![](/screenshots/36ecd14b-b042-42b5-afc3-25dd438a2f8d.png)
www.change.org
Open in
urlscan Pro
104.17.88.51
Public Scan
Effective URL: https://www.change.org/p/scjn-diputadosmorena-legismex-cndh-tatclouthier-sergiomayerb-mx-diputados-rosariopiedraib-nice...
Submission Tags: falconsandbox
Submission: On October 13 via api from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2020. Valid for: a year.
This is the only time www.change.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: s3-website-us-west-2.amazonaws.com
chng.it |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-84-31.deploy.static.akamaitechnologies.com
cdn3.optimizely.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-68-187.deploy.static.akamaitechnologies.com
a11391265293.cdn.optimizely.com |
ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
www.googleadservices.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-126.vie50.r.cloudfront.net
static.hotjar.com | |
vars.hotjar.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-153-254.compute-1.amazonaws.com
logx.optimizely.com |
ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com
collector-pxnslc0hv5.px-cloud.net |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-108.vie50.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-54.vie50.r.cloudfront.net
vc.hotjar.io |
Domain | Requested by | |
---|---|---|
17 | www.change.org |
2 redirects
www.change.org
assets-fe.change.org |
13 | assets.change.org |
www.change.org
|
4 | maps.googleapis.com |
assets-fe.change.org
maps.googleapis.com |
4 | www.facebook.com |
www.change.org
connect.facebook.net assets-fe.change.org |
4 | connect.facebook.net |
www.change.org
connect.facebook.net assets-fe.change.org |
3 | static.change.org |
assets-fe.change.org
www.change.org |
3 | logx.optimizely.com |
cdn.optimizely.com
assets-fe.change.org |
2 | www.google.de |
www.change.org
|
2 | www.google.com |
www.change.org
|
2 | collector-pxnslc0hv5.px-cloud.net |
assets-fe.change.org
|
2 | apis.google.com |
assets-fe.change.org
apis.google.com |
2 | bat.bing.com |
www.change.org
|
2 | cdn.embedly.com |
www.change.org
|
2 | www.google-analytics.com |
www.change.org
assets-fe.change.org |
2 | assets-fe.change.org |
www.change.org
|
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | vc.hotjar.io |
assets-fe.change.org
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | t.co |
www.change.org
|
1 | accounts.google.com |
apis.google.com
|
1 | stats.g.doubleclick.net |
assets-fe.change.org
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | a11391265293.cdn.optimizely.com |
cdn.optimizely.com
|
1 | www.googletagmanager.com |
www.change.org
|
1 | cdn3.optimizely.com |
cdn.optimizely.com
|
1 | s3.amazonaws.com |
www.change.org
|
1 | cdn.optimizely.com |
www.change.org
|
1 | chng.it | 1 redirects |
78 | 32 |
This site contains links to these domains. Also see Links.
Domain |
---|
r3d.mx |
www.nicensuranicandados.org |
help.change.org |
guide.change.org |
twitter.com |
www.facebook.com |
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-16 - 2021-08-16 |
a year | crt.sh |
cdn.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2020-08-04 - 2021-08-09 |
a year | crt.sh |
*.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.embedly.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-11 - 2021-09-16 |
2 years | crt.sh |
*.cdn.optimizely.com GeoTrust RSA CA 2018 |
2020-03-05 - 2021-06-04 |
a year | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
*.hotjar.com Amazon |
2020-01-22 - 2021-02-22 |
a year | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2020-08-14 - 2021-08-19 |
a year | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
logx.optimizely.com Amazon |
2020-09-21 - 2021-10-21 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-09-11 - 2020-12-10 |
3 months | crt.sh |
*.apis.google.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
*.px-cloud.net Let's Encrypt Authority X3 |
2020-08-16 - 2020-11-14 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
accounts.google.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
*.google.de GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
*.hotjar.io Amazon |
2020-09-15 - 2021-10-15 |
a year | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://www.change.org/p/scjn-diputadosmorena-legismex-cndh-tatclouthier-sergiomayerb-mx-diputados-rosariopiedraib-nicensuranicandados-detengan-la-iniciativa-de-ley-digital-que-da%C3%B1a-los-derechos-humanos?utm_content=cl_sharecopy_23107678_es-ES%3A0&recruiter=1006060239&recruited_by_id=769a50c0-df3b-11e9-a054-bfbd81565638&utm_source=share_petition&utm_medium=copylink&utm_campaign=psf_combo_share_abi&utm_term=54fa2737c68f4878a4b9d8e2027be1c0
Frame ID: B48C6DFA6C86B37E890C764B3A5B875F
Requests: 74 HTTP requests in this frame
Frame:
https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FZTju2Czw7bc%3Ffeature%3Doembed&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DZTju2Czw7bc&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2FZTju2Czw7bc%2Fhqdefault.jpg&key=5c079241a1be4ecca8a6fe57387c4985&type=text%2Fhtml&schema=youtube
Frame ID: 2D87FC55B6DC60DCCE3FB0EB69957790
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FZTju2Czw7bc%3Ffeature%3Doembed&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DZTju2Czw7bc&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2FZTju2Czw7bc%2Fhqdefault.jpg&key=5c079241a1be4ecca8a6fe57387c4985&type=text%2Fhtml&schema=youtube
Frame ID: 19772EA34CD040433850534D9FDF1B36
Requests: 1 HTTP requests in this frame
Frame:
https://a11391265293.cdn.optimizely.com/client_storage/a11391265293.html
Frame ID: 62F398D55B4E674D5A0DCE0D223B473B
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: 254BA560F1666D0A6689633479D0D97E
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: F049D2DBB2A7146E55E4A3D2F924DCAD
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/36ecd14b-b042-42b5-afc3-25dd438a2f8d.png)
Page URL History Show full URLs
-
http://chng.it/LsBxVJHShN
HTTP 301
https://www.change.org/p/scjn-diputadosmorena-legismex-cndh-tatclouthier-sergiomayerb-mx-diputados-... HTTP 302
https://www.change.org/p/scjn-diputadosmorena-legismex-cndh-tatclouthier-sergiomayerb-mx-diputados-... HTTP 301
https://www.change.org/p/scjn-diputadosmorena-legismex-cndh-tatclouthier-sergiomayerb-mx-diputados-... Page URL
Detected technologies
Detected patterns
- headers server /^cloudflare$/i
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
![](/vendor/wappa/icons/Optimizely.png)
Detected patterns
- script /optimizely\.com.*\.js/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: R3D.mx
Search URL Search Domain Scan URL
Title: www.nicensuranicandados.org
Search URL Search Domain Scan URL
Title: Legal Disclosure
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Guides
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://chng.it/LsBxVJHShN
HTTP 301
https://www.change.org/p/scjn-diputadosmorena-legismex-cndh-tatclouthier-sergiomayerb-mx-diputados-nicensuranicandados-detengan-la-iniciativa-de-ley-digital-que-da%C3%B1a-los-derechos-humanos/exp/cl_/cl_sharecopy_23107678_es-ES/0/1006060239?utm_content=cl_sharecopy_23107678_es-ES%3A0&recruiter=1006060239&recruited_by_id=769a50c0-df3b-11e9-a054-bfbd81565638&utm_source=share_petition&utm_medium=copylink&utm_campaign=psf_combo_share_abi&utm_term=54fa2737c68f4878a4b9d8e2027be1c0 HTTP 302
https://www.change.org/p/scjn-diputadosmorena-legismex-cndh-tatclouthier-sergiomayerb-mx-diputados-nicensuranicandados-detengan-la-iniciativa-de-ley-digital-que-da%C3%B1a-los-derechos-humanos?utm_content=cl_sharecopy_23107678_es-ES%3A0&recruiter=1006060239&recruited_by_id=769a50c0-df3b-11e9-a054-bfbd81565638&utm_source=share_petition&utm_medium=copylink&utm_campaign=psf_combo_share_abi&utm_term=54fa2737c68f4878a4b9d8e2027be1c0 HTTP 301
https://www.change.org/p/scjn-diputadosmorena-legismex-cndh-tatclouthier-sergiomayerb-mx-diputados-rosariopiedraib-nicensuranicandados-detengan-la-iniciativa-de-ley-digital-que-da%C3%B1a-los-derechos-humanos?utm_content=cl_sharecopy_23107678_es-ES%3A0&recruiter=1006060239&recruited_by_id=769a50c0-df3b-11e9-a054-bfbd81565638&utm_source=share_petition&utm_medium=copylink&utm_campaign=psf_combo_share_abi&utm_term=54fa2737c68f4878a4b9d8e2027be1c0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
78 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
scjn-diputadosmorena-legismex-cndh-tatclouthier-sergiomayerb-mx-diputados-rosariopiedraib-nicensuranicandados-detengan-la-iniciativa-de-ley-digital-que-da%C3%B1a-los-derechos-humanos
www.change.org/p/ Redirect Chain
|
231 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11391265293.js
cdn.optimizely.com/js/ |
997 KB 199 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendr-xlAQzDvJM_K3jpDV0qJITERnqSdSsqp59Kbg01qSQhg.css
assets-fe.change.org/fe/css/ |
167 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
changeAssets-f5873f06aaa4ee8f8029.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
5 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cd14aafac957959bec377dc4e775c8f1_2fdee6f528483f1232d4dd73872559f7d64f6d32.js
www.change.org/api-proxy/-/locale_data/rendr-fe/en-US/ |
611 KB 153 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Icon_google.png
s3.amazonaws.com/change-assets/iconography/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
POkNoHHDQKWzQRT-48x48-noPad.jpg
assets.change.org/photos/9/kn/oh/ |
537 B 674 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geo2.js
cdn3.optimizely.com/js/ |
292 B 699 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
165 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.js
www.change.org/NsLC0Hv5/ |
94 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() cdn.embedly.com/widgets/ Frame 2D87 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() cdn.embedly.com/widgets/ Frame 1977 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GXhBlElFtxPxUwn-400x225-noPad.jpg
assets.change.org/photos/9/hb/le/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a11391265293.html
a11391265293.cdn.optimizely.com/client_storage/ Frame 62F3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
29 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1693228.js
static.hotjar.com/c/ |
72 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 92 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
88 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1081902691834097
connect.facebook.net/signals/config/ |
234 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 376 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Regular.woff2
static.change.org/fonts/ |
30 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Bold.woff2
static.change.org/fonts/ |
31 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
49 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
125 KB 41 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
4 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meta_data
www.change.org/api-proxy/-/petitions/23107678/ |
2 B 144 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responses
www.change.org/api-proxy/-/petitions/23107678/ |
12 B 180 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recent
www.change.org/api-proxy/-/petitions/23107678/updates/ |
635 KB 15 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
comments
www.change.org/api-proxy/-/ |
93 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
treat
www.change.org/api-proxy/-/experiments/cl_share_copy_bandit_holdout/users/7f431fa0-0ced-11eb-a750-0b22a25b7604/ |
0 251 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US
www.change.org/api-proxy/-/petitions/promoted/ |
96 KB 22 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 193 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 140 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
store
www.change.org/api-proxy/-/longlinks/ |
70 B 279 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
store
www.change.org/api-proxy/-/longlinks/ |
70 B 259 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 88 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ |
0 83 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
654 B 875 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
201 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2laq3Py8kJk.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNOVyb6DDYv7xgJGtF_6RiAl0K1Kw/ |
102 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame 254B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 449 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.5c0e4f2058317765546a.js
script.hotjar.com/ |
356 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/991363857/ |
42 B 538 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/991363857/ |
42 B 538 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame F049 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1693228
vc.hotjar.io/sessions/ |
0 257 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lCcANqsIiYrKMEh-400x400-noPad.jpg
assets.change.org/photos/5/ca/nq/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
store
www.change.org/api-proxy/-/longlinks/ |
70 B 262 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
store
www.change.org/api-proxy/-/longlinks/ |
70 B 260 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
POkNoHHDQKWzQRT-128x128-noPad.jpg
assets.change.org/photos/9/kn/oh/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
366 B 431 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yInvqOihBReQtnM-400x225-noPad.jpg
assets.change.org/photos/4/nv/qo/ |
111 KB 112 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yKHkHKYjKUASuDj-400x225-noPad.jpg
assets.change.org/photos/6/hk/hk/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKQZGRmnMaAjOLB-400x225-noPad.jpg
assets.change.org/photos/5/qz/gr/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hIvVdZVkSkZEwaJ-400x225-noPad.jpg
assets.change.org/photos/7/vv/dz/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RfItNRbRXdAjVXO-400x225-noPad.jpg
assets.change.org/photos/4/it/nr/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VYUHwZrmhGEzzYu-400x225-noPad.jpg
assets.change.org/photos/5/uh/wz/ |
13 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uNtGGkZoxgRnuuz-400x225-noPad.jpg
assets.change.org/photos/5/tg/gk/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AEPTkLOsUSsJMgW-400x225-noPad.jpg
assets.change.org/photos/4/pt/kl/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RYcrjfGSYMilZHk-400x225-noPad.jpg
assets.change.org/photos/1/cr/jf/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 651 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/41/8/ |
78 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/41/8/ |
144 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 138 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
68 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| changeTargetingData undefined| _ object| optimizely object| dataLayer string| _pxAppId string| _pxParam1 string| _pxSelectedLocale object| google_tag_data function| ga object| gaplugins function| postscribe object| google_tag_manager function| hj object| _hjSettings function| twq object| uetq function| UET function| removePreBundleEvents function| fbq function| _fbq function| setImmediate function| clearImmediate object| Backbone object| regeneratorRuntime function| $ function| jQuery object| Stickyfill object| TwitterCldr function| localeDataJsonp function| FontFaceObserver function| _sov object| gaGlobal object| gaData function| fbAsyncInit object| __APOLLO_CLIENT__ function| __loadGooglePlaces object| airbrake object| TwitterCldrDataBundle object| App object| PXNsLC0Hv5 object| PX undefined| _NsLC0Hv5handler object| FB object| gapi object| ___jsl object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| gadgets object| osapi object| oauth2 object| twttr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| _xdc_5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.change.org/ | Name: __cf_bm Value: 5521648cebe58dc222cf467fa9634df481a71552-1602549980-1800-AW5JESjmN161bG+OlaAZV1KX4UhId+KOSTCn6XVZmTqO3+qqqB3gypya+wfRcMVCbe/4o4uNFyaxp1Wy/VvwUZA= |
|
.change.org/ | Name: __cfruid Value: eda3c27afef693c7c3c4c7aa5ddfb5ceabacc4dc-1602549980 |
|
.change.org/ | Name: __cfduid Value: dbdd51dbb1bbd5f60e4bc0c2379f91b8c1602549980 |
|
www.change.org/ | Name: _change_lang Value: %7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22CH%22%7D |
|
.change.org/ | Name: _px3 Value: 3f2f08c29e2a7037f1b7dab8895f35a6bddc21bd863b7d5a25a50e9d66502a54:kV58eT9/OwXUIUa0aJn0d2KorQdTFPiZxJTumzOkhzq4fHHp7Z7vSLebBCGkZu5k8T93Ruyn7hBII5eX5FPk5A==:1000:v+YlzuvLtGfcKRPjS/hRbqoyu/L+mROrkWSY4I5qjS1L058JdxH+dK6/+NneE0lPWrl72jt9x0psWctF+6IG5BgEioBtEw6tGZ4gL2pIqELDJs06YaYI95qveeP+5e+CcM2aWQXulaRkL0noYzgBZJmCJJJVzP/3UwxODO4Lcic= |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.recaptcha.net https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://*.ads-twitter.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://px-cdn.net https://*.px-cloud.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://p2a.co https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com https://*.voteamerica.com https://*.jotform.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://*.px-client.net https://*.px-cloud.net https://pxchk.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://api.stripe.com https://api.soundcloud.com https://api.airbrake.io https://www.voteamerica.com; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com https://*.hotjar.com https://*.hotjar.io; img-src * blob: data:; form-action 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a11391265293.cdn.optimizely.com
accounts.google.com
analytics.twitter.com
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.embedly.com
cdn.optimizely.com
cdn3.optimizely.com
chng.it
collector-pxnslc0hv5.px-cloud.net
connect.facebook.net
googleads.g.doubleclick.net
logx.optimizely.com
maps.googleapis.com
s3.amazonaws.com
script.hotjar.com
static.ads-twitter.com
static.change.org
static.hotjar.com
stats.g.doubleclick.net
t.co
vars.hotjar.com
vc.hotjar.io
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.108.68.187
104.16.90.50
104.17.88.51
104.17.89.51
104.244.42.5
104.244.42.67
151.101.12.157
172.217.18.98
184.31.84.31
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:806::200d
2a00:1450:4001:808::2002
2a00:1450:4001:819::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::200e
2a00:1450:4001:81f::200e
2a00:1450:400c:c00::9b
2a02:26f0:6c00:2bc::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.186.220.184
52.20.153.254
52.216.105.125
52.218.233.2
99.86.243.108
99.86.243.126
99.86.243.54
0b0abc92d5b255db2884928e626ee80408af79a81b0da921910a9effb04e77e7
0e2d1b18f53491872b3d5be6db377dcc44cf9bd2e1212bc3b36f7b9440fba55f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11729dcde7afe631c0896e56dea9ea9757f3792f2e75d94731d131d6b1aa7dc0
11de4c8055f50ff4ecfa0e776a2ee961378c1722374a0047cb3900ab6919217a
1f46c9cb4df42d29d60a0a973494a815a4bee5b75be6d452d1a7117a27653fb2
25d636abfd667ed45c631472ad2d57a343183529f4fad04c815875d53024f92c
2862dca2647f75eece572b1bed8c0afc4f9a78d35dab8a1115c1fb5e6b663558
2f22aaf2e8367b02152b442ef28df7084601e0ded40c7d8f7b6f24be66b326fb
3499107b560d74c10da6bd899c988340fa51390e17cd0f9c283170a5c20da1ad
395285621bdb4246b78bbefe9b64e63d60f643a99484c6fc4ab50fc45f8d191e
3cb5162e19d9c6ecb634881fc079ab3aa8e9855a7bc164a830730a752a73e440
3d61f511a1bdc441e3b0e1ce33ead66e051aa0f6e39f6c2e428468a1de6d5496
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
5748396f135a2ba22e71aed1aec5e16a2f994dcb004a958084bed139e8b71e5b
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
62366072007f798990579249e25aa69036e64ea4fb77af0ef9398ded6191ee43
639b54d9b91b8b284848fd1730c4d08262dc5fe9aa69d19dcd8b4b2133cf5208
6b960a046b27829f267f70ebeec6e685e7e5c777318d66c05af452106d743bea
6d719811722cd3ad15c2e3df16397f2537297cda61206962be9c115b2615bc12
6ebf2d9b94989b2985aa1a7b11b02c9eaada0c5937a41a6455d25068fe59d298
71397c44a5d4f807e68701866ed671c778febafb0177d3580df34dd4ddc17edd
73b05115d98f7fd39bb41eb3b5121c225c428e4a76af91596a73c505f364c037
771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1
79a60bd9956b40b057f1c1b604150e721f6fd03647c0d9413ad4b3a64e66278b
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cb11031d8ff3bde0c9add458111eddff9e8a74326180111262fe82a8f44f61
892c98b8c1809d58470ff8ea649a3daad2394b00fa4bd64e0d4f9f5c3dad15b8
937bcce87aa2af2c8d6bffb8568116ece776ff7b275ec37f11c31dfd02125b36
97aa4d6471edc6269410cee6ba8638f03dffdecc2389373be79d2a4102bc8495
a107d9cc532d6c731a491618a60287d85c4e1ba47032602730e1cd9a1a56a8fd
a63782cc39cd9337f5f9d14d6d3ab0fa9609ca7870f7fdf6f4afefbcc7c71373
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee55f1d6a13bb89ad87b393b9a3b335ef580e75d08b50e9efb21699da4fe857
af90fa94f7a2e6348c0bdf5050bbb83808219b12621c051b59adbabb207da620
b16bec9ff8f02bc0bac8b477c2233626845aa1473c743ce3344249be3ad054c7
b60095be11f154a3ef698081bce5c836b482777a1420b16766d623395d4724ad
b76f1b32ac22ee0061878f462d3462b127ecd83213bf6d62c7a55049deaafdc0
c0a24f51b1ce91d16af560fa6e2c7ea1e93548eac7a52c405fb222f5f6b4080a
c65010cc3bc933f2b78e90d5d2a2484c4467a92752b2aa79f4a6e0d35a924218
c9a1afa2e1939e6dd845c08c79828b539f49614e0031a0bf762c315ea76c7e73
cfdbdc02160ceaf7888e696c2d92b6439c22afe28f64ad4e7fc5c96204b634f0
d0782089a27c6c774fc540396f169b5b0cbbaf57b344182c652f5f4332265e1b
d2c7a07af980c5b02b45a5c63073d5ea3e06dd2e48ec3b69c42279d5806d0fc0
d8616222338739d023fbcf7eb2419508b653bcad93bc99026f69a8b1d04f707e
d9eec9aca245a403168997d934a4b37ccd551a7001ee1a02311ff9e616a7fd62
da359f162f441e0651ecc352d8732db89dd0e7ef7fcbeae87552b595e52ff2a9
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e040c47e3782ad0784c5b10eacdd37db5e62fd8107d0529152afcf6ed2b951f1
e0b83c5775a9f8377e4df6b497e3114154b4182ef2f001e47b9f1eb41a2d9857
e0c4ee1cdd6767e31d60335d1b2fd8708e8ffe4a0a573ffaeaf24bd3885ba06c
e2d8c19f0615740d54d9ae7fcbf1f81436c76b3c06e0485fb988027ceb49d6eb
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb25ec04b5b6c32dfa0fb97b8f38496b5ade2c2076d6266fdc02d6eb944f080a
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
eef46741adfc3a9f76294d3b78f37a45f113092ac9d44ee77c7a038a88ff09a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629