www.change.org
Open in
urlscan Pro
104.17.88.51
Public Scan
Effective URL: https://www.change.org/p/supreme-court-under-ban-republic-tv-arnab-goswami-spreads-false-information-and-hate-amongst-i...
Submission: On September 07 via api from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2020. Valid for: a year.
This is the only time www.change.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: s3-website-us-west-2.amazonaws.com
chng.it |
ASN13335 (CLOUDFLARENET, US)
www.change.org | |
static.change.org | |
assets-fe.change.org | |
assets.change.org |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net
www.googleadservices.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9
static.hotjar.com | |
script.hotjar.com | |
vars.hotjar.com |
ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com
collector-pxnslc0hv5.px-cloud.net |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-8-4-210.deploy.static.akamaitechnologies.com
cdn3.optimizely.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-223-23.deploy.static.akamaitechnologies.com
a11391265293.cdn.optimizely.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-132-251.compute-1.amazonaws.com
logx.optimizely.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
39 |
change.org
www.change.org static.change.org assets-fe.change.org assets.change.org |
2 MB |
5 |
google.com
apis.google.com www.google.com accounts.google.com |
55 KB |
5 |
optimizely.com
cdn.optimizely.com cdn3.optimizely.com a11391265293.cdn.optimizely.com logx.optimizely.com |
188 KB |
4 |
facebook.net
connect.facebook.net |
229 KB |
3 |
facebook.com
www.facebook.com |
311 B |
3 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com |
79 KB |
2 |
google.de
www.google.de |
598 B |
2 |
doubleclick.net
googleads.g.doubleclick.net stats.g.doubleclick.net |
1 KB |
2 |
px-cloud.net
collector-pxnslc0hv5.px-cloud.net |
1 KB |
2 |
bing.com
bat.bing.com |
8 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
1 |
twitter.com
analytics.twitter.com |
651 B |
1 |
t.co
t.co |
448 B |
1 |
ads-twitter.com
static.ads-twitter.com |
2 KB |
1 |
googleadservices.com
www.googleadservices.com |
11 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
51 KB |
1 |
chng.it
1 redirects
chng.it |
551 B |
74 | 17 |
Domain | Requested by | |
---|---|---|
16 | assets.change.org |
www.change.org
|
13 | www.change.org |
www.change.org
assets-fe.change.org |
6 | assets-fe.change.org |
www.change.org
assets-fe.change.org |
4 | connect.facebook.net |
www.change.org
assets-fe.change.org connect.facebook.net |
4 | static.change.org |
www.change.org
assets-fe.change.org |
3 | www.facebook.com |
www.change.org
assets-fe.change.org connect.facebook.net |
2 | logx.optimizely.com |
assets-fe.change.org
|
2 | www.google.de |
www.change.org
|
2 | www.google.com |
www.change.org
|
2 | apis.google.com |
assets-fe.change.org
apis.google.com |
2 | collector-pxnslc0hv5.px-cloud.net |
www.change.org
assets-fe.change.org |
2 | bat.bing.com |
www.change.org
|
2 | www.google-analytics.com |
www.change.org
assets-fe.change.org |
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | accounts.google.com |
apis.google.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | stats.g.doubleclick.net |
assets-fe.change.org
|
1 | t.co |
www.change.org
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | a11391265293.cdn.optimizely.com |
cdn.optimizely.com
|
1 | cdn3.optimizely.com |
cdn.optimizely.com
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.change.org
|
1 | cdn.optimizely.com |
www.change.org
|
1 | chng.it | 1 redirects |
74 | 28 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.change.org |
guide.change.org |
twitter.com |
www.facebook.com |
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-16 - 2021-08-16 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
cdn.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-08-16 - 2020-11-14 |
3 months | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2020-08-14 - 2021-08-19 |
a year | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.px-cloud.net Let's Encrypt Authority X3 |
2020-08-16 - 2020-11-14 |
3 months | crt.sh |
*.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.cdn.optimizely.com GeoTrust RSA CA 2018 |
2020-03-05 - 2021-06-04 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-07-21 - 2020-10-12 |
3 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-08-17 - 2020-11-15 |
3 months | crt.sh |
*.apis.google.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-08-15 - 2020-11-13 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
logx.optimizely.com DigiCert SHA2 High Assurance Server CA |
2018-10-01 - 2020-10-05 |
2 years | crt.sh |
*.google.de GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
accounts.google.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.change.org/p/supreme-court-under-ban-republic-tv-arnab-goswami-spreads-false-information-and-hate-amongst-indians?recruiter=1096953883&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=psf_combo_share_message&recruited_by_id=4fcf95d0-a188-11ea-957a-0f219ed58785
Frame ID: A10B9B73CFA1BE4FB484FDF4F707F3AF
Requests: 72 HTTP requests in this frame
Frame:
https://a11391265293.cdn.optimizely.com/client_storage/a11391265293.html
Frame ID: 429BAB88FCBC59D6B4C6A1A74ADAE9CC
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: E8379E06713F3A165CC75FAC9280811A
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: 94F7E251A528A8B1D0592AB08C7E5126
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://chng.it/GHTKHWRK4c
HTTP 301
https://www.change.org/p/supreme-court-under-ban-republic-tv-arnab-goswami-spreads-false-informatio... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Help
Search URL Search Domain Scan URL
Title: Guides
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://chng.it/GHTKHWRK4c
HTTP 301
https://www.change.org/p/supreme-court-under-ban-republic-tv-arnab-goswami-spreads-false-information-and-hate-amongst-indians?recruiter=1096953883&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=psf_combo_share_message&recruited_by_id=4fcf95d0-a188-11ea-957a-0f219ed58785 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
74 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
supreme-court-under-ban-republic-tv-arnab-goswami-spreads-false-information-and-hate-amongst-indians
www.change.org/p/ Redirect Chain
|
126 KB 38 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Regular.woff2
static.change.org/fonts/ |
30 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Bold.woff2
static.change.org/fonts/ |
31 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendr-xlAQzDvJM_K3jpDV0qJITERnqSdSsqp59Kbg01qSQhg.css
assets-fe.change.org/fe/css/ |
167 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11391265293.js
cdn.optimizely.com/js/ |
1 MB 187 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AJVmassdyzVZMFT-800x450-noPad.jpg
assets.change.org/photos/9/vm/as/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
162 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontFaceObserverChunk-60124782613321711547.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
petitionsEntryChunk-380cc5c0f40b71cb63dd.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
2 MB 469 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.js
www.change.org/NsLC0Hv5/ |
94 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
29 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1693228.js
static.hotjar.com/c/ |
116 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
654 B 875 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geo2.js
cdn3.optimizely.com/js/ |
294 B 701 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a11391265293.html
a11391265293.cdn.optimizely.com/client_storage/ Frame 429B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8688268b366a87d8f85acd51d2e12205_1a6015dd9ca7b15618afc8e039c24730c052ce14
www.change.org/api-proxy/-/translations/en-US/ |
321 KB 87 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
135 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 171 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.bea1968def3c3b64afc1.js
script.hotjar.com/ |
358 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 65 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
49 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
81 B 402 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
5 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 274 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
updatesAndCommentsChunk-c6ca27fcfc687053b480.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
25 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
changeAssets-0c0c6398a6341f49f62b.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
5 MB 1 MB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 140 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 140 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 140 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suggestedPetitionsChunk-22819cdcfe9fab7a65e8.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 448 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 87 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame E837 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 148 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1081902691834097
connect.facebook.net/signals/config/ |
524 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/991363857/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/991363857/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
201 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ |
105 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
855 B 581 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
838 B 624 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ga-audiences
www.google.com/ads/ |
42 B 491 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ga-audiences
www.google.de/ads/ |
42 B 491 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
366 B 431 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
45 KB 18 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame 94F7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 651 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 853 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ |
0 53 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LaYZxENoRrNCcKj-400x225-noPad.jpg
assets.change.org/photos/3/yz/xe/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QxEXmMGEOJgYYtU-400x225-noPad.jpg
assets.change.org/photos/1/ex/mm/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RVIigCPljnSLfhd-400x225-noPad.jpg
assets.change.org/photos/8/ii/gc/ |
22 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yInvqOihBReQtnM-400x225-noPad.jpg
assets.change.org/photos/4/nv/qo/ |
111 KB 112 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yKHkHKYjKUASuDj-400x225-noPad.jpg
assets.change.org/photos/6/hk/hk/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AVHyCPjKBSyVyPc-400x225-noPad.jpg
assets.change.org/photos/1/hy/cp/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKQZGRmnMaAjOLB-400x225-noPad.jpg
assets.change.org/photos/5/qz/gr/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RfItNRbRXdAjVXO-400x225-noPad.jpg
assets.change.org/photos/4/it/nr/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BPQkGTtvLQDRsdg-400x225-noPad.jpg
assets.change.org/photos/6/qk/gt/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VYUHwZrmhGEzzYu-400x225-noPad.jpg
assets.change.org/photos/5/uh/wz/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AEPTkLOsUSsJMgW-400x225-noPad.jpg
assets.change.org/photos/4/pt/kl/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uNtGGkZoxgRnuuz-400x225-noPad.jpg
assets.change.org/photos/5/tg/gk/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RYcrjfGSYMilZHk-400x225-noPad.jpg
assets.change.org/photos/1/cr/jf/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XaoZqpEBhAUPuZD-400x225-noPad.jpg
assets.change.org/photos/5/oz/qp/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RveKTAWffIEXCFz-400x225-noPad.jpg
assets.change.org/photos/0/ek/ta/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
52 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| changeTargetingData object| dataLayer string| _pxAppId string| _pxSelectedLocale object| google_tag_data function| ga object| gaplugins function| postscribe object| google_tag_manager function| hj object| _hjSettings function| twq object| uetq object| PXNsLC0Hv5 object| PX undefined| _NsLC0Hv5handler object| webpackJsonp function| FontFaceObserver undefined| _ object| optimizely function| setImmediate function| clearImmediate object| regeneratorRuntime object| airbrake object| __APOLLO_CLIENT__ object| recaptchaOptions function| trackEvent function| setOverrideVariation function| _sov function| FuzzySet function| fbq function| _fbq function| UET function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| twttr object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| gaGlobal object| gaData function| fbAsyncInit object| __consolidated_events_handlers__ string| _pxParam1 object| FB object| gapi object| ___jsl object| gadgets object| osapi object| oauth223 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.com/ | Name: NID Value: 204=ub7FqvnkOwmM72js-JhYGlGzrtsljc2L5Npog5QsVzvAzI3DIU_WR3YfokJHjC7GhVkNNNy08b_fZjHPeMqAApnSEYhKFL0Dgdui19yX-9KT4tSgobiihA5X1fBWwQq3N_xTfnYJdFe5Cjn4W1rOWyXutswEHn-fjFpYzuGQ-G0 |
|
www.change.org/ | Name: _hjIncludedInSessionSample Value: 0 |
|
.change.org/ | Name: _hjTLDTest Value: 1 |
|
.change.org/ | Name: _gat Value: 1 |
|
.change.org/ | Name: _hjid Value: 47f74405-6186-4089-940c-1953b05f1875 |
|
.change.org/ | Name: _ga Value: GA1.2.70024561.1599481026 |
|
.change.org/ | Name: _uetvid Value: dc75f97d5e66425bf76ea3743bb0be99 |
|
.change.org/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.change.org/ | Name: _fbp Value: fb.1.1599481026640.1227404989 |
|
.change.org/ | Name: _uetsid Value: 9faee46950e680f65995ab927dc76512 |
|
.change.org/ | Name: __cf_bm Value: 8fcadb18dd71655ff6ca29b550d7d94eb7e84399-1599481024-1800-AUsjnG14jw7suHLua26R/Uv0tYzxlTKECeSgZul02VbZfHikxOEXz9NVc7whmewCrXzPMqpYiR8EXbNG90pUVS0= |
|
.change.org/ | Name: _pxvid Value: 0add8774-f104-11ea-b1bf-0242ac120009 |
|
.www.change.org/ | Name: G_ENABLED_IDPS Value: google |
|
.change.org/ | Name: __cfduid Value: deb37ce27ca31b99b5fd2c1e35f2737fe1599481023 |
|
.change.org/ | Name: optimizelyEndUserId Value: oeu1599481025282r0.7157169826403798 |
|
.change.org/ | Name: _gid Value: GA1.2.969187285.1599481026 |
|
.change.org/ | Name: _gcl_au Value: 1.1.1526448297.1599481025 |
|
.change.org/ | Name: __cfruid Value: 2bfa89075b42097f324d9af419e91866c7c2e619-1599481024 |
|
www.change.org/ | Name: _change_session Value: 01f10d35b02712fd0a99c2a883a1ef29 |
|
.change.org/ | Name: invite Value: %7B%22recruiter_id%22%3A1096953883%2C%22requested_at%22%3A%222020-09-07T12%3A17%3A04.148Z%22%7D |
|
www.change.org/ | Name: tracking_data Value: %7B%22current_source%22%3A%22share_petition%22%2C%22current_medium%22%3A%22abi_gmail%22%2C%22current_campaign%22%3A%22address_book%22%2C%22current_term%22%3A%22psf_combo_share_message%22%2C%22user_uuid%22%3A%220a285500-f104-11ea-8bc6-bb13f6f7d691%22%7D |
|
.change.org/ | Name: _px3 Value: e07b652be03aa529be418fc4f0823d477df71e1007e1d1948d4c0c727bfdfc4b:hftqLQ1XlAJhJ8TThujTSDSURP6uR603mP8K+pFlZACYKRxbzb8lEyY9tziouOYeh0uCKChy8915BZhpr1ftpg==:1000:wU4a+IuTohgkURhl0QPgkGxcCYuS50NdCxVJXO/E+Wf6wnoAiJteBVPEptMrUHwlX38cgMA/jVyN8HywTqV5ZuUd5vAEBwN81nj0Ezu8yYNFTyyDAGHCJEXW3vw3amrrwrvenvK6y+pB1Pf2yV7UXt3KHwyQs1wJA/B6JqSNnRQ= |
|
www.change.org/ | Name: _change_lang Value: %7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22SE%22%7D |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.recaptcha.net https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://*.ads-twitter.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://px-cdn.net https://*.px-cloud.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://p2a.co https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com https://*.voteamerica.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://*.px-client.net https://*.px-cloud.net https://pxchk.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://api.stripe.com https://api.soundcloud.com https://api.airbrake.io https://www.voteamerica.com; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com https://*.hotjar.com https://*.hotjar.io; img-src * blob: data:; form-action 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a11391265293.cdn.optimizely.com
accounts.google.com
analytics.twitter.com
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.optimizely.com
cdn3.optimizely.com
chng.it
collector-pxnslc0hv5.px-cloud.net
connect.facebook.net
googleads.g.doubleclick.net
logx.optimizely.com
script.hotjar.com
static.ads-twitter.com
static.change.org
static.hotjar.com
stats.g.doubleclick.net
t.co
vars.hotjar.com
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.17.88.51
104.244.42.133
104.244.42.195
147.75.33.131
151.101.112.157
172.217.22.2
184.30.223.23
23.8.4.210
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:809::200d
2a00:1450:4001:80b::2004
2a00:1450:4001:817::2002
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2008
2a00:1450:4001:821::2003
2a00:1450:400c:c0c::9a
2a02:26f0:eb:388::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.169.132.251
35.186.220.184
52.218.233.50
092f3201317b7ef608f6a899d395d36cffcca4d6824f00bc50120e84341c76f2
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0a0133cfb0058a048db8bde46f1efef457c5507f60fb543f6de1e4af2706775b
0ae8cbda3ab5fcfa112b37eae44daac5cead01f473aadcf37c2d93536c935d93
0b0abc92d5b255db2884928e626ee80408af79a81b0da921910a9effb04e77e7
0ba16d49ab8e0fb2a95e4eaff51221dbac29425f125b04e52b77e57631530394
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c3d55ebee5b5123a5495711b0c7921f208b6ae3807cc15f2c6014011a01655c
1dc7751ab45c9611dd80a46176b1a49e7dbd56e5931e91e6b9372a3017861e53
1f46c9cb4df42d29d60a0a973494a815a4bee5b75be6d452d1a7117a27653fb2
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
2689b7986cdb67cc7c523b09f2d3e4851938aea6315ef686c4b4e3789c6d2102
31b921326acd3710a7fa4520c750c02a372d018d69ac1254e2ba60b12ff7c6c7
395285621bdb4246b78bbefe9b64e63d60f643a99484c6fc4ab50fc45f8d191e
3c27e67dedd05355fb90b9784fca66e08e1d90529ad34aeb3a4fca756621c3b6
3c2f4d116b281a557edcc542272df93fc765bbc38b5f052e15caeaa0e3e9bc24
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449ec3111bc4ec891256341c827592ae8a5f56a0c30c435c165b80d4ce44b065
4aae59a21dedc9029f353c3ae6c2e4bf2114c15b02ea0f53c4d9bd23a9bdaf3e
4b5f6652e7052be82aec2a00d626c90424fd40bf51f68a41175578a84737b2f2
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
56f4e1147a95a6568f30ef44765f3898813f08349648acf13df0d70943cbe7b6
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
5d83183fa87219032945d40a7859ad2861f2e4c73ca4ec087ab33250f5e0569c
6b960a046b27829f267f70ebeec6e685e7e5c777318d66c05af452106d743bea
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
755c2d5d5698c9d7dde453fe6fcd5ba4ba2581310d7e83cd4dc02ae260c18444
771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cb11031d8ff3bde0c9add458111eddff9e8a74326180111262fe82a8f44f61
8b401dcbf717226d76e0b1f470e75c100a336fa4cd6770d8bec471596ef96299
8bd271f95d40e11b770cc5a5fdedf9cdcdabd956de0fca7f3cea3d9d56235097
8f589cba483e0df283cb5eb7595529cf069ae9f7e5e380bc83526fcae2a973c2
937bcce87aa2af2c8d6bffb8568116ece776ff7b275ec37f11c31dfd02125b36
962490036f77d4e4f38644d81114ef17a8e5c39b2e2813ee4e6b93f8966b5b85
9751488c66a1e83fa4896ad47157d252a3703f4a5c4a6b7fb6430fe16c01ca62
9e512ddb64c00cfe1460cd4229a2a009c2f7342f5819d5750a77e51ed49902a8
abf1806b8251496ae2cd484ec8223327d91b421a18dd318683ff0906007af532
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b16bec9ff8f02bc0bac8b477c2233626845aa1473c743ce3344249be3ad054c7
b7f50bd7195d1f45e8b63f8d6444dad5ad83d1f3510e0fb56c17617b480b232e
be818e6fb8d6dabe5613619246bb755666a20783e0f3069ea7420f95d6aa7e74
c4fd1678418f8a3278087e98f8c8c3bf0bab09ec07f170089b670d49649b33b3
c65010cc3bc933f2b78e90d5d2a2484c4467a92752b2aa79f4a6e0d35a924218
c9a1afa2e1939e6dd845c08c79828b539f49614e0031a0bf762c315ea76c7e73
cdf379f03fb1def6543a61f0d1fb32dfae87274e462e4a611711be3317cb62c9
cfdbdc02160ceaf7888e696c2d92b6439c22afe28f64ad4e7fc5c96204b634f0
d569cf8f9104844d26dd7fd81a932fbfc56c11a8fc6fd7c77683f65371f7a1e7
d8616222338739d023fbcf7eb2419508b653bcad93bc99026f69a8b1d04f707e
d87dad023927b95af84963c00068dbb864b1ceae8156bc11152a583dee246a83
da1b9be1dc2fecaa5ad2769b269c05fd65f5bcb98eb364ec26cd25f079f0b886
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa95f9851f010441bc15560e00893c096b055aa5e062d0a0d62ee3f962b45187
fd4312012b9102ee73d068051401d91a77f98288b733baa4ce4ca17a35a507a1