www.change.org
Open in
urlscan Pro
104.17.88.51
Public Scan
Effective URL: https://www.change.org/p/giuseppe-conte-mobbing-firma-anche-tu-per-una-legge-contro-i-soprusi-sul-lavoro?recruiter=5636...
Submission: On June 30 via api from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 6th 2020. Valid for: 6 months.
This is the only time www.change.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: s3-website-us-west-2.amazonaws.com
chng.it |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com
collector-pxnslc0hv5.px-cloud.net |
ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
www.googleadservices.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress17
static.hotjar.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-8-4-210.deploy.static.akamaitechnologies.com
cdn3.optimizely.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-43-121-57.deploy.static.akamaitechnologies.com
a11391265293.cdn.optimizely.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress14
script.hotjar.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15
vars.hotjar.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-60.compute-1.amazonaws.com
logx.optimizely.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
42 |
change.org
www.change.org static.change.org assets-fe.change.org assets.change.org |
3 MB |
5 |
google.com
1 redirects
www.google.com apis.google.com accounts.google.com |
54 KB |
5 |
optimizely.com
cdn.optimizely.com cdn3.optimizely.com a11391265293.cdn.optimizely.com logx.optimizely.com |
134 KB |
4 |
facebook.net
connect.facebook.net |
227 KB |
3 |
facebook.com
www.facebook.com |
359 B |
3 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com |
74 KB |
2 |
google.de
www.google.de |
213 B |
2 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net stats.g.doubleclick.net |
2 KB |
2 |
bing.com
bat.bing.com |
8 KB |
2 |
px-cloud.net
collector-pxnslc0hv5.px-cloud.net |
1 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
googleadservices.com
www.googleadservices.com |
11 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
47 KB |
1 |
chng.it
1 redirects
chng.it |
580 B |
0 |
ads-twitter.com
Failed
static.ads-twitter.com Failed |
|
72 | 15 |
Domain | Requested by | |
---|---|---|
21 | assets.change.org |
www.change.org
assets-fe.change.org |
13 | www.change.org |
www.change.org
assets-fe.change.org |
6 | assets-fe.change.org |
www.change.org
assets-fe.change.org |
4 | connect.facebook.net |
www.change.org
assets-fe.change.org connect.facebook.net |
3 | www.facebook.com |
www.change.org
assets-fe.change.org |
2 | logx.optimizely.com |
assets-fe.change.org
|
2 | apis.google.com |
assets-fe.change.org
apis.google.com |
2 | www.google.de |
www.change.org
|
2 | www.google.com |
1 redirects
www.change.org
|
2 | bat.bing.com |
www.change.org
|
2 | collector-pxnslc0hv5.px-cloud.net |
www.change.org
assets-fe.change.org |
2 | www.google-analytics.com |
1 redirects
www.change.org
|
2 | static.change.org |
www.change.org
|
1 | accounts.google.com |
apis.google.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | vars.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | a11391265293.cdn.optimizely.com |
cdn.optimizely.com
|
1 | cdn3.optimizely.com |
cdn.optimizely.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.change.org
|
1 | cdn.optimizely.com |
www.change.org
|
1 | chng.it | 1 redirects |
0 | static.ads-twitter.com Failed |
www.googletagmanager.com
|
72 | 26 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.change.org |
guide.change.org |
twitter.com |
www.facebook.com |
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-04-06 - 2020-10-09 |
6 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-06-10 - 2020-09-02 |
3 months | crt.sh |
cdn.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.px-cloud.net Let's Encrypt Authority X3 |
2020-05-26 - 2020-08-24 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-06-10 - 2020-09-02 |
3 months | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-06-17 - 2020-09-15 |
3 months | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.cdn.optimizely.com GeoTrust RSA CA 2018 |
2020-03-05 - 2021-06-04 |
a year | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-06-18 - 2020-09-16 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-06-10 - 2020-09-02 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-06-10 - 2020-09-02 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-06-10 - 2020-09-02 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-05-14 - 2020-08-05 |
3 months | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-06-16 - 2020-09-14 |
3 months | crt.sh |
*.apis.google.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
logx.optimizely.com DigiCert SHA2 High Assurance Server CA |
2018-10-01 - 2020-10-05 |
2 years | crt.sh |
accounts.google.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.change.org/p/giuseppe-conte-mobbing-firma-anche-tu-per-una-legge-contro-i-soprusi-sul-lavoro?recruiter=56361552&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book.pacific_email_copy_en_gb_4.v1.pacific_email_copy_en_us_3.control.pacific_post_sap_share_gmail_abi.gmail_abi.pacific_email_copy_en_us_5.v1
Frame ID: 14FB7A288285AF5BF963E2239C9E00BF
Requests: 70 HTTP requests in this frame
Frame:
https://a11391265293.cdn.optimizely.com/client_storage/a11391265293.html
Frame ID: 4F97FFBE5FCDE7B5868833024C903259
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 345A8795898AAB4166AD6E913B73C55E
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: 1084070C4B1479E63D8C9174D6542888
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://chng.it/T6Xj4Fzd49
HTTP 301
https://www.change.org/p/giuseppe-conte-mobbing-firma-anche-tu-per-una-legge-contro-i-soprusi-sul-l... Page URL
Detected technologies
React (JavaScript Frameworks) ExpandDetected patterns
- html /<[^>]+data-react/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Optimizely (Analytics) Expand
Detected patterns
- script /optimizely\.com.*\.js/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Help
Search URL Search Domain Scan URL
Title: Guides
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://chng.it/T6Xj4Fzd49
HTTP 301
https://www.change.org/p/giuseppe-conte-mobbing-firma-anche-tu-per-una-legge-contro-i-soprusi-sul-lavoro?recruiter=56361552&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book.pacific_email_copy_en_gb_4.v1.pacific_email_copy_en_us_3.control.pacific_post_sap_share_gmail_abi.gmail_abi.pacific_email_copy_en_us_5.v1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 38- https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=946608997&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2Fp%2Fgiuseppe-conte-mobbing-firma-anche-tu-per-una-legge-contro-i-soprusi-sul-lavoro%3Frecruiter%3D56361552%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book.pacific_email_copy_en_gb_4.v1.pacific_email_copy_en_us_3.control.pacific_post_sap_share_gmail_abi.gmail_abi.pacific_email_copy_en_us_5.v1&dp=%2Fp%2Fgiuseppe-conte-mobbing-firma-anche-tu-per-una-legge-contro-i-soprusi-sul-lavoro%3Frecruiter%3D56361552%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book.pacific_email_copy_en_gb_4.v1.pacific_email_copy_en_us_3.control.pacific_post_sap_share_gmail_abi.gmail_abi.pacific_email_copy_en_us_5.v1&ul=en-us&de=UTF-8&dt=Petition%20%C2%B7%20MOBBING%20-%20FIRMA%20ANCHE%20TU%20PER%20UNA%20LEGGE%20CONTRO%20I%20SOPRUSI%20SUL%20LAVORO%20%C2%B7%20Change.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABE~&jid=1866149914&gjid=1132991529&cid=1526216512.1593508333&tid=UA-5889778-1&_gid=1345794863.1593508333&_r=1&z=1932339452 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=1526216512.1593508333&jid=1866149914&_gid=1345794863.1593508333&gjid=1132991529&_v=j83&z=1932339452 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1526216512.1593508333&jid=1866149914&_v=j83&z=1932339452 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1526216512.1593508333&jid=1866149914&_v=j83&z=1932339452&slf_rd=1&random=410919301
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
giuseppe-conte-mobbing-firma-anche-tu-per-una-legge-contro-i-soprusi-sul-lavoro
www.change.org/p/ Redirect Chain
|
121 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Regular.woff2
static.change.org/fonts/ |
30 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Bold.woff2
static.change.org/fonts/ |
31 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendr-xlAQzDvJM_K3jpDV0qJITERnqSdSsqp59Kbg01qSQhg.css
assets-fe.change.org/fe/css/ |
167 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11391265293.js
cdn.optimizely.com/js/ |
521 KB 132 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
151 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rXGiZNyivfLbQuv-800x450-noPad.jpg
assets.change.org/photos/2/gi/zn/ |
138 KB 138 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YtvkIJCWUEozzjb-48x48-noPad.jpg
assets.change.org/photos/5/vk/ij/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UMWcBbNlDNjFJFk-128x128-noPad.jpg
assets.change.org/photos/2/wc/bb/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontFaceObserverChunk-bb113c8b8f61700bd517.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
petitionsEntryChunk-cdd83058ab52b63112a7.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
2 MB 550 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.js
www.change.org/NsLC0Hv5/ |
94 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
652 B 873 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
29 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1693228.js
static.hotjar.com/c/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
uwt.js
static.ads-twitter.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
25 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geo2.js
cdn3.optimizely.com/js/ |
288 B 695 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a11391265293.html
a11391265293.cdn.optimizely.com/client_storage/ Frame 4F97 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 148 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.875e8181449a9cd033c6.js
script.hotjar.com/ |
370 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/991363857/ |
42 B 116 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/991363857/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a0453b184e71371125a992dfa1d9ef08_ce1e24f1a2f78f17042c7757cb26671e0f534ff2
www.change.org/api-proxy/-/translations/en-US/ |
319 KB 87 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
133 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 345A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
47 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
81 B 368 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
154 B 264 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
390 B 377 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 274 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
updatesAndCommentsChunk-44305f3330d473d82629.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
25 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
changeAssets-d1ad622781ef48792fc7.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
5 MB 1 MB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 140 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suggestedPetitionsChunk-4a03f4bd1d71750d5b02.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 278 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1081902691834097
connect.facebook.net/signals/config/ |
522 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
199 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.tdKmdx4hEKY.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCNzu8du8SXFGdrQ3hHBmqUkmRBYPg/ |
106 KB 36 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
1 KB 719 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
42 KB 16 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame 1084 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 140 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
366 B 431 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UMWcBbNlDNjFJFk-48x48-noPad.jpg
assets.change.org/photos/2/wc/bb/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zvAPoWNWgweqeIt-48x48-noPad.jpg
assets.change.org/photos/0/ap/ow/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oArdRFUoUhgjejR-48x48-noPad.jpg
assets.change.org/photos/6/rd/rf/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gASkOOvkUFNZaif-400x225-noPad.jpg
assets.change.org/photos/8/sk/oo/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HfFkPrVUPyRfQsf-400x225-noPad.jpg
assets.change.org/photos/4/fk/pr/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JHOdqaSTiuPgWtL-400x225-noPad.jpg
assets.change.org/photos/6/od/qa/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yKHkHKYjKUASuDj-400x225-noPad.jpg
assets.change.org/photos/6/hk/hk/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RfItNRbRXdAjVXO-400x225-noPad.jpg
assets.change.org/photos/4/it/nr/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AEPTkLOsUSsJMgW-400x225-noPad.jpg
assets.change.org/photos/4/pt/kl/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XaoZqpEBhAUPuZD-400x225-noPad.jpg
assets.change.org/photos/5/oz/qp/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IfysFyzwcIXXLRO-400x225-noPad.jpg
assets.change.org/photos/5/ys/fy/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wQEtOmozISWbUyU-400x225-noPad.jpg
assets.change.org/photos/0/et/om/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tPktqohpMkvIYRv-400x225-noPad.jpg
assets.change.org/photos/6/kt/qo/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oIGfllqSrYkEevp-400x225-noPad.jpg
assets.change.org/photos/4/gf/ll/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DVHGubquORLCAgU-400x225-noPad.jpg
assets.change.org/photos/4/hg/ub/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
buRhuIrxkGHlcVQ-400x225-noPad.jpg
assets.change.org/photos/5/rh/ui/ |
52 KB 52 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ArXrxpGLTtteyxd-400x225-noPad.jpg
assets.change.org/photos/9/xr/xp/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jNmYHpinSKVOTMW-400x225-noPad.jpg
assets.change.org/photos/4/my/hp/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- static.ads-twitter.com
- URL
- https://static.ads-twitter.com/uwt.js
Verdicts & Comments Add Verdict or Comment
52 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| changeTargetingData object| dataLayer string| _pxAppId object| google_tag_data function| ga object| gaplugins object| PXNsLC0Hv5 object| PX undefined| _NsLC0Hv5handler function| postscribe object| google_tag_manager function| hj object| _hjSettings function| twq object| uetq function| _ object| optimizely object| webpackJsonp function| FontFaceObserver function| UET object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| setImmediate function| clearImmediate object| regeneratorRuntime object| airbrake object| __APOLLO_CLIENT__ object| recaptchaOptions function| trackEvent function| setOverrideVariation function| _sov function| FuzzySet object| Backbone function| fbq function| _fbq object| gaGlobal object| gaData function| fbAsyncInit object| __consolidated_events_handlers__ string| _pxParam1 object| FB object| gapi object| ___jsl object| gadgets object| osapi object| oauth222 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.com/ | Name: NID Value: 204=sD-BUD7iQr7Id_drxPn9m0wlYYEbeWg1HUr_PH9PgtMgrrJcp7D7OwBQFQSVdCHOKkiNq0scfzARHbeC8Me5l1zdvvnMEwqrJvq1J2EnqUSJ0GeF1UrHgii7LP2mWC7XVZ9tckIElHwlZyObsAjaVl8IJsGy5L_lEhtInAKUGhs |
|
.change.org/ | Name: _ga Value: GA1.2.1526216512.1593508333 |
|
.change.org/ | Name: _hjid Value: 9b5e8398-3b27-4a75-bab1-a8d922e54399 |
|
.change.org/ | Name: _gat Value: 1 |
|
www.change.org/ | Name: _pxff_rf Value: 1 |
|
www.change.org/ | Name: _pxff_axt Value: 540 |
|
.change.org/ | Name: _fbp Value: fb.1.1593508333114.1462682221 |
|
.change.org/ | Name: _uetsid Value: d062b731-9fef-8930-91eb-8cfc52b3ebab |
|
.www.change.org/ | Name: G_ENABLED_IDPS Value: google |
|
.change.org/ | Name: __cfduid Value: d4b2b4b66a34c0be609999171e78172171593508330 |
|
.change.org/ | Name: optimizelyEndUserId Value: oeu1593508331990r0.9701581844174725 |
|
.change.org/ | Name: _gid Value: GA1.2.1345794863.1593508333 |
|
.change.org/ | Name: _gcl_au Value: 1.1.500845614.1593508332 |
|
.change.org/ | Name: _uetvid Value: 82400f29-5f89-52b4-9bd3-cba2fad6db02 |
|
.change.org/ | Name: __cfruid Value: 1d337f7a1057dde80a4d8aaa197ce0e7b225f737-1593508331 |
|
.change.org/ | Name: _pxvid Value: c84b5b3a-bab1-11ea-b6a8-0242ac120008 |
|
.change.org/ | Name: __cf_bm Value: b7245dcdc8bf86935e73dffc72da40cb06487470-1593508331-1800-AQGFPOvic0qzscCvVHnh1xYsBoYm36bDYlw1RA3gksqwoNRGL6tLuI7Nv9Ls1dHiGrJPd2GXDQp6G9BDUBpT3DU= |
|
www.change.org/ | Name: _change_session Value: 7cdec2065377b4f34fe4d844ae144e28 |
|
.change.org/ | Name: invite Value: %7B%22recruiter_id%22%3A56361552%2C%22requested_at%22%3A%222020-06-30T09%3A12%3A11.085Z%22%7D |
|
www.change.org/ | Name: tracking_data Value: %7B%22user_uuid%22%3A%22c79c04d0-bab1-11ea-8cec-c7abfc103eaa%22%7D |
|
.change.org/ | Name: _px3 Value: 2107c645f5730b0b1f2ab3c3c77c4a7b692d1a7999e194c00e33fefaa0d28b2f:isu3wBNf1wPoa3NGr6jnrw92CyZ+xjwhNvi9oscBt99aikgw8Z6Wo7XqnuVYhCJVuL+uNmYQcikXy1JkOgZSUA==:1000:485304Kw0CfrJfE63MoMSk/eofsWUX5HZyfCU9HfKgWmLMZBEKlBXWh4GQDvZzlOsLKLOQDVWEObF6h7Ke+z/XeEEoYmbt60QvEyeXPc9+usWBvvF5eSjYqjkK58rKp3ZrdKA+fmz1Tu/a/dc/31+16dtdw1fHAhNaYRhRLIQjg= |
|
www.change.org/ | Name: _change_lang Value: %7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22PL%22%7D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.recaptcha.net https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://px-cdn.net https://*.px-cloud.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com https://p2a.co https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://*.px-client.net https://*.px-cloud.net https://pxchk.net http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com https://api.stripe.com https://api.soundcloud.com https://api.airbrake.io https://api.zippopotam.us; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a11391265293.cdn.optimizely.com
accounts.google.com
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.optimizely.com
cdn3.optimizely.com
chng.it
collector-pxnslc0hv5.px-cloud.net
connect.facebook.net
googleads.g.doubleclick.net
logx.optimizely.com
script.hotjar.com
static.ads-twitter.com
static.change.org
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
static.ads-twitter.com
104.17.88.51
104.17.89.51
147.75.100.161
147.75.102.203
147.75.33.233
172.217.18.98
23.43.121.57
23.8.4.210
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:808::200e
2a00:1450:4001:818::2002
2a00:1450:4001:818::2004
2a00:1450:4001:81b::200d
2a00:1450:4001:81b::200e
2a00:1450:4001:824::2008
2a00:1450:400c:c07::9d
2a02:26f0:6c00:183::13b8
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.173.160.60
35.186.220.184
52.218.253.58
00b5814e460408c221258e6529ab9113ab472cacee2d4ecda599ca2ee6593f1e
03651df0ecdf393fb6d885404c6d87a1a6a9bcba64b0a3a8d76aa6e84d44260d
04dc9b14033562eae0df81f54aaeefc46be66da8132dc0290205a6c9d8c17290
09377efceff694c98c24494879968fa01c9f6fb382765266add27992913f6058
0a0133cfb0058a048db8bde46f1efef457c5507f60fb543f6de1e4af2706775b
0b0abc92d5b255db2884928e626ee80408af79a81b0da921910a9effb04e77e7
0f2abc0cef9e1e16b3c619c4699712e3cac0cc18ba218f78d57b4de2fe7ad735
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
159ca1dd6477d00bf7da8b628e111a02dc1888cc3a07a9e4a4b84653f0e6ed44
1c0ab1a9b8ab89e9ee5212f2a10687e66768190f79a77ed4526945ed53988097
1f46c9cb4df42d29d60a0a973494a815a4bee5b75be6d452d1a7117a27653fb2
201e1fc283ad09d5dcea62409063929a94ceb7130294d6e357ee64aaf98db271
22f43027a280a23bc3eff5beb257e40b1aea991e98903116d4b9fdd6f6881006
23f41c0c9227bdefcf8e0564962990544adf98a3433206cf2c715f55c37804bd
32a1d8ba79b65adb040b682f334b0c18a469dfe6e087c591e8be197de1f0db7e
3e3292317e2d81ef0911937957ffe67eab8d38678e89a797038bab54996c9f48
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4453849e09d7cf2e2c6e230aa0bbab068a4594e05c1909a5149da0df9035da39
4686fc1558d60ec0f5a67f5d2fbb1907efbd5b15d7e2c2b429d09a8414719305
4818a0f7c062c040ea1eb895ce40e576ca677a3a0e57fb94905656d17c348a80
48b38ca75defc8253591b31961ffb6dd1b15e06a1a6047fd21c55770807341ae
4c9bdb532a35accdd00e1706f9b1ac99a50ec474caa4d3b55619e03555ff69d0
4d224fbb3e2133cd0c13116f73e46c0e0f3fd69eccc925711fb26aeb7f33bb7a
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
6685f5f0abc0d2011c7935cf256f6aeb1ad211f00d9a26c886ce0bff1efab8f0
6d7477548d212c307b2637c64c2e504e65f5ca9d3b77a8ac3616afff75a8b96e
6f8ef3f3b41c03f4f97f7870e55af9ee316df74664c2329e319e3b1459a9f4e5
73d764e56e8727bfd3de86dbe1c52f5105b4d6d0c41dbf91565e719e7cd74aed
7d8db885e0e815eb724c186eed97a4d3d051acd0776b4300eff3701949352bf0
819ae381f8eab24bdc1f86ae81d718170a2918bff54a0b6073b7b9063cdc34bb
84e42b6abb6ae87f622f157756377bf34de03b56dc77717f9c8a7a0a397bdb33
865674e4938c3ed97c19a95c79426d032d794af6d59dd0e22f36d34106824fc3
89b9350d451baaa1122922d6148aac8801a6bbb0d0d032aada4e55d39a4f1d0d
901931d28492d4256447ecbee29081a1e13475f9f18dd8dc38d7522d8ae2912e
945189dc44d1edc592f89ac19e09ea1f7b08c477547ab1a04ed2b1805fedc9e2
97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa
a920ab326c046e8423a4c6657e1709779af9ea84547252b2f618d1dc884ffbd6
aa2ac91dacafa88de6c63bc085e00f89f92a75d043e388554e12dcf344636162
b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe
b7f50bd7195d1f45e8b63f8d6444dad5ad83d1f3510e0fb56c17617b480b232e
bfa7acc63bd108a6c1a26313c641b212ccef957fad88544fbffdd624f8f8fbc3
c2dc923e2978674af7ae30f2ff6c44253db4b0897e321195f732ce25f8f3184b
c65010cc3bc933f2b78e90d5d2a2484c4467a92752b2aa79f4a6e0d35a924218
c98e2aa3bb07320c5aa10b6449e97b49afef6385baa04feb184303032bfd2f38
cb433a4c2dd02a6162b5892b9c71b25b9ebfa94d2ef7beddc5bb2e583c3fa126
cc1df65656dbf55011e77a8ea7b52d58511a283436f092eeb8c5c987bd68f00a
cd9eddd9fd7d332ca7cb4dedc6193d63898f3b1cd41a94561b30c8621bf1a9c6
cfdbdc02160ceaf7888e696c2d92b6439c22afe28f64ad4e7fc5c96204b634f0
d3d64f5ce832ba0234432b9a2a0e418b3339538290bfa62d144dcddbbdfee41d
dc3fe7790e2623087e9283752a2b58e75ad146ff358349b61a3e468cf8e0d01c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47cf86508e30719b86bb4ef12686d213d2c311cb50eef601a248333005b9bbb
e7b076f62ab3be25ee86040bf6c6b6be7497d1697a2d35f6733c1a787ab3a820
ed101ed67f0bb551c651b64fbc8580ccfc71eac3b9fd0624406467c06aa2e7fe
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
ee43871ff618f5aece64eb8c769872c93990b865ca7b81f2799a3b9cb1edc5cc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0dca4d93f9e88c61e2b3b57f165608002ed2e015f8e2e7586418bdf4c455d05
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955