www.change.org
Open in
urlscan Pro
104.17.88.51
Public Scan
Effective URL: https://www.change.org/
Submission: On September 27 via api from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2020. Valid for: a year.
This is the only time www.change.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: s3-website-us-west-2.amazonaws.com
chng.it |
ASN13335 (CLOUDFLARENET, US)
assets-fe.change.org | |
assets.change.org | |
static.change.org |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-8-4-210.deploy.static.akamaitechnologies.com
cdn3.optimizely.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-43-116-208.deploy.static.akamaitechnologies.com
a11391265293.cdn.optimizely.com |
ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com
collector-pxnslc0hv5.px-cloud.net |
ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
www.googleadservices.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress3
static.hotjar.com | |
script.hotjar.com | |
vars.hotjar.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-108-96.compute-1.amazonaws.com
logx.optimizely.com |
Domain | Requested by | |
---|---|---|
22 | assets.change.org |
www.change.org
|
8 | www.change.org |
www.change.org
assets-fe.change.org |
6 | www.facebook.com |
www.change.org
assets-fe.change.org connect.facebook.net |
4 | maps.googleapis.com |
assets-fe.change.org
maps.googleapis.com |
4 | connect.facebook.net |
www.change.org
assets-fe.change.org connect.facebook.net |
3 | static.change.org |
assets-fe.change.org
|
2 | logx.optimizely.com |
assets-fe.change.org
|
2 | www.google.de |
www.change.org
|
2 | www.google.com |
www.change.org
|
2 | apis.google.com |
assets-fe.change.org
apis.google.com |
2 | bat.bing.com |
www.change.org
|
2 | collector-pxnslc0hv5.px-cloud.net |
www.change.org
assets-fe.change.org |
2 | www.google-analytics.com |
www.change.org
assets-fe.change.org |
2 | assets-fe.change.org |
www.change.org
|
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | accounts.google.com |
apis.google.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | t.co |
www.change.org
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net |
assets-fe.change.org
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | a11391265293.cdn.optimizely.com |
cdn.optimizely.com
|
1 | platform.twitter.com |
www.change.org
|
1 | www.googletagmanager.com |
www.change.org
|
1 | cdn3.optimizely.com |
cdn.optimizely.com
|
1 | s3.amazonaws.com |
www.change.org
|
1 | cdn.optimizely.com |
www.change.org
|
1 | chng.it | 1 redirects |
79 | 31 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nytimes.com |
articles.washingtonpost.com |
venturebeat.com |
www.usnews.com |
www.time.com |
help.change.org |
guide.change.org |
twitter.com |
www.facebook.com |
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-16 - 2021-08-16 |
a year | crt.sh |
cdn.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2020-08-04 - 2021-08-09 |
a year | crt.sh |
*.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.twimg.com DigiCert SHA2 High Assurance Server CA |
2019-11-12 - 2020-11-18 |
a year | crt.sh |
*.cdn.optimizely.com GeoTrust RSA CA 2018 |
2020-03-05 - 2021-06-04 |
a year | crt.sh |
*.px-cloud.net Let's Encrypt Authority X3 |
2020-08-16 - 2020-11-14 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-08-16 - 2020-11-14 |
3 months | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2020-08-14 - 2021-08-19 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-09-11 - 2020-12-10 |
3 months | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.apis.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-08-17 - 2020-11-15 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-08-15 - 2020-11-13 |
3 months | crt.sh |
*.google.de GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
logx.optimizely.com Amazon |
2020-09-21 - 2021-10-21 |
a year | crt.sh |
accounts.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
This page contains 7 frames:
Primary Page:
https://www.change.org/
Frame ID: 9B09052273B096FF9CC835E60BF79F1B
Requests: 74 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/follow_button.html?screen_name=Change&data-show-count=true&data-show-screen-name=true&lang=en
Frame ID: A0462B65CD594D3741B38B0875335386
Requests: 1 HTTP requests in this frame
Frame:
https://a11391265293.cdn.optimizely.com/client_storage/a11391265293.html
Frame ID: AEDE3BCEFFA2EC76067E4D08F0A5DAF3
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: E6AA99AA481B08D52D434F7953698551
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: CBF1FAAB6D9E432E4A9F0A4EBBD020C3
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=48409868550&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dffb398ac790978%26domain%3Dwww.change.org%26origin%3Dhttps%253A%252F%252Fwww.change.org%252Ff11d21996390ae4%26relation%3Dparent.parent&container_width=40&href=https%3A%2F%2Fwww.facebook.com%2Fchange.org&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: DD2650BE7DC6A26D92AAFE9573241CBF
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=48409868550&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d517050b8eee%26domain%3Dwww.change.org%26origin%3Dhttps%253A%252F%252Fwww.change.org%252Ff11d21996390ae4%26relation%3Dparent.parent&container_width=127&href=https%3A%2F%2Fwww.facebook.com%2Fchange.org&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: FFD489F2D0BEB36FB9AED10812BC7F30
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://chng.it/
HTTP 301
https://www.change.org/ Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Optimizely (Analytics) Expand
Detected patterns
- script /optimizely\.com.*\.js/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: New York Times
Search URL Search Domain Scan URL
Title: Washington Post
Search URL Search Domain Scan URL
Title: Venture Beat
Search URL Search Domain Scan URL
Title: US News and World Report
Search URL Search Domain Scan URL
Title: TIME Magazine
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Guides
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://chng.it/
HTTP 301
https://www.change.org/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
79 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.change.org/ Redirect Chain
|
276 KB 65 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11391265293.js
cdn.optimizely.com/js/ |
1 MB 194 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendr-xlAQzDvJM_K3jpDV0qJITERnqSdSsqp59Kbg01qSQhg.css
assets-fe.change.org/fe/css/ |
167 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
changeAssets-89e0ebf69b14d067c9bf.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
5 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dbe47f7c46d1aca3531738986238b6f7_c08246bc178e726e2651aae11d8def8094d85236.js
www.change.org/api-proxy/-/locale_data/rendr-fe/en-US/ |
610 KB 152 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Icon_google.png
s3.amazonaws.com/change-assets/iconography/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
omYPGeSexlbyIVt-128x128-noPad.jpg
assets.change.org/photos/0/yp/ge/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boKCHYOWMCpCVHT-128x128-noPad.jpg
assets.change.org/photos/9/kc/hy/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uCapYJkPrYsiUOW-128x128-noPad.jpg
assets.change.org/photos/4/ap/yj/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LVZyvUdudPaCLtO-128x128-noPad.jpg
assets.change.org/photos/2/zy/vu/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YJmDFFsJwjjhpgU-128x128-noPad.jpg
assets.change.org/photos/3/md/ff/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geo2.js
cdn3.optimizely.com/js/ |
288 B 695 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
164 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.js
www.change.org/NsLC0Hv5/ |
94 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
follow_button.html
platform.twitter.com/widgets/ Frame A046 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration-world-map-2015-08-18.gif
static.change.org/home/ |
23 KB 24 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PNLpbTUsIvBGKBO-800x450-noPad.jpg
assets.change.org/photos/8/lp/bt/ |
97 KB 97 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vQReGLQgtQnhOHE-800x450-noPad.jpg
assets.change.org/photos/9/re/gl/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aOVBPihZlrHWQRU-800x450-noPad.jpg
assets.change.org/photos/6/vb/pi/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpRwYPpvsDquxwh-800x450-noPad.jpg
assets.change.org/photos/5/rw/yp/ |
52 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nqlstmUdClxVvQv-800x450-noPad.jpg
assets.change.org/photos/3/ls/tm/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NzxOBHjkPnVtsBu-800x450-noPad.jpg
assets.change.org/photos/0/xo/bh/ |
67 KB 68 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a11391265293.html
a11391265293.cdn.optimizely.com/client_storage/ Frame AEDE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
654 B 875 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
29 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1693228.js
static.hotjar.com/c/ |
169 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
135 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Regular.woff2
static.change.org/fonts/ |
30 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Bold.woff2
static.change.org/fonts/ |
31 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
49 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
125 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
4 B 67 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
discover_feed
www.change.org/api-proxy/-/ |
25 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 340 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 87 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1081902691834097
connect.facebook.net/signals/config/ |
524 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 148 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
201 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.94fbf54e63238ed34ad8.js
script.hotjar.com/ |
360 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.rMJI4WR09CY.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCPRb_B1g8z3qIwl7l27GWLe47nxIA/ |
102 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 448 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 264 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame E6AA |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/991363857/ |
42 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/991363857/ |
42 B 538 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame CBF1 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/v3.2/plugins/ Frame DD26 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 105 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 652 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/v3.2/plugins/ Frame FFD4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 105 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
366 B 431 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
discover_feed
www.change.org/api-proxy/-/ |
21 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yKHkHKYjKUASuDj-400x400-noPad.jpg
assets.change.org/photos/6/hk/hk/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yKHkHKYjKUASuDj-800x450-noPad.jpg
assets.change.org/photos/6/hk/hk/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RfItNRbRXdAjVXO-400x400-noPad.jpg
assets.change.org/photos/4/it/nr/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RfItNRbRXdAjVXO-800x450-noPad.jpg
assets.change.org/photos/4/it/nr/ |
69 KB 69 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EnWYzOLZeOYbOCZ-128x128-noPad.jpg
assets.change.org/photos/9/wy/zo/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events_tracker
www.change.org/api-proxy/-/ |
2 B 147 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AEPTkLOsUSsJMgW-400x400-noPad.jpg
assets.change.org/photos/4/pt/kl/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AEPTkLOsUSsJMgW-800x450-noPad.jpg
assets.change.org/photos/4/pt/kl/ |
62 KB 63 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OIKrAskAodqOHli-128x128-noPad.jpg
assets.change.org/photos/2/kr/as/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XaoZqpEBhAUPuZD-400x400-noPad.jpg
assets.change.org/photos/5/oz/qp/ |
39 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XaoZqpEBhAUPuZD-800x450-noPad.jpg
assets.change.org/photos/5/oz/qp/ |
56 KB 56 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tHZMKYpkZMMLoaA-128x128-noPad.jpg
assets.change.org/photos/8/zm/ky/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events_tracker
www.change.org/api-proxy/-/ |
2 B 278 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
common.js
maps.googleapis.com/maps-api-v3/api/js/41/8/ |
78 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
util.js
maps.googleapis.com/maps-api-v3/api/js/41/8/ |
144 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 247 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
61 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| changeTargetingData undefined| _ object| optimizely object| dataLayer string| _pxAppId string| _pxSelectedLocale number| domCompleteTime function| removePreBundleEvents object| google_tag_data function| ga object| gaplugins function| postscribe object| google_tag_manager object| PXNsLC0Hv5 object| PX undefined| _NsLC0Hv5handler function| hj object| _hjSettings function| twq function| fbq function| _fbq object| uetq function| setImmediate function| clearImmediate object| Backbone object| regeneratorRuntime function| $ function| jQuery object| Stickyfill object| TwitterCldr function| FontFaceObserver function| _sov object| gaGlobal object| gaData function| fbAsyncInit object| __APOLLO_CLIENT__ function| __loadGooglePlaces object| airbrake object| TwitterCldrDataBundle object| gajus function| P object| App function| UET function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| twttr object| FB object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| gapi object| ___jsl object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| gadgets object| osapi object| oauth2 object| _xdc_22 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.com/ | Name: NID Value: 204=EK9sVUlVpH5ddrpOefZ8a5C4sYLPYBO3v0ydK2AsleIB3knXkxmc1NuiaIfEhwswB3C4sW052mdLCUkx4izhEs5AKopTjaGEL7wwh9ptxhAKyae3aD1lJ6ECwrkIm0rjhjKk_LG9kkBUEWTZIXZ5O5IVL1Ki8-AGsnlFlwNJp1Y |
|
www.change.org/ | Name: _hjIncludedInSessionSample Value: 0 |
|
.change.org/ | Name: _hjTLDTest Value: 1 |
|
.facebook.com/ | Name: fr Value: 02XQZDlyqZEs0MHwE..BfcMeq...1.0.BfcMeq. |
|
.change.org/ | Name: _uetvid Value: a388998629fc0891fbbdc40ec3a6d495 |
|
.change.org/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.change.org/ | Name: _fbp Value: fb.1.1601226666017.1098721815 |
|
.change.org/ | Name: _uetsid Value: 956b3ad448d03cd6e8f1fe2b95192266 |
|
.change.org/ | Name: _gat Value: 1 |
|
.change.org/ | Name: _gid Value: GA1.2.813435600.1601226666 |
|
.change.org/ | Name: _gcl_au Value: 1.1.910328494.1601226665 |
|
.www.change.org/ | Name: G_ENABLED_IDPS Value: google |
|
.change.org/ | Name: __cfduid Value: dd036aefec77ffb9d5f0b79642f99942a1601226664 |
|
.change.org/ | Name: optimizelyEndUserId Value: oeu1601226665013r0.33788160983841276 |
|
.change.org/ | Name: __cfruid Value: 4ff7c40d15e9da9f1dc14b58a3c3df525ec96d64-1601226664 |
|
.change.org/ | Name: _pxvid Value: 6d772c3f-00e4-11eb-94ff-0242ac120005 |
|
.change.org/ | Name: __cf_bm Value: 928c4f7e423771003b655d1d6e8b30d8b6264996-1601226664-1800-AbkGZYMKdZgn8CGk3gcwMHCZfIc9ER4+unMqxSBBHYJkp8OAwkXNbJXzGPeDEC7EsqH3YqIsRgTEiNxi8GirH6Q= |
|
www.change.org/ | Name: _change_lang Value: %7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22PL%22%7D |
|
.change.org/ | Name: _px3 Value: 23e782026feb7252d55d02d334ae743bc63574900bfeb135612a027e47a63b27:aTgRjIbJGmA9OjoMavfh1bvQSONKxoAxkvB87mo7u26O8xDKQZz8gPkn9lPjM8uEuvX7QFYUl2uP87tQUBJN0Q==:1000:qfBk/L8Pdz2pOq5+S2IT4zsQLca48V2jEvMagt/H1F08VyOZwOwpBUJxfFUEdau6AMpl1kzb2wGYfosG8wQXJ0YXKUIcHCkj3HDs4Y+WEe0UqKnW+fCxuTc+I1Q8G6ZJmWh/TrBG57G0qmM2n7LJ7Z2DJ2ooLaiM5O97v+RH5e8= |
|
www.change.org/ | Name: _change_session Value: 2a9bc18893dc3dcac0cfccae367ba34f |
|
.change.org/ | Name: _hjid Value: 4a5fbb56-6f9f-42dd-9dce-3033f666209c |
|
.change.org/ | Name: _ga Value: GA1.2.1503245392.1601226666 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.recaptcha.net https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://*.ads-twitter.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://px-cdn.net https://*.px-cloud.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://p2a.co https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com https://*.voteamerica.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://*.px-client.net https://*.px-cloud.net https://pxchk.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://api.stripe.com https://api.soundcloud.com https://api.airbrake.io https://www.voteamerica.com; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com https://*.hotjar.com https://*.hotjar.io; img-src * blob: data:; form-action 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a11391265293.cdn.optimizely.com
accounts.google.com
analytics.twitter.com
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.optimizely.com
cdn3.optimizely.com
chng.it
collector-pxnslc0hv5.px-cloud.net
connect.facebook.net
googleads.g.doubleclick.net
logx.optimizely.com
maps.googleapis.com
platform.twitter.com
s3.amazonaws.com
script.hotjar.com
static.ads-twitter.com
static.change.org
static.hotjar.com
stats.g.doubleclick.net
t.co
vars.hotjar.com
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.17.88.51
104.17.89.51
104.244.42.3
104.244.42.69
147.75.102.13
151.101.112.157
172.217.23.98
23.43.116.208
23.8.4.210
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:818::2002
2a00:1450:4001:818::2003
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:821::200d
2a00:1450:4001:821::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9b
2a02:26f0:6c00:287::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.231.108.96
35.186.220.184
52.217.68.150
52.218.221.130
93.184.220.66
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0c7d216ae5fa7e223093cd4b686decea18166b92b04592d20e0ca8d53cd5dd79
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d9028814e8a787f6dc389c94e0ac19632ffcea1c5cac85f44e6d19cc5896ec
187550e4ed266bc0ce0e5bca4538330ebe37590bb9ae1150831582d6eab9ec83
1e7d0bff1c021a42c026f540966058a5def2c3475657e6084bc82ba5b4c83ce1
2f1fe2b746defd93a4686ae7680ef73a699881354dabb47ff21831a9ccf4ed00
2f22aaf2e8367b02152b442ef28df7084601e0ded40c7d8f7b6f24be66b326fb
395285621bdb4246b78bbefe9b64e63d60f643a99484c6fc4ab50fc45f8d191e
3d61f511a1bdc441e3b0e1ce33ead66e051aa0f6e39f6c2e428468a1de6d5496
3e4c502afc4135a67c98145c79045f4bd0b454bbd5a7fde4cb96d05bf3c85871
3e608f368ebeed37ccd08edf1d409ef65bda94c07323136ff95213972cd20257
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4cbe9d9c25d806247ea5273b0eaad668c1e2048350add7f1c1ebf5492e068240
5508c268753555b6ec1cb7609343a36ae5866825c76e594afd4cc90528645e9d
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
56044b63194caa3c145bf40afe2ab724873f93a07aa36752984442c8520f0f43
582ee3caea8662e7f4e7ddf01e63f8ada767578aaebc65713ded23d95463813d
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
639b54d9b91b8b284848fd1730c4d08262dc5fe9aa69d19dcd8b4b2133cf5208
67978dfdf569348307a281bac0eb1ccfa2eca8b66099772b539c67721886e603
6b8097a3698aed127a630ad86254bce53500755f0914e25250d590a7846657fe
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
761ef28e82cdeb62437948c21aa9d06051750b5dc0f02876cb467d97e8a6f464
7a21ec103ba32b55433752312f579a5e37e7fc51954a1b772e3629eee30229e0
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cb11031d8ff3bde0c9add458111eddff9e8a74326180111262fe82a8f44f61
889698613aca39f979a6d646048e2f978a65ea1e4adabebe7aed2882bcab4ae5
8b7fbc8023ce9589620718e6f679110123d1bff630ce87cd166fd05142eda176
91dfd93f658e5ab42982912a093ea56f8ef47adc0453a2dccb807d3df52d1679
91ec9efc30649fe959f787c348e4d6b02ef7ac88610ca5c0d1b2a13ed0c66b37
a5474cd02b98207607bd59affcb3a7e036c058f9b51f0d6dcc0a523066404740
a59455402cb06fdade0b4c6ca2c44f2f627a085fb354b911531235c4c4f538a3
a5e260f8d1d46595c71cf35eb09243ef8ee32453ff9fe49ea9c5ac6d3919f721
a920ab326c046e8423a4c6657e1709779af9ea84547252b2f618d1dc884ffbd6
aaa51a2bc3c4a1fc68021e009e3433e8376fc68aff62eda3aa5335d1e8de85d4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee55f1d6a13bb89ad87b393b9a3b335ef580e75d08b50e9efb21699da4fe857
af2f7c0a11e47cd2c71a3e9524c5b0a8bac022045e6d9df146f327945b716606
b2746097e2133a98d010ec715a192c45b843a79a52059db54b98aed3f64b24a6
b498304d3d4663bfd68af9ba90d9f5f699f01d7574d26f1e47af51e0971463a9
c3ded27fb5bb94e3a8409d82fbf71dfd6dd59fce851778e74044da762e90f81f
c65010cc3bc933f2b78e90d5d2a2484c4467a92752b2aa79f4a6e0d35a924218
d76481cc112b3bd9e3b0d4c1e2a4bcebf2e19dd697ae05eb0dfb95c106a33866
d790ad8f1c181536a580382dcaa1913e87ace3e97c9d03ed9bf6bee713289bc9
d86644454ee2ebaf83dbf0aff79d4bcc718d7a309ad17186a1f481115a15fd71
d974b038d7de3103e0d7b7f17e4784299edd68d893fb0f82497c5715ebf5e568
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e08806fe89849fd3f7e8895978cdcccefc29e5176894299e557297eedffaef09
e3630447ceced70a539cc4bd32ad11e3adbe0efa7420c462b7f8855e364f9770
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f59df79697f0aee0cb6af4002c66f177bd8cec9be385ddc08301b5298eb969
ecdd58e7ab6054201e231f4842194b9a351741d38b006821e94670867ff02066
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
eee1b49f0878148ab5225b1a55d6c8395e0c702d0d991364c08f2ccdf6bca0c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f503d0d150f92c200743bd5170b1554df6621ccef84eaa49d571ebffc33ae2ff
fa292eb956ac0cd8e45d94796dff742fd5c257db692adedcc0eb6b7ee32f88f9
fa71b718df030f0e05ded37fc781f8aea478bd0989474bbd2f7c3ad91666a624
fc4ef9b17f5934575965b9c5734c343c1c3e97a00188a42d3421dac3060102f2
fe801ddcbf0a2bb1175252f58708ebc52bb0078352542ac5affd1d36cc025ba9