urlscan.io logo urlscan.io
SecurityTrails logo

www.change.org Open in urlscan Pro
104.17.89.51  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.e.change.org/f/a/YhaJ--4uFWZbrOAf9iv2oA~~/AANj1QA~/RgRgeI2EP4QVAWh0dHBzOi8vd3d3LmNoYW5nZS5vcmcvbC91cy9jb3Jvbm...
Effective URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQE...
Submission: On April 14 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 37 HTTP transactions. The main IP is 104.17.89.51, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.change.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 6th 2020. Valid for: 6 months.
This is the only time www.change.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    104.17.88.51 (United States)

ASN13335 (CLOUDFLARENET, US)
click.e.change.org
static.change.org
7    104.17.89.51 (United States)

ASN13335 (CLOUDFLARENET, US)
www.change.org
assets-fe.change.org
2    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.216.102.133 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
4    2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
1    104.199.118.23 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 23.118.199.104.bc.googleusercontent.com
news-us.changedotorgcontent.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.217.16.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net
www.googleadservices.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    35.186.220.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com
collector-pxnslc0hv5.px-cloud.net
1    2a00:1450:4001:81a::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
Domain Requested by
5 www.change.org www.change.org
assets-fe.change.org
4 connect.facebook.net www.change.org
connect.facebook.net
assets-fe.change.org
3 collector-pxnslc0hv5.px-cloud.net assets-fe.change.org
3 www.facebook.com www.change.org
assets-fe.change.org
2 apis.google.com assets-fe.change.org
apis.google.com
2 static.change.org assets-fe.change.org
2 www.google.de www.change.org
2 www.google.com 1 redirects www.change.org
2 bat.bing.com www.change.org
2 lh3.googleusercontent.com www.change.org
2 www.google-analytics.com 1 redirects www.change.org
2 assets-fe.change.org www.change.org
1 accounts.google.com apis.google.com
1 stats.g.doubleclick.net 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com www.change.org
1 lh5.googleusercontent.com www.change.org
1 news-us.changedotorgcontent.com www.change.org
1 lh4.googleusercontent.com www.change.org
1 s3.amazonaws.com www.change.org
1 click.e.change.org 1 redirects
37 22

This site contains links to these domains. Also see Links.

Domain
help.change.org
guide.change.org
twitter.com
www.facebook.com
policies.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-06 -
2020-10-09		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-02		 a year crt.sh
*.googleusercontent.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.px-cloud.net
Let's Encrypt Authority X3		 2020-03-08 -
2020-06-06		 3 months crt.sh
accounts.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Frame ID: 3E992763ECA82402E039943E15F96F4E
Requests: 37 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 924944EB3BE1706A5DEEFEE65EE53E93
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.e.change.org/f/a/YhaJ--4uFWZbrOAf9iv2oA~~/AANj1QA~/RgRgeI2EP4QVAWh0dHBzOi8vd3d3LmNoYW5nZS... HTTP 302
    https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrH... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

37
Requests

97 %
HTTPS

67 %
IPv6

14
Domains

22
Subdomains

18
IPs

4
Countries

5542 kB
Transfer

8945 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.e.change.org/f/a/YhaJ--4uFWZbrOAf9iv2oA~~/AANj1QA~/RgRgeI2EP4QVAWh0dHBzOi8vd3d3LmNoYW5nZS5vcmcvbC91cy9jb3JvbmF2aXJ1cz9hbXA7dXRtX2NhbXBhaWduPW90aCZhbXA7dXRtX21lZGl1bT1vdGhlciZjc190az1BbXBmQzZ3RmxySEhBTGY4bVY0QUFYaWN5eXZOeVFFQUJGOEJ2R28xYmZ6OTVGdkYwZXFhVU1jMkROWSUzRCZ1dG1fY2FtcGFpZ249NGMyMzkzYmNmNTkyNDk1NzkxMDVjMTM4MmZlZjQxMjcmdXRtX2NvbnRlbnQ9aW5pdGlhbF92MF8wXzEmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWFhX2VkaXRvcmlhbCZ1dG1fdGVybT1jcyJXA3NwY0IKACCHCJZejVTMdlIQdG9ueS5yZWFAZnBsLmNvbVgEAAAAAg~~ HTTP 302
    https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1383056817&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2Fl%2Fus%2Fcoronavirus%3Famp%3Butm_campaign%3Doth%26amp%3Butm_medium%3Dother%26cs_tk%3DAmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%253D%26utm_campaign%3D4c2393bcf59249579105c1382fef4127%26utm_content%3Dinitial_v0_0_1%26utm_medium%3Demail%26utm_source%3Daa_editorial%26utm_term%3Dcs%2522&dp=%2Fl%2Fus%2Fcoronavirus%3Famp%3Butm_campaign%3Doth%26amp%3Butm_medium%3Dother%26cs_tk%3DAmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%253D%26utm_campaign%3D4c2393bcf59249579105c1382fef4127%26utm_content%3Dinitial_v0_0_1%26utm_medium%3Demail%26utm_source%3Daa_editorial%26utm_term%3Dcs%2522&ul=en-us&de=UTF-8&dt=Fighting%20for%20justice%20during%20the%20coronavirus%20pandemic%20%C2%B7%20Change.org&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAEABE~&jid=1960386444&gjid=547835148&cid=1646036807.1586893262&tid=UA-5889778-1&_gid=1753799975.1586893262&_r=1&z=1125680051 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=1646036807.1586893262&jid=1960386444&_gid=1753799975.1586893262&gjid=547835148&_v=j81&z=1125680051 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1646036807.1586893262&jid=1960386444&_v=j81&z=1125680051 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1646036807.1586893262&jid=1960386444&_v=j81&z=1125680051&slf_rd=1&random=1600430633

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request coronavirus
www.change.org/l/us/
Redirect Chain
  • https://click.e.change.org/f/a/YhaJ--4uFWZbrOAf9iv2oA~~/AANj1QA~/RgRgeI2EP4QVAWh0dHBzOi8vd3d3LmNoYW5nZS5vcmcvbC91cy9jb3JvbmF2aXJ1cz9hbXA7dXRtX2NhbXBhaWduPW90aCZhbXA7dXRtX21lZGl1bT1vdGhlciZjc190az1B...
  • https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&...
157 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b925b0cc7b321b2af91b4b82002db5743083519393407c324d3c5144ce8a023
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://px-cdn.net https://*.px-cloud.net https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://*.px-client.net https://*.px-cloud.net https://pxchk.net https://api.stripe.com https://api.soundcloud.com https://api.airbrake.io https://api.zippopotam.us; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

:method
GET
:authority
www.change.org
:scheme
https
:path
/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d75aef7a26cb71f318eec2478178ad3911586893260; __cf_bm=30758e1e10f2f4932151c7f89644995fa95a1b5e-1586893261-1800-Aa8vbo6oiIrjNHqXmVAvXoqNxkjBpZ2TxMavwFrflKV0dy819hCS7KLEF5giAGt+qly2coNwmemo1+KFD/54YUk=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 14 Apr 2020 19:41:01 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache
cf-railgun
ba14a4a6f6 stream 0.000000 0202 0dda
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://px-cdn.net https://*.px-cloud.net https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://*.px-client.net https://*.px-cloud.net https://pxchk.net https://api.stripe.com https://api.soundcloud.com https://api.airbrake.io https://api.zippopotam.us; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self';
set-cookie
_change_session=cb65370fe39334554320527d358d20f0; Path=/; HttpOnly; Secure tracking_data=%7B%22user_uuid%22%3A%22dee8b9a0-7e87-11ea-a83c-618cd539cad2%22%7D; Max-Age=2700; Path=/; Expires=Tue, 14 Apr 2020 20:26:01 GMT; Secure _change_lang=%7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22BE%22%7D; Max-Age=86400; Path=/; Expires=Wed, 15 Apr 2020 19:41:01 GMT; Secure __cfruid=a2b9b084c16298e47a80a6f65484dd007803b667-1586893261; path=/; domain=.change.org; HttpOnly; Secure; SameSite=None
x-frame-options
sameorigin
x-request-id
f6fcfd84-eb80-4d72-b46a-b3dddbcca620
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
583fe6e2ad2ed61c-MXP
content-encoding
gzip

Redirect headers

status
302
date
Tue, 14 Apr 2020 19:41:01 GMT
content-type
text/plain
content-length
0
set-cookie
__cfduid=d75aef7a26cb71f318eec2478178ad3911586893260; expires=Thu, 14-May-20 19:41:00 GMT; path=/; domain=.change.org; HttpOnly; SameSite=Lax; Secure __cf_bm=30758e1e10f2f4932151c7f89644995fa95a1b5e-1586893261-1800-Aa8vbo6oiIrjNHqXmVAvXoqNxkjBpZ2TxMavwFrflKV0dy819hCS7KLEF5giAGt+qly2coNwmemo1+KFD/54YUk=; path=/; expires=Tue, 14-Apr-20 20:11:01 GMT; domain=.change.org; HttpOnly; Secure; SameSite=None
location
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs"
x-robots-tag
noindex
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
583fe6e0d9c3e8ef-MXP
rendr-si7HcG5qqa-LfPWrA7JastmPn9N6dSi6M6ktQ10LGco.css
assets-fe.change.org/fe/css/ 		167 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-fe.change.org/fe/css/rendr-si7HcG5qqa-LfPWrA7JastmPn9N6dSi6M6ktQ10LGco.css
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22ec7706e6aa9af8b7cf5ab03b25ab2d98f9fd37a7528ba33a92d435d0b19ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 02 Apr 2020 12:16:09 GMT
server
cloudflare
age
1058077
etag
W/"d75df6020368fc2e8147ecde8ed1f0e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=1314000
cf-ray
583fe6e54f9ad61c-MXP
expires
Thu, 30 Apr 2020 00:41:01 GMT
brandAssets-093bbcb3a502e971d519.js
assets-fe.change.org/fe/8e413c6853ae345e60a4f71b6106948f/ 		2 MB
641 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-fe.change.org/fe/8e413c6853ae345e60a4f71b6106948f/brandAssets-093bbcb3a502e971d519.js
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5268785c4e2c015accbf4e77ffb1e34d811ccdb2381e2098de979bdee8ebaa0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Origin
https://www.change.org

Response headers

date
Tue, 14 Apr 2020 19:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
10464
status
200
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 14 Apr 2020 16:09:23 GMT
server
cloudflare
etag
W/"10784821dbd1de13d21fe633ed5ef5b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1314000
cf-ray
583fe6e548eabe0a-MXP
expires
Thu, 30 Apr 2020 00:41:01 GMT
70c4c4b50159e55159b36ac04c832499_76ff8e20a70d7bba6580e0c5dd01a7ae5bd055bd.js
www.change.org/api-proxy/-/locale_data/rendr-fe/en-US/ 		600 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/locale_data/rendr-fe/en-US/70c4c4b50159e55159b36ac04c832499_76ff8e20a70d7bba6580e0c5dd01a7ae5bd055bd.js
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ab5a34f260fd677cfc749bf1444e62d66ab48f0031b69e8ec573290ba1fc30e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
10523
etag
W/"9612f-jJjd8Ghb3pyntRknBkSK2gi9Axg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
583fe6e5e9ccd61c-MXP
x-request-id
fb6ab2b7-a259-4f14-acc6-ee21093ac623
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
147
date
Tue, 14 Apr 2020 19:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Tue, 14 Apr 2020 21:38:34 GMT
Icon_google.png
s3.amazonaws.com/change-assets/iconography/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/change-assets/iconography/Icon_google.png
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.102.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2f22aaf2e8367b02152b442ef28df7084601e0ded40c7d8f7b6f24be66b326fb

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 14 Apr 2020 19:41:03 GMT
Last-Modified
Thu, 05 Jul 2018 18:28:51 GMT
Server
AmazonS3
x-amz-request-id
BE6D5189B1FA848C
ETag
"369517fb3742230ce26a804ab17c7566"
Content-Type
image/png
x-amz-version-id
qQUwThkyHB.uliIE2wlK0jg7nLP7XyC0
Accept-Ranges
bytes
Content-Length
3333
x-amz-id-2
DNMjFBp42FF9kRETKclprTMYUgow6vKuROjeUdpOTJAi53gW2nOfCE7kwl7Y4cyc9pLHs8393O8=
IKLKzdzSLMyQRrO8yred6BBb8XNtATBatnIboomusXKAeTSai7FthNJzNbMgeKSONE6INtcH7kZG67hLJIYN9-lnf0sbcaUHnk5g93piUKgkppkJqC4Pd6eVfiRMSX9OZ7ria9of
lh3.googleusercontent.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/IKLKzdzSLMyQRrO8yred6BBb8XNtATBatnIboomusXKAeTSai7FthNJzNbMgeKSONE6INtcH7kZG67hLJIYN9-lnf0sbcaUHnk5g93piUKgkppkJqC4Pd6eVfiRMSX9OZ7ria9of
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0afcd17d2b9d1356f82f9a55b42cf1102f2f98a3f32724e5b33566f151884dfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:41:01 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="1.png"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
20086
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 15 Apr 2020 19:41:01 GMT
-XZa9uBFRyY6JBQ8o2CG0QZGfoh0RCvcy4aap1TUNsLXjH-OtYeCOzqIZlJLa5QKi2oG3dhCrnn6OOOuUnMj0GPTqTcdshyiUvWHZNFYq-sNgZkYjZulEyUIvjtCW_-SLmDJOkxG
lh4.googleusercontent.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/-XZa9uBFRyY6JBQ8o2CG0QZGfoh0RCvcy4aap1TUNsLXjH-OtYeCOzqIZlJLa5QKi2oG3dhCrnn6OOOuUnMj0GPTqTcdshyiUvWHZNFYq-sNgZkYjZulEyUIvjtCW_-SLmDJOkxG
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d58d9f6c8c004406b2f940397338ae080894813e4370cef04562525f460fd1b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:41:01 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="2.png"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1130199
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 14 Apr 2020 18:33:26 GMT
sue42U0YE5PVCJjEv_9UB5vmnZ-4AxOD29Kn348ycIE_36S-_8Z0TPSlge72OUwAkD0L8LTHlXlEIS4lH4wsUo9UoO7IWsYBJFK4Pb8KsMmNP34TW6e670lBp7Betdv92O0BVPDZ
lh3.googleusercontent.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/sue42U0YE5PVCJjEv_9UB5vmnZ-4AxOD29Kn348ycIE_36S-_8Z0TPSlge72OUwAkD0L8LTHlXlEIS4lH4wsUo9UoO7IWsYBJFK4Pb8KsMmNP34TW6e670lBp7Betdv92O0BVPDZ
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7794fb6cabf8a427556493f4378d5b77c6bbaeceba1a0debcc526dea1f510a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:41:01 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="3.png"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1366931
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 15 Apr 2020 19:41:01 GMT
Healthcare-workers-1-1600x900.png
news-us.changedotorgcontent.com/wp-content/uploads/sites/16/2020/03/ 		510 KB
510 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news-us.changedotorgcontent.com/wp-content/uploads/sites/16/2020/03/Healthcare-workers-1-1600x900.png
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
HTTP/1.1
Server
104.199.118.23 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
23.118.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a5c448f96f02e4cbf828f7469da95b0b85f156fb64cde5ee3b5d288bee71e16d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 14 Apr 2020 19:41:02 GMT
Last-Modified
Wed, 25 Mar 2020 18:18:41 GMT
Server
nginx
ETag
"5e7ba081-7f883"
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
522371
jVDBid3OeQo6CD3q40bP-da_nopMHB6dPnWlIfmND7kaQUQFsfgLwj5W9IsEq_p_VAjkmExOErQ6sLYWoe4RQvnj2unxEaxTQJSboNsDpAaz_cR0xJxNaliZUbtFKHHr4sOQvr3_
lh5.googleusercontent.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/jVDBid3OeQo6CD3q40bP-da_nopMHB6dPnWlIfmND7kaQUQFsfgLwj5W9IsEq_p_VAjkmExOErQ6sLYWoe4RQvnj2unxEaxTQJSboNsDpAaz_cR0xJxNaliZUbtFKHHr4sOQvr3_
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7d8094d3a2c7a0c86f3dcd794ec441e526c487c9cd834426c230418af6589e89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:41:01 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="1.png"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1219640
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 15 Apr 2020 19:41:01 GMT
gtm.js
www.googletagmanager.com/ 		106 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NMT3DV
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85c5d9186b233eb485c3fb14d896e8e294f67604fb243dfcbc59ed03523aaeaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:41:01 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
32829
x-xss-protection
0
last-modified
Tue, 14 Apr 2020 18:21:57 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Apr 2020 19:41:01 GMT
init.js
www.change.org/NsLC0Hv5/ 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.change.org/NsLC0Hv5/init.js
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88e95cf0a8b2275feeb2b62b9c055ce282934e0748bec30390e57463f43c179f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
UPDATING
age
35940
status
200
content-length
33051
access-control-allow-origin
*
server
cloudflare
etag
W/"15f82-u4fehFmHXnd751CCwllKw3/yrdk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
583fe6e5f9fad61c-MXP
expires
Tue, 14 Apr 2020 23:41:01 GMT
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://www.change.org

Response headers

Content-Type
application/x-font-woff;charset=utf-8
conversion_async.js
www.googleadservices.com/pagead/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMT3DV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c5db692833cd41ac3b3434028106f81fbd15893a88364515a91bd0a6154c67fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10613
x-xss-protection
0
server
cafe
etag
11690200586538250840
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Apr 2020 19:41:01 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
f/een/2SKTdB86QdL8JE/jiv2KX3CI+cqKCWWYGbyhlFdCgb5Vq0x8uDP52Z7qfviUoNNBzK7VduFJzwK4i0dQ==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Tue, 14 Apr 2020 19:41:01 GMT, Tue, 14 Apr 2020 19:41:01 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
079e218ad07f42523479d475b4973a6e386ba95209ee964c04c1a6eb6186bda3

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:41:01 GMT
content-encoding
gzip
last-modified
Mon, 13 Apr 2020 22:01:50 GMT
x-msedge-ref
Ref A: 3CE578BB21E2459F824CF68A1CFA02A4 Ref B: FRAEDGE0308 Ref C: 2020-04-14T19:41:01Z
status
200
etag
"0db222df11d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7610
1081902691834097
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1081902691834097?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
60d958d76314dc21fc63ce79b15d2685464feb5e3a8319eda1ab4c4f5d9c285f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
115093
x-xss-protection
0
pragma
public
x-fb-debug
1PbSpUfxfHKcVjV2P8h7OYiJ0mU/WcZ6n+aDrPCQjnvyAcLSU37neohifJz6niA6jb+X1cPiW/CNCrxPPDhykA==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Tue, 14 Apr 2020 19:41:01 GMT, Tue, 14 Apr 2020 19:41:01 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5321513&Ver=2&mid=b28958db-a96f-053a-f580-ecf6634a7ae9&sid=be150abe-ffb1-1051-58c1-2a1150208d59&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Fighting%20for%20justice%20during%20the%20coronavirus%20pandemic%20%C2%B7%20Change.org&p=https%3A%2F%2Fwww.change.org%2Fl%2Fus%2Fcoronavirus%3Famp%3Butm_campaign%3Doth%26amp%3Butm_medium%3Dother%26cs_tk%3DAmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%253D%26utm_campaign%3D4c2393bcf59249579105c1382fef4127%26utm_content%3Dinitial_v0_0_1%26utm_medium%3Demail%26utm_source%3Daa_editorial%26utm_term%3Dcs%2522&r=&lt=887&evt=pageLoad&msclkid=N&sv=1&rn=864657
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Tue, 14 Apr 2020 19:41:01 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 062EF22AD2504E9895D3749C3BD69E83 Ref B: FRAEDGE0308 Ref C: 2020-04-14T19:41:01Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/?random=1586893261842&cv=9&fst=1586893261842&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg432&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.change.org%2Fl%2Fus%2Fcoronavirus%3Famp%3Butm_campaign%3Doth%26amp%3Butm_medium%3Dother%26cs_tk%3DAmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%253D%26utm_campaign%3D4c2393bcf59249579105c1382fef4127%26utm_content%3Dinitial_v0_0_1%26utm_medium%3Demail%26utm_source%3Daa_editorial%26utm_term%3Dcs%2522&tiba=Fighting%20for%20justice%20during%20the%20coronavirus%20pandemic%20%C2%B7%20Change.org&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5646f52a99184c1b82da78181a1e3a46d5c0468a52b08146ad61249bdf4743eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Apr 2020 19:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1219
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1081902691834097&ev=PageView&dl=https%3A%2F%2Fwww.change.org%2Fl%2Fus%2Fcoronavirus%3Famp%3Butm_campaign%3Doth%26amp%3Butm_medium%3Dother%26cs_tk%3DAmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%253D%26utm_campaign%3D4c2393bcf59249579105c1382fef4127%26utm_content%3Dinitial_v0_0_1%26utm_medium%3Demail%26utm_source%3Daa_editorial%26utm_term%3Dcs%2522&rl=&if=false&ts=1586893261900&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1586893261899.911193905&it=1586893261816&coo=false&rqm=GET
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:41:01 GMT, Tue, 14 Apr 2020 19:41:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Tue, 14 Apr 2020 19:41:01 GMT
/
www.google.com/pagead/1p-user-list/991363857/ 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/991363857/?random=1586893261842&cv=9&fst=1586890800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg432&sendb=1&frm=0&url=https%3A%2F%2Fwww.change.org%2Fl%2Fus%2Fcoronavirus%3Famp%3Butm_campaign%3Doth%26amp%3Butm_medium%3Dother%26cs_tk%3DAmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%253D%26utm_campaign%3D4c2393bcf59249579105c1382fef4127%26utm_content%3Dinitial_v0_0_1%26utm_medium%3Demail%26utm_source%3Daa_editorial%26utm_term%3Dcs%2522&tiba=Fighting%20for%20justice%20during%20the%20coronavirus%20pandemic%20%C2%B7%20Change.org&async=1&fmt=3&is_vtc=1&random=620052595&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Apr 2020 19:41:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/991363857/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/991363857/?random=1586893261842&cv=9&fst=1586890800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg432&sendb=1&frm=0&url=https%3A%2F%2Fwww.change.org%2Fl%2Fus%2Fcoronavirus%3Famp%3Butm_campaign%3Doth%26amp%3Butm_medium%3Dother%26cs_tk%3DAmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%253D%26utm_campaign%3D4c2393bcf59249579105c1382fef4127%26utm_content%3Dinitial_v0_0_1%26utm_medium%3Demail%26utm_source%3Daa_editorial%26utm_term%3Dcs%2522&tiba=Fighting%20for%20justice%20during%20the%20coronavirus%20pandemic%20%C2%B7%20Change.org&async=1&fmt=3&is_vtc=1&random=620052595&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Apr 2020 19:41:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Change-Calibre-Regular.woff2
static.change.org/fonts/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.change.org/fonts/Change-Calibre-Regular.woff2
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/8e413c6853ae345e60a4f71b6106948f/brandAssets-093bbcb3a502e971d519.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.88.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://assets-fe.change.org/fe/css/rendr-si7HcG5qqa-LfPWrA7JastmPn9N6dSi6M6ktQ10LGco.css
Origin
https://www.change.org

Response headers

date
Tue, 14 Apr 2020 19:41:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
227
cf-ray
583fe6e86becf91b-MXP
status
200
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-length
30956
last-modified
Tue, 19 Apr 2016 05:44:47 GMT
server
cloudflare
etag
"58b40d8b77ba9c43a803a9779a22f8c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
kWNZjdaKXPzoQBC5TZ48DMAGUj.3kpR3
access-control-allow-origin
https://www.change.org
cache-control
public, max-age=1382400
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 30 Apr 2020 19:41:02 GMT
Change-Calibre-Bold.woff2
static.change.org/fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.change.org/fonts/Change-Calibre-Bold.woff2
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/8e413c6853ae345e60a4f71b6106948f/brandAssets-093bbcb3a502e971d519.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.88.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://assets-fe.change.org/fe/css/rendr-si7HcG5qqa-LfPWrA7JastmPn9N6dSi6M6ktQ10LGco.css
Origin
https://www.change.org

Response headers

date
Tue, 14 Apr 2020 19:41:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
5763
cf-ray
583fe6e86beef91b-MXP
status
200
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-length
32028
last-modified
Tue, 19 Apr 2016 05:45:19 GMT
server
cloudflare
etag
"682c36331f52784f4ea0b00d69b95d2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
3jrU_Dju8RrOkM9darm4OVCeQ.ZT6UeB
access-control-allow-origin
https://www.change.org
cache-control
public, max-age=1382400
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 30 Apr 2020 19:41:02 GMT
platform.js
apis.google.com/js/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/8e413c6853ae345e60a4f71b6106948f/brandAssets-093bbcb3a502e971d519.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
644fd02c5af1296eb373806e38debe360aa455ec876cb14a4b40606c33d06b40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-nP/3b2NmDO/mnJ6Tkt1VhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"8ae9e599621370e60ded945c1c013fc1"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Tue, 14 Apr 2020 19:41:02 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/8e413c6853ae345e60a4f71b6106948f/brandAssets-093bbcb3a502e971d519.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2c11df6ae2d1f997d3b7e354e97194e04cc8b00c2fce2adbda247aaa06e2105
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Sv3Evy66DggeqNm0RpInnQ==
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
1779
etag
"4a970fa44a7668de142b9bf64cf68c2c"
x-fb-debug
vEQQvXX/wQ8gxMIbb9DN87puuFIGteoKQxNCuyxxlvyWG/Ugk8FgvAMhO1PI0SpLlH4XSus6fq+n+TQbyr7rLw==
x-fb-trip-id
1850256238
x-fb-content-md5
fd554dad94fdb4fa8dcae005d95691e9
x-frame-options
DENY
date
Tue, 14 Apr 2020 19:41:02 GMT, Tue, 14 Apr 2020 19:41:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Apr 2020 19:47:38 GMT
event_tracker
www.change.org/api-proxy/-/ 		2 B
315 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/event_tracker?_csrf=215c83c943a90e36fdf6d0671d9555f3
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/8e413c6853ae345e60a4f71b6106948f/brandAssets-093bbcb3a502e971d519.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Apr 2020 19:41:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun
e9e0438ac5 99.99 0.003131 0032 0dda
content-type
application/json; charset=utf-8
status
200
cache-control
no-cache
cf-ray
583fe6e87b57d61c-MXP
content-length
2
x-request-id
611616ba-6bd9-4541-832a-20a8f253c7fb
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1383056817&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2Fl%2Fus%2Fcoronavirus%3Famp%3Butm_campaign%3Doth%26amp%3Butm_medium%3Dother...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=1646036807.1586893262&jid=1960386444&_gid=1753799975.1586893262&gjid=547835148&_v=j81&z=1125680051
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1646036807.1586893262&jid=1960386444&_v=j81&z=1125680051
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1646036807.1586893262&jid=1960386444&_v=j81&z=1125680051&slf_rd=1&random=1600430633
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1646036807.1586893262&jid=1960386444&_v=j81&z=1125680051&slf_rd=1&random=1600430633
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Apr 2020 19:41:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Apr 2020 19:41:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1646036807.1586893262&jid=1960386444&_v=j81&z=1125680051&slf_rd=1&random=1600430633
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
store
www.change.org/api-proxy/-/longlinks/ 		70 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.change.org/api-proxy/-/longlinks/store
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/8e413c6853ae345e60a4f71b6106948f/brandAssets-093bbcb3a502e971d519.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.89.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e30d7df5e7e93099a1a5823121292615468d465a7a5bbfe6eb0a3e7693400c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
X-CSRF-Token
215c83c943a90e36fdf6d0671d9555f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 14 Apr 2020 19:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"46-gHj2rDT596sTiLIepN7aikvYrzE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun
a28baae73c 99.99 0.079418 0032 0dda
content-type
application/json; charset=utf-8
status
200
cache-control
no-cache
cf-ray
583fe6e90d94d61c-MXP
x-request-id
823cafd9-4319-4fa6-a547-99fb7d809320
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ 		653 B
877 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxnslc0hv5.px-cloud.net/api/v2/collector
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/8e413c6853ae345e60a4f71b6106948f/brandAssets-093bbcb3a502e971d519.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
9b9d1bac370fa1bce65ba0465a35be96cfe3298c5f3828c64a1f40c9561eb3b0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 14 Apr 2020 19:41:01 GMT
via
1.1 google
status
200
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.change.org
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
clear
content-length
653
sdk.js
connect.facebook.net/en_US/ 		390 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=50ec213cdaa19b7c9eb3e937c83e8e8c&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
52952629828c65930895c1712ab442a70400f14034a46ae2ffdfa1e091d6acce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Origin
https://www.change.org

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
U3iue8oQt8NYi3A0SoLI7Q==
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
116014
etag
"8aef30aa3e450874e40475fa5cce2482"
x-fb-debug
xLFQbdeTPjGfGBCSzP8wpZEPTTqEpJdAUlZQE7pjnQ8AAxjTWE2klhf3uj2XP86UiCwBHaCYTsJzq7dUOnh1YA==
x-fb-trip-id
1850256238
x-fb-content-md5
462e7fcfeb62087d4cff4bb758d231ed
x-frame-options
DENY
date
Tue, 14 Apr 2020 19:41:02 GMT, Tue, 14 Apr 2020 19:41:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 14 Apr 2021 19:27:54 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/ 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f00dc8020594bc183177f9956c6d26dd5f9754cdcf736a9c136bc8b0ecc140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 18:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 19:43:27 GMT
server
sffe
age
523147
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35663
x-xss-protection
0
expires
Thu, 08 Apr 2021 18:21:55 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=48409868550&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.change.org%2Fl%2Fus%2Fcoronavirus%3Famp%3Butm_campaign%3Doth%26amp%3Butm_medium%3Dother%26cs_tk%3DAmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%253D%26utm_campaign%3D4c2393bcf59249579105c1382fef4127%26utm_content%3Dinitial_v0_0_1%26utm_medium%3Demail%26utm_source%3Daa_editorial%26utm_term%3Dcs%2522&sdk=joey&wants_cookie_data=true
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/8e413c6853ae345e60a4f71b6106948f/brandAssets-093bbcb3a502e971d519.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.change.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
CG9qbxcYJtZKoDptYtmgp4vJ/V0UEwZemDHCwFkZ9IVIveh+zAE9dHxVvAxJYNY5jOqoY6frO+5RNsdpMXhoGQ==
fb-s
unknown
status
200
date
Tue, 14 Apr 2020 19:41:02 GMT, Tue, 14 Apr 2020 19:41:02 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.change.org
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
iframe
accounts.google.com/o/oauth2/ Frame 9249 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-f7fgrgT1JO/p/Ju6V7JHYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=202=AoFaQvreviaLZcZnemDw0xDCpyOGhWs3l3JwBeMqhSZ0TFfeGqDfKFHhZskYyrMd9uK26Umi_6_rQwzWrisJGUrgUlPH8jTGGRe-feW1Jl5CiAp7XBwn4FEQs-PaS4mJHtf4hlPrkTqgDwC6dvCGXYbF_ipoRT0_vhFqgLxmphE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 14 Apr 2020 19:41:02 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-f7fgrgT1JO/p/Ju6V7JHYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1081902691834097&ev=Microdata&dl=https%3A%2F%2Fwww.change.org%2Fl%2Fus%2Fcoronavirus%3Famp%3Butm_campaign%3Doth%26amp%3Butm_medium%3Dother%26cs_tk%3DAmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%253D%26utm_campaign%3D4c2393bcf59249579105c1382fef4127%26utm_content%3Dinitial_v0_0_1%26utm_medium%3Demail%26utm_source%3Daa_editorial%26utm_term%3Dcs%2522&rl=&if=false&ts=1586893262422&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Fighting%20for%20justice%20during%20the%20coronavirus%20pandemic%20%C2%B7%20Change.org%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Change.org%22%2C%22og%3Attl%22%3A%222419200%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Fighting%20for%20justice%20during%20the%20coronavirus%20pandemic%22%2C%22og%3Adescription%22%3A%22During%20the%20COVID-19%20pandemic%2C%20millions%20are%20using%20the%20Change.org%20platform%20to%20shape%20the%20America%20that%20they%20want%20to%20live%20in.%C2%A0%20Heroes%20are%20stepping%20up%20to%20protect%20their%20families%2C%20their%20communities%2C%20and%20their%20fellow%20neighbors.%20Of%20them%2C%20are%20healthcare%20workers.%20Every%20day%2C%20they%20put%20their%20own%20lives%20at%20risk%20to%20save%20the%20lives%20of%20millions%20%E2%80%94%20%5B%E2%80%A6%5D%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.change.org%2Fl%2Fus%2Fcoronavirus%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1586893261899.911193905&it=1586893261816&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.change.org
URL: https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 19:41:02 GMT, Tue, 14 Apr 2020 19:41:02 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Tue, 14 Apr 2020 19:41:02 GMT
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ 		366 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxnslc0hv5.px-cloud.net/api/v2/collector
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/8e413c6853ae345e60a4f71b6106948f/brandAssets-093bbcb3a502e971d519.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d3a252cf7a1c05285c3d4f5e0ccde74afcc6ffb593a7c6714bb69c28cc26d764

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 14 Apr 2020 19:41:02 GMT
via
1.1 google
status
200
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.change.org
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
clear
content-length
366
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ 		366 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxnslc0hv5.px-cloud.net/api/v2/collector
Requested by
Host: assets-fe.change.org
URL: https://assets-fe.change.org/fe/8e413c6853ae345e60a4f71b6106948f/brandAssets-093bbcb3a502e971d519.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.220.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
5a9aa1d356df199316916251181e20351b95c149bfe96889fa0f5e36557ca7e9

Request headers

Referer
https://www.change.org/l/us/coronavirus?amp;utm_campaign=oth&utm_medium=other&cs_tk=AmpfC6wFlrHHALf8mV4AAXicyyvNyQEABF8BvGo1bfz95FvF0eqaUMc2DNY%3D&utm_campaign=4c2393bcf59249579105c1382fef4127&utm_content=initial_v0_0_1&utm_medium=email&utm_source=aa_editorial&utm_term=cs%22
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 14 Apr 2020 19:41:03 GMT
via
1.1 google
status
200
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.change.org
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
clear
content-length
366

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer string| _pxAppId object| google_tag_data function| ga object| gaplugins function| postscribe object| google_tag_manager function| fbq function| _fbq object| uetq function| UET function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| setImmediate function| clearImmediate object| Backbone object| regeneratorRuntime function| $ function| jQuery object| TwitterCldr function| FontFaceObserver function| _sov object| gaGlobal object| gaData function| fbAsyncInit object| __APOLLO_CLIENT__ object| airbrake object| TwitterCldrDataBundle object| App object| PXNsLC0Hv5 object| PX undefined| _NsLC0Hv5handler object| FB object| gapi object| ___jsl object| gadgets object| osapi object| oauth2

18 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 202=AoFaQvreviaLZcZnemDw0xDCpyOGhWs3l3JwBeMqhSZ0TFfeGqDfKFHhZskYyrMd9uK26Umi_6_rQwzWrisJGUrgUlPH8jTGGRe-feW1Jl5CiAp7XBwn4FEQs-PaS4mJHtf4hlPrkTqgDwC6dvCGXYbF_ipoRT0_vhFqgLxmphE
www.change.org/ Name: _pxff_tm
Value: 1
www.change.org/ Name: _pxff_axt
Value: 540
.change.org/ Name: _gat
Value: 1
.change.org/ Name: _gcl_au
Value: 1.1.1136019984.1586893262
.change.org/ Name: _gid
Value: GA1.2.1753799975.1586893262
.change.org/ Name: _fbp
Value: fb.1.1586893261899.911193905
.change.org/ Name: _uetsid
Value: _uetbe150abe-ffb1-1051-58c1-2a1150208d59
.change.org/ Name: __cfruid
Value: a2b9b084c16298e47a80a6f65484dd007803b667-1586893261
.change.org/ Name: _ga
Value: GA1.2.1646036807.1586893262
.change.org/ Name: _px3
Value: 2435afa01bebd9deed314efd114a4f7396fea13a815b26d9e4febac12f32ff5e:aYH5d6XCtM/PK0efrJ7odarjZLugCsUL3jcytpLqsmNS6oEWIXjxeF0g8VMIAFHl9aPUa4RLsmZZSBjo3ZkNqA==:1000:9dZ2fPH2z8Q58pZkgJLaW4G6Eia3ZoFDYItnCNfrgtRBH6KgwTlYdG+Z/9tJ2yyh9f0DL53WC0nJoeo9MyucOUPfeDQG9y3htlGWqaUdcj0K3g/Pkl2T0tohlmTQ2vQof6AswqjrUDLggcL755vHor/OTqr4GIh1XX9iSB5uGUw=
www.change.org/ Name: _change_lang
Value: %7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22BE%22%7D
www.change.org/ Name: tracking_data
Value: %7B%22user_uuid%22%3A%22dee8b9a0-7e87-11ea-a83c-618cd539cad2%22%7D
www.change.org/ Name: _change_session
Value: cb65370fe39334554320527d358d20f0
.change.org/ Name: _pxvid
Value: df86f57b-7e87-11ea-8227-0242ac120004
.change.org/ Name: __cf_bm
Value: 30758e1e10f2f4932151c7f89644995fa95a1b5e-1586893261-1800-Aa8vbo6oiIrjNHqXmVAvXoqNxkjBpZ2TxMavwFrflKV0dy819hCS7KLEF5giAGt+qly2coNwmemo1+KFD/54YUk=
.www.change.org/ Name: G_ENABLED_IDPS
Value: google
.change.org/ Name: __cfduid
Value: d75aef7a26cb71f318eec2478178ad3911586893260

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://px-cdn.net https://*.px-cloud.net https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://*.px-client.net https://*.px-cloud.net https://pxchk.net https://api.stripe.com https://api.soundcloud.com https://api.airbrake.io https://api.zippopotam.us; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
assets-fe.change.org
bat.bing.com
click.e.change.org
collector-pxnslc0hv5.px-cloud.net
connect.facebook.net
googleads.g.doubleclick.net
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
news-us.changedotorgcontent.com
s3.amazonaws.com
static.change.org
stats.g.doubleclick.net
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.17.88.51
104.17.89.51
104.199.118.23
172.217.16.162
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:817::200e
2a00:1450:4001:819::2001
2a00:1450:4001:81a::200d
2a00:1450:4001:81d::2008
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.186.220.184
52.216.102.133
079e218ad07f42523479d475b4973a6e386ba95209ee964c04c1a6eb6186bda3
0afcd17d2b9d1356f82f9a55b42cf1102f2f98a3f32724e5b33566f151884dfd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2f22aaf2e8367b02152b442ef28df7084601e0ded40c7d8f7b6f24be66b326fb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5268785c4e2c015accbf4e77ffb1e34d811ccdb2381e2098de979bdee8ebaa0c
52952629828c65930895c1712ab442a70400f14034a46ae2ffdfa1e091d6acce
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
5646f52a99184c1b82da78181a1e3a46d5c0468a52b08146ad61249bdf4743eb
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5a9aa1d356df199316916251181e20351b95c149bfe96889fa0f5e36557ca7e9
60d958d76314dc21fc63ce79b15d2685464feb5e3a8319eda1ab4c4f5d9c285f
644fd02c5af1296eb373806e38debe360aa455ec876cb14a4b40606c33d06b40
7794fb6cabf8a427556493f4378d5b77c6bbaeceba1a0debcc526dea1f510a2d
7d8094d3a2c7a0c86f3dcd794ec441e526c487c9cd834426c230418af6589e89
85c5d9186b233eb485c3fb14d896e8e294f67604fb243dfcbc59ed03523aaeaf
87f00dc8020594bc183177f9956c6d26dd5f9754cdcf736a9c136bc8b0ecc140
88e95cf0a8b2275feeb2b62b9c055ce282934e0748bec30390e57463f43c179f
8ab5a34f260fd677cfc749bf1444e62d66ab48f0031b69e8ec573290ba1fc30e
8b925b0cc7b321b2af91b4b82002db5743083519393407c324d3c5144ce8a023
97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa
9b9d1bac370fa1bce65ba0465a35be96cfe3298c5f3828c64a1f40c9561eb3b0
a5c448f96f02e4cbf828f7469da95b0b85f156fb64cde5ee3b5d288bee71e16d
b22ec7706e6aa9af8b7cf5ab03b25ab2d98f9fd37a7528ba33a92d435d0b19ca
c4e30d7df5e7e93099a1a5823121292615468d465a7a5bbfe6eb0a3e7693400c
c5db692833cd41ac3b3434028106f81fbd15893a88364515a91bd0a6154c67fa
d3a252cf7a1c05285c3d4f5e0ccde74afcc6ffb593a7c6714bb69c28cc26d764
d58d9f6c8c004406b2f940397338ae080894813e4370cef04562525f460fd1b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c11df6ae2d1f997d3b7e354e97194e04cc8b00c2fce2adbda247aaa06e2105