb0d1fbbe41e3fc297ea713e83942573ddfe99df08a7adf5d6b23de5176790989a9598c4ab3d164d2c9bd81849fb4d6c92f6291fdfbdf2875d31f98afb2d916be60d9a0d75649b48be96e8c5c3fb5caf6d1eda7f
server-timing: inner; dur=9, cdn-cache; desc=MISS, edge; dur=0, origin; dur=16
x-akamai-request-id: 1c23fbab
content-length: 0
expires: Wed, 04 May 2022 21:38:54 GMT

POST
H2 200 events Show response
fb-conversions.change.org/ 0
162 B 119ms
118ms XHR
text/plain 34.222.178.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fb-conversions.change.org/events

Requested by

Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/2fbc8b12d55c520be775a6310fea1a25/changeAssets-2db36faf758ce4d4c918.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.222.178.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-222-178-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.change.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.change.org
date: Wed, 04 May 2022 21:38:54 GMT
access-control-allow-credentials: true
vary: origin
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/ 77 KB
28 KB 206ms
68ms Script
text/javascript 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBwot59Cgi_SoxwakkTkAvni7930r0eJs4&libraries=places&sensor=false&callback=__loadGooglePlaces

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

098695ed055199f9a99f3f7689cc444871533b9227764b0193025fdc6e78ab17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 03:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28806
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 03:51:44 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/ 297 KB
91 KB 208ms
71ms Script
text/javascript 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBwot59Cgi_SoxwakkTkAvni7930r0eJs4&libraries=places&sensor=false&callback=__loadGooglePlaces

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da4ce6a7f2dd3eee8d5424c9b9c1ea0e5ccacd5797dbb10375a8a489b9f3c993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.change.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 07:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92772
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 07:19:11 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.change.org/	1969-12-31 23:59:59	Name: _change_session Value: 82405703ce706cd4346b0101334aa72b
www.change.org/	1970-01-20 02:49:46	Name: _change_lang Value: %7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22US%22%7D
.change.org/	1969-12-31 23:59:59	Name: invite Value: %7B%22recruiter_id%22%3A746005144%2C%22requested_at%22%3A%222022-05-04T21%3A38%3A50.364Z%22%7D
.change.org/	1969-12-31 23:59:59	Name: __cfruid Value: d48af14c2420976b34839388205a53b9a1c6e47b-1651700331
.change.org/	1970-01-20 07:07:32	Name: optimizelyEndUserId Value: oeu1651700332384r0.5452592332745623
.change.org/	1969-12-31 23:59:59	Name: pxcts Value: 97bb91ed-cbf2-11ec-9a38-6f66526c6d41
.change.org/	1970-01-20 11:33:56	Name: _pxvid Value: 97bb825d-cbf2-11ec-9a38-6f66526c6d41
.www.change.org/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
.change.org/	1970-01-20 20:19:32	Name: _ga Value: GA1.2.1589871869.1651700334
.change.org/	1970-01-20 02:49:46	Name: _gid Value: GA1.2.1143499067.1651700334
.change.org/	1970-01-20 02:48:20	Name: _gat Value: 1
.change.org/	1970-01-20 04:57:56	Name: _gcl_au Value: 1.1.35585278.1651700334
.bing.com/	1970-01-20 12:09:56	Name: MUID Value: 213337417FD76AAD320026DB7E696B47
.bat.bing.com/	1970-01-20 02:58:25	Name: MR Value: 0
.change.org/	1970-01-20 11:33:56	Name: _hjSessionUser_1693228 Value: eyJpZCI6IjdmMTFkZGE3LTUyNGQtNTJjMS05NWZkLWE2Nzg1Y2NhZWI2NyIsImNyZWF0ZWQiOjE2NTE3MDAzMzM4NzgsImV4aXN0aW5nIjpmYWxzZX0=
.change.org/	1970-01-20 02:48:22	Name: _hjFirstSeen Value: 1
www.change.org/	1970-01-20 02:48:20	Name: _hjIncludedInSessionSample Value: 0
.change.org/	1970-01-20 02:48:22	Name: _hjSession_1693228 Value: eyJpZCI6ImY4YzczNjcxLTk3ZTgtNGMxYy04OGMwLTQ2M2VjOWZkMTVlNiIsImNyZWF0ZWQiOjE2NTE3MDAzMzM4OTEsImluU2FtcGxlIjpmYWxzZX0=
.change.org/	1970-01-20 02:48:22	Name: _hjAbsoluteSessionInProgress Value: 0
www.change.org/	1969-12-31 23:59:59	Name: _hjCachedUserAttributes Value: eyJhdHRyaWJ1dGVzIjp7ImNvdW50cnlDb2RlIjoiVVMiLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJsb2NhbGUiOiJlbi1VUyIsImxvZ2luU3RhdGUiOiJndWVzdCIsIndlYmFwcE5hbWUiOiJmZSIsIndlYmFwcFZlcnNpb24iOiIyMS4xMTIzLjAifSwidXNlcklkIjpudWxsfQ==
.change.org/	1970-01-20 02:49:46	Name: _uetsid Value: 9849bb30cbf211eca8fcc975b2cf0752
.change.org/	1970-01-20 12:09:56	Name: _uetvid Value: 9849ccb0cbf211ec9cf06912d1143be9
.t.co/	1970-01-20 20:19:32	Name: muc_ads Value: f57af03c-d612-43ef-b3ba-37411743162a
.twitter.com/	1970-01-20 20:19:32	Name: personalization_id Value: "v1_G+Ch6QtVg5qy8oU/485ZqA=="
.doubleclick.net/	1970-01-20 02:48:21	Name: test_cookie Value: CheckForPermission
.change.org/	1970-01-20 02:48:20	Name: _px3 Value: cf562045276956f04a17ff7a29a24fef7978807e7c1100137ebd38abda2e9620:TOVfiTsqT9dmZtT6pklyJZGP0mjjx0gbLreBuHcGzJ9WNGnnMk0+ogYbgpB/BXmnzGcQLpTHgGhhhzwb1vjOjQ==:1000:cYvRFJFbMe7bObTC68HvLd4vgZCpC2Kcnxh05NbBLGxFEcJemAWqsA4FZjzFnJEfsZFesucptBswT3VpuT5Bje4LY7k3ofjMwQQBJP1PsNaNYD5ptK7fRcbTxwlN6Fk8M1cqqwuB2PKzYIcIBFFadanhRdEncaZkmPd3oXnkgN/MZcq8pqsZhuKsxf38C6yHCpb+/EYhxom02lekHo1IbA==
.change.org/	1970-01-20 04:57:56	Name: _fbp Value: fb.1.1651700334319.629065386
.facebook.com/	1970-01-20 04:57:56	Name: fr Value: 0f5dOOFqyv2UNRWWl..BicvJu...1.0.BicvJu.
.tiktok.com/	1970-01-20 12:09:56	Name: _ttp Value: 28iXMow934lWYKnxC64BoZVdtH8
.change.org/	1970-01-20 12:09:56	Name: _tt_enable_cookie Value: 1
.change.org/	1970-01-20 12:09:56	Name: _ttp Value: b5c9e09b-ad7b-4ff3-82ba-95c08928263c
.google.com/	1970-01-20 07:11:51	Name: NID Value: 511=tSEN53Wy4tfKOk8BAa8I_yzwXyxTyQYe7-yVJ__DJ31Th9FwKYYGWSyPw-7IUt_AIwRq2CVlNyUuHYiIklzyrlzCXX0GycFx_E5rc6iZHfEJukm6DnfL2Pv5FHbkWCSIypOJmgAsTBCw8-UgyFw8XQkjvWurDrbtoV-Es_e2_cY

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://connect.facebook.net/ Message: Refused to send form data to 'https://www.facebook.com/tr/' because it violates the following Content Security Policy directive: "form-action 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' blob: 'unsafe-inline' 'unsafe-eval' d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net .change.org change-production.s3.amazonaws.com change-public-stuff.s3.amazonaws.com .google.ca .googleadservices.com .youtube.com .doubleclick.net .google.com .googleapis.com .googletagmanager.com .google-analytics.com .gstatic.com .recaptcha.net .ytimg.com .facebook.com .facebook.net .fbcdn.net fbrpc:// fb-messenger://* .twitter.com .twimg.com .ads-twitter.com vk.com .vk.com ajax.cdnjs.com cdnjs.cloudflare.com service.force.com .salesforceliveagent.com .braintreegateway.com .paypalobjects.com .paypal.com .stripe.com .optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com px-cdn.net .px-cdn.net .px-client.net .px-cloud.net pxchk.net .pxchk.net .hotjar.com: .hotjar.io wss://.hotjar.com p2a.co .profitwell.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net .messagebird.com .pushnotifications.pusher.com js.pusher.com secure.everyaction.com d3rse9xjbp8270.cloudfront.net .ngpvan.com js2.verygoodvault.com code.jquery.com cdn.embedly.com player.vimeo.com bat.bing.com soundcloud.com .soundcloud.com www.instagram.com www.flickr.com .staticflickr.com .voteamerica.com .jotform.com actionnetwork.org core.spreedly.com .airbrake.io browser-update.org .tiktok.com .bannerbear.com d2yyd1h5u9mauk.cloudfront.net web.delighted.com change.my.salesforce.com help.change.org; font-src 'self' data: .change.org d18kwxxua7ik1y.cloudfront.net d22r54gnmuhwmk.cloudfront.net fonts.gstatic.com .hotjar.com .hotjar.io d3rse9xjbp8270.cloudfront.net; img-src * blob: data:; form-action 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a11391265293.cdn.optimizely.com
accounts.google.com
analytics.tiktok.com
analytics.twitter.com
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
browser-update.org
cdn.optimizely.com
chng.it
client.px-cloud.net
collector-pxnslc0hv5.px-cloud.net
connect.facebook.net
fb-conversions.change.org
googleads.g.doubleclick.net
logx.optimizely.com
maps.googleapis.com
notifier-configs.airbrake.io
public.profitwell.com
s3.amazonaws.com
script.hotjar.com
static.ads-twitter.com
static.change.org
static.hotjar.com
stats.g.doubleclick.net
t.co
vars.hotjar.com
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.17.88.51
104.244.42.5
104.244.42.67
13.225.213.116
13.225.63.15
13.225.63.93
142.251.40.98
143.204.146.14
184.28.190.66
199.232.36.157
23.5.226.225
2600:1400:d:488::13b8
2600:141b:13::b833:9299
2600:9000:21ea:9600:3:9a1f:ef40:93a1
2606:4700:20::ac43:459c
2607:f8b0:4004:c08::9a
2607:f8b0:4006:80f::200a
2607:f8b0:4006:80f::200e
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::2004
2607:f8b0:4006:820::200d
2607:f8b0:4006:821::200e
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2008
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
34.222.178.233
34.228.124.54
35.186.220.184
52.216.205.61
54.230.163.101
004e3e7fa847ba12ae23e24ae20e1245babb16091fe7a802abb52a3fdde68e87
07242084ee5f0da0a9b3b41b2c8c2c0dbbb687a651bccfcb87d686edb648ab76
07c1c72af14cfca45510fb19b3e73a4e626847486455e4843d062698f70cc97a
098695ed055199f9a99f3f7689cc444871533b9227764b0193025fdc6e78ab17
10ba08ada54705b770d921ea9033f2050bcbd86e5414cad352c7d4dabaa875a1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1109f06575461e12506210604c6bc3327909e9d62c43ba26bfbbfc134aa72993
125f1985d9743fda351839883c0ea9d35904a2163b8929ceaf60c8d3e972a576
1ab294cb0ebb5837eda1c009fc76ac683e5fec73979be76bd7334d3a61ff9b0b
2926def697a411e77a0dd06b4c07a9c1810f70d159143a8ab61c3cbadedddfca
2d7213b5483d3d3222b33a43a448d1ce01fd0f9afd72d72361b916aa083f768e
2f22aaf2e8367b02152b442ef28df7084601e0ded40c7d8f7b6f24be66b326fb
30487167d145a79b345ad5f6d8bac69224575af83c11a45ccc1e1da5725a73e9
3cda2eaef397111752ab6f081ed1ed3f20fbe3abdb5601d899e05a4817ea9aae
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
4dc096e7de86598e8347e6d43409caa7b4fc6c7ea318c802a72ae688ae54382b
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
5cbcaa66e475ad2cb7ca6d03f4492d3b267527af9ccd6e12a7557e4b94c63625
5fc100316489a541e5a460c39d96b9201368c6923634e16cf66cbaf3b0f60be4
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60e2b713119fb1fa74b385d6e854fa0b10d448549277fdfbe1d3051122ed4b8d
689a28848062b4072435ff5120efebae88fe460c7c077195253a85df0489c1f0
6c147f59929087483ce64983fce9c09536b9524a04663cd403f42117af3bb024
6d99a80064b94909db6eeaa909882d9a6ec7bd5eb369d5e217e52c393f1c8113
7190d6b3eea91cc54a143183b0fa2bf3ac76942a8754c28f15ab93422f312b35
76c65af7d8901f2ce5184db01c9daf9cab15e6133c726918f77e980111984cb0
78a9f1e0feea988604f1a5c7b98941351c12b125cfe9d5cd5e6ef2510939cf2a
7bc8016f63436258cd404b4e728f9fbb6640d991d960a8085c994b27214f4e52
7f2ba54bc79c204a72ffcc24406bbe91d9b77aec3257cd4a39a4e96faa892be6
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
87e8e3b00e44c41345ad28e6f61b8d2f7803519911f8a6e8bf98be8dc2aa6a48
920fad1d875b033d3d7f3d251620da04edd9e74df630ee1621099c1182cb92bc
93cc545f534a75a876beccc35125e563e20bb9857714482547fc151f07d57595
958010fe684e56ce4c12cba5c156b9cd185d831839a2743210e171329fd40c87
9647ba2bcf1f60767c74a12f152b36ebe47da78b0c8fb9d7e4f6fa9aba7fd9cf
96cee48d89271b51c6631afd3e2654284c795e82d1b814d9733e36b776eb8cad
9d55c7f0d381507af2908d61c122c4e6bbd5dc37645a1749ea3ba6df2dfe054a
9f37acf5305390e5cb489ab9b18e91a9efa7fc7a8505a6fb5633a4fd8d41849d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a75c8df26c297165df8d5329d9836787f21f9e6573190b5b43468bd3cee6ce1b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae7630631494cd79a7b91b38a4cf4322d295d04c0a3bd6eb81434447f3f6c507
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b4cb23e790c7175635d66fae052eda760e98d7c71efc15925559e7959361850a
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
bb05bc3976691db38d1c403ede59d1d2181fb64a6227b6ee1d849beba8f8c35d
bfb4f5b998d87defe365a82d3f0b131eafa73e79ee253a4601f688408e4c7b1f
c0bf9f54a9d46d53a2e8506a9d305edd01518a4cf855b45d5ce710dc5dd9f927
c1757f7a288131ceeb5bc1276d57640278bc5eecbbcae016189c274981d2b45c
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d44f17274699b16cb9886433221d59082f8f89f628ad153cfb6f3693ea0ef5a8
d57b3c19380541f2d7fd3eb500da925eeff601029c8ef4f7f4cc773926077e17
d921de6c26edb1d1e22cb8e9610318d176ea20134ec25d1fa4930b3cccf9122d
da4ce6a7f2dd3eee8d5424c9b9c1ea0e5ccacd5797dbb10375a8a489b9f3c993
dff0ddeefb82c9adbd95727463ff8f792654a25049d46a473b4699b999c42563
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec23c6fa4eb8c10ba8a79423a28706e5ccf04482b3acda1f80e482f4a1e5e02e
ec88e9506673eb2528a9f57aa4136624cc5481b2ab3db552bb8ec24120951c94
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f79ba357bfb7da557e56a236ed0bcbce40296f2dcc6bee2f0e21ea8d303a1ab8
f80b5e6c468f05c30944ea05a7c3c52561549e4b7cebe0c083319caedce57829

www.change.org Open in urlscan Pro 104.17.88.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

100 %HTTPS

50 %IPv6

23 Domains

35 Subdomains

32 IPs

2 Countries

4843 kBTransfer

17262 kBSize

32 Cookies

16 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.change.org Open in urlscan Pro
104.17.88.51 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

100 %
HTTPS

50 %
IPv6

23
Domains

35
Subdomains

32
IPs

2
Countries

4843 kB
Transfer

17262 kB
Size

32
Cookies

78 HTTP transactions
1 data transactions