www.change.org
Open in
urlscan Pro
104.17.88.51
Public Scan
Effective URL: https://www.change.org/p/sergio-mattarella-libert%C3%A0-per-carola-rackete?recruiter=934431754&utm_source=share_petitio...
Submission Tags: falconsandbox
Submission: On October 30 via api from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2020. Valid for: a year.
This is the only time www.change.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
www.change.org | |
assets-fe.change.org | |
assets.change.org |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-58-15.deploy.static.akamaitechnologies.com
cdn3.optimizely.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-108-68-187.deploy.static.akamaitechnologies.com
a11391265293.cdn.optimizely.com |
ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com
collector-pxnslc0hv5.px-cloud.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
www.googleadservices.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-8-47.compute-1.amazonaws.com
logx.optimizely.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Domain | Requested by | |
---|---|---|
17 | www.change.org |
www.change.org
assets-fe.change.org |
13 | assets.change.org |
www.change.org
|
4 | www.facebook.com |
assets-fe.change.org
www.change.org |
4 | connect.facebook.net |
assets-fe.change.org
connect.facebook.net www.change.org |
4 | maps.googleapis.com |
assets-fe.change.org
maps.googleapis.com |
3 | static.change.org |
www.change.org
assets-fe.change.org |
2 | logx.optimizely.com |
assets-fe.change.org
|
2 | bat.bing.com |
www.change.org
|
2 | www.google.de |
www.change.org
|
2 | www.google.com |
www.change.org
|
2 | collector-pxnslc0hv5.px-cloud.net |
assets-fe.change.org
|
2 | apis.google.com |
assets-fe.change.org
apis.google.com |
2 | www.google-analytics.com |
www.change.org
assets-fe.change.org |
2 | assets-fe.change.org |
www.change.org
|
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | t.co |
www.change.org
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | public.profitwell.com |
www.change.org
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | accounts.google.com |
apis.google.com
|
1 | www.googletagmanager.com |
assets-fe.change.org
|
1 | stats.g.doubleclick.net |
assets-fe.change.org
|
1 | a11391265293.cdn.optimizely.com |
cdn.optimizely.com
|
1 | cdn3.optimizely.com |
cdn.optimizely.com
|
1 | s3.amazonaws.com |
www.change.org
|
1 | cdn.optimizely.com |
www.change.org
|
1 | chng.it | 1 redirects |
77 | 31 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.change.org |
guide.change.org |
twitter.com |
www.facebook.com |
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-16 - 2021-08-16 |
a year | crt.sh |
cdn.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2020-08-04 - 2021-08-09 |
a year | crt.sh |
*.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.cdn.optimizely.com GeoTrust RSA CA 2018 |
2020-03-05 - 2021-06-04 |
a year | crt.sh |
*.apis.google.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.px-cloud.net Let's Encrypt Authority X3 |
2020-10-27 - 2021-01-25 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-09-11 - 2020-12-10 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
accounts.google.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.hotjar.com Amazon |
2020-01-22 - 2021-02-22 |
a year | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2020-08-14 - 2021-08-19 |
a year | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2020-10-27 - 2021-04-27 |
6 months | crt.sh |
*.profitwell.com Amazon |
2020-08-31 - 2021-09-30 |
a year | crt.sh |
logx.optimizely.com Amazon |
2020-09-21 - 2021-10-21 |
a year | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
*.google.de GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.change.org/p/sergio-mattarella-libert%C3%A0-per-carola-rackete?recruiter=934431754&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=ccee6dfc9bed4b358fa35fe801acd441&recruited_by_id=8e5fcf50-2910-11e9-9da0-1d224e1d1568
Frame ID: 44ABEE436DE21760A020079088B22F5F
Requests: 75 HTTP requests in this frame
Frame:
https://a11391265293.cdn.optimizely.com/client_storage/a11391265293.html
Frame ID: 22C72C2E975614EBAD3A408DA3835AC2
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: 9A4967C1706E28F8B8190C7CE30BCA1F
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: D6C8DCE1170BCCF05F21FE8301594CCA
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://chng.it/pnPtSBS62L
HTTP 301
https://www.change.org/p/sergio-mattarella-libert%C3%A0-per-carola-rackete?recruiter=934431754&utm_... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Help
Search URL Search Domain Scan URL
Title: Guides
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://chng.it/pnPtSBS62L
HTTP 301
https://www.change.org/p/sergio-mattarella-libert%C3%A0-per-carola-rackete?recruiter=934431754&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=ccee6dfc9bed4b358fa35fe801acd441&recruited_by_id=8e5fcf50-2910-11e9-9da0-1d224e1d1568 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
77 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
sergio-mattarella-libert%C3%A0-per-carola-rackete
www.change.org/p/ Redirect Chain
|
202 KB 55 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11391265293.js
cdn.optimizely.com/js/ |
1 MB 207 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendr-xCY47Tukw1Rdo7x2YTOG4lXfpQp2mYdIgTJnxk-333U.css
assets-fe.change.org/fe/css/ |
167 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
changeAssets-e39cab6e45de17eec811.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
5 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f7a3e0496cdb35f032bcac0b26f5944_9501f31a63347c661a025cf97d60154dff190f09.js
www.change.org/api-proxy/-/locale_data/rendr-fe/en-US/ |
611 KB 153 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Icon_google.png
s3.amazonaws.com/change-assets/iconography/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FjrDTTSunShKEei-800x450-noPad.jpg
assets.change.org/photos/6/rd/tt/ |
240 KB 241 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geo2.js
cdn3.optimizely.com/js/ |
290 B 697 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.js
www.change.org/NsLC0Hv5/ |
92 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FjrDTTSunShKEei-400x225-noPad.jpg
assets.change.org/photos/6/rd/tt/ |
463 KB 463 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a11391265293.html
a11391265293.cdn.optimizely.com/client_storage/ Frame 22C7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie_prefs
www.change.org/api-proxy/-/ |
78 B 372 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Regular.woff2
static.change.org/fonts/ |
30 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Bold.woff2
static.change.org/fonts/ |
31 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
49 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
125 KB 41 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
654 B 875 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
4 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meta_data
www.change.org/api-proxy/-/petitions/16404391/ |
2 B 156 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responses
www.change.org/api-proxy/-/petitions/16404391/ |
12 B 180 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recent
www.change.org/api-proxy/-/petitions/16404391/updates/ |
223 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
comments
www.change.org/api-proxy/-/ |
44 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US
www.change.org/api-proxy/-/petitions/promoted/ |
94 KB 22 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 140 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 310 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 243 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 140 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
store
www.change.org/api-proxy/-/longlinks/ |
70 B 267 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
store
www.change.org/api-proxy/-/longlinks/ |
70 B 255 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 88 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ |
102 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
168 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
195 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame 9A49 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
30 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1693228.js
static.hotjar.com/c/ |
75 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
88 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
profitwell.js
public.profitwell.com/js/ |
46 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1081902691834097
connect.facebook.net/signals/config/ |
234 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 93 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.8831d20acac5f9d5fa63.js
script.hotjar.com/ |
361 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 449 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 236 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/991363857/ |
42 B 519 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/991363857/ |
42 B 519 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame D6C8 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
66 B 210 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HVmqAGnrqlkNiVd-400x400-noPad.jpg
assets.change.org/photos/8/mq/ag/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AcEcDcbGdpSoiSS-400x400-noPad.jpg
assets.change.org/photos/4/ec/dc/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
store
www.change.org/api-proxy/-/longlinks/ |
70 B 465 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
store
www.change.org/api-proxy/-/longlinks/ |
70 B 254 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yInvqOihBReQtnM-400x225-noPad.jpg
assets.change.org/photos/4/nv/qo/ |
111 KB 112 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yKHkHKYjKUASuDj-400x225-noPad.jpg
assets.change.org/photos/6/hk/hk/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKQZGRmnMaAjOLB-400x225-noPad.jpg
assets.change.org/photos/5/qz/gr/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VcYGVwNpHMSfjZv-400x225-noPad.jpg
assets.change.org/photos/5/yg/vw/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RfItNRbRXdAjVXO-400x225-noPad.jpg
assets.change.org/photos/4/it/nr/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VYUHwZrmhGEzzYu-400x225-noPad.jpg
assets.change.org/photos/5/uh/wz/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hIvVdZVkSkZEwaJ-400x225-noPad.jpg
assets.change.org/photos/7/vv/dz/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AEPTkLOsUSsJMgW-400x225-noPad.jpg
assets.change.org/photos/4/pt/kl/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RYcrjfGSYMilZHk-400x225-noPad.jpg
assets.change.org/photos/1/cr/jf/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 650 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
common.js
maps.googleapis.com/maps-api-v3/api/js/41/8/ |
78 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
util.js
maps.googleapis.com/maps-api-v3/api/js/41/8/ |
144 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 247 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
68 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| changeTargetingData undefined| _ object| optimizely object| dataLayer string| _pxAppId string| _pxParam1 string| _pxSelectedLocale function| removePreBundleEvents function| setImmediate function| clearImmediate object| Backbone function| particl object| regeneratorRuntime function| $ function| jQuery object| Stickyfill object| TwitterCldr function| localeDataJsonp function| FontFaceObserver function| _sov function| ga object| __APOLLO_CLIENT__ function| __loadGooglePlaces object| airbrake object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| PXNsLC0Hv5 object| PX undefined| _NsLC0Hv5handler object| TwitterCldrDataBundle object| App object| gapi object| ___jsl object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| fbAsyncInit object| FB function| postscribe object| google_tag_manager object| gadgets object| osapi object| oauth2 function| hj object| _hjSettings function| twq function| fbq function| _fbq object| uetq function| profitwell function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| twttr object| _xdc_22 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.com/ | Name: NID Value: 204=uYC24Vfn3nZI6dZLbmZI8gc0fOdUOvz5fTahmYyG5W_vMjfYV1BwJOmXUxfTtZMgAJd32HZz-7W63RydokOToXzE51TbumJhoC_6nrEaCDt5kcNbjZAJ2O1Atj9Yp25CjVzIRUGV4PqdcNdo6-E2t1699Y_EV-4STBxKsoMEpNA |
|
www.change.org/ | Name: _hjIncludedInSessionSample Value: 0 |
|
.change.org/ | Name: _hjTLDTest Value: 1 |
|
.change.org/ | Name: _uetvid Value: 14122b101acb11eb99330db123b3fce2 |
|
.change.org/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.change.org/ | Name: _fbp Value: fb.1.1604074508266.1486548259 |
|
.change.org/ | Name: _uetsid Value: 141229001acb11eba51b9f1619e14935 |
|
.change.org/ | Name: _gat Value: 1 |
|
.change.org/ | Name: _gcl_au Value: 1.1.85771940.1604074508 |
|
.change.org/ | Name: _gid Value: GA1.2.1939363097.1604074508 |
|
.www.change.org/ | Name: G_ENABLED_IDPS Value: google |
|
.change.org/ | Name: __cfduid Value: d4442ac9ff6e5db441ff5b85c50c634371604074506 |
|
.change.org/ | Name: optimizelyEndUserId Value: oeu1604074507122r0.9972416885467585 |
|
.change.org/ | Name: __cfruid Value: afd7256a01f14d9cd0b0d793d3c58bbb8f9e85fd-1604074506 |
|
.change.org/ | Name: _pxvid Value: 13d2a4cb-1acb-11eb-a795-0242ac12000f |
|
.change.org/ | Name: __cf_bm Value: f9f055cf7c94cbdbacb3acd65b568245526e23f9-1604074506-1800-AfKyrteTw/VGIOY9MpBx+gVF/C+On/Ki2pUPUNF0S6b1JcXfSxM5SK/Lfax0EaRymN7EMaTpfD/UPPWEDJQyQy8= |
|
www.change.org/ | Name: _change_lang Value: %7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22BE%22%7D |
|
.change.org/ | Name: _px3 Value: 585ed053065cd69948bbdb4d8f8cd98447ffd7116e285a77f3b88284065a8173:NWWByfe+cH3E+Dr5Dydk6gJGIOiG1Q3QPtiOY6kYGnvfjNz3a6E7kVBY0uGY+H7s+Y8hkxC7zTGYWNEYptaPrg==:1000:r2NILoe1yO8mNwkHsFPjlkLtoYEA45c8uCyFMW54Km/pSBBUhIESO6nAAclaUjGYbPfhZOfYaxUdgRxgMhVORr8AXKjPrMT30sZalvexK1P5Y5wiFDVWShfFsH8sHCt+dQ73F/M9PMoCEFwwgA0pAoZk5COGjl8YIHa7+UryK8g= |
|
.change.org/ | Name: invite Value: %7B%22recruiter_id%22%3A934431754%2C%22requested_at%22%3A%222020-10-30T16%3A15%3A06.677Z%22%7D |
|
www.change.org/ | Name: _change_session Value: a0a964e1becec57b50800e5bbd1d2bed |
|
.change.org/ | Name: _hjid Value: ab8041df-b3e2-4fba-8217-e98aa8fb2eff |
|
.change.org/ | Name: _ga Value: GA1.2.2138133825.1604074508 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.recaptcha.net https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://*.ads-twitter.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://px-cdn.net https://*.px-cloud.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://p2a.co https://public.profitwell.com https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com https://*.voteamerica.com https://*.jotform.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://*.px-client.net https://*.px-cloud.net https://pxchk.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://api.stripe.com https://api.soundcloud.com https://api.airbrake.io https://www.voteamerica.com; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com https://*.hotjar.com https://*.hotjar.io; img-src * blob: data:; form-action 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a11391265293.cdn.optimizely.com
accounts.google.com
analytics.twitter.com
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.optimizely.com
cdn3.optimizely.com
chng.it
collector-pxnslc0hv5.px-cloud.net
connect.facebook.net
googleads.g.doubleclick.net
logx.optimizely.com
maps.googleapis.com
public.profitwell.com
s3.amazonaws.com
script.hotjar.com
static.ads-twitter.com
static.change.org
static.hotjar.com
stats.g.doubleclick.net
t.co
vars.hotjar.com
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.108.58.15
104.108.68.187
104.17.88.51
104.17.89.51
104.244.42.3
104.244.42.5
151.101.112.157
172.217.18.98
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:806::200e
2a00:1450:4001:809::200d
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:816::200e
2a00:1450:4001:817::2003
2a00:1450:4001:817::2004
2a00:1450:4001:821::2004
2a00:1450:400c:c01::9d
2a02:26f0:6c00:2a0::13b8
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.186.220.184
52.216.184.133
52.218.250.178
52.87.8.47
65.9.190.76
65.9.190.79
65.9.190.82
65.9.190.88
0b0abc92d5b255db2884928e626ee80408af79a81b0da921910a9effb04e77e7
0bfb81a6d3e2ed2e0cb381a9f933355ff00e64cd0d80724e83559861cad12711
0cd134ff25fc7427d2d60a0b1e613db41d56faacb9c93e52b278b6e6f55928a8
0e95d92cd0f8941929e4d9cf789cc672b6adc1443b222bf2c41e381741a18b99
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112f93407ca6c16d6ba261908b13a383b0d7e212821007d42888f9813b76c3d4
188fdc057c18b798b5c0fc7e915885f9ad90b1dbda22f487e72e142d45577352
1d9ba4cd3b1912bd891b66a27069bea48724550321d57d35b59a32e73032a979
1f46c9cb4df42d29d60a0a973494a815a4bee5b75be6d452d1a7117a27653fb2
270de5e000a92410f721349312da085989927a20f3e5c63dc0075e99bbc73126
2f22aaf2e8367b02152b442ef28df7084601e0ded40c7d8f7b6f24be66b326fb
2f6b71f9c8d126bcf3d044ba3f5f011c596d9c2ccd3d8610b1a5ae7a5e01a5ad
393c1b295517277034b048689f059f7a5baf3c1aa2ec694e36b7a4a312e90175
3d61f511a1bdc441e3b0e1ce33ead66e051aa0f6e39f6c2e428468a1de6d5496
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
5278914babe760b8b3c3dc4d0800c5458897b99a440f8604b713f4e3fd42ea72
53219a4bfdb59e32e80a49986118148a47ce998532bb10e496a8a1e5c66c1b73
5492238edd1fb205bd25191ab28de451e32fd13ff12738c28c62e8d12a9b80ab
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
5e0a29dc8cabe4d2938807f963869f95e092753e00e61b0a2e8ce84892a7214e
5f38a67f8d1fb9399ba5dbb741392dab54085dc442cc426670b98ba448683995
5ffb75781aece4c072f6bd1e4637c72a657cbf1134bb1f9f35e8a96e8b985703
62366072007f798990579249e25aa69036e64ea4fb77af0ef9398ded6191ee43
641af9b10c3cfbba2946fd04624be8e6a27e34765f0d8ad5c61a0da2b8eb2a00
67ae2b8b231aa80e2555e58af5551f03dc29e6399ce9b9fb552ab361890a51b4
6d719811722cd3ad15c2e3df16397f2537297cda61206962be9c115b2615bc12
6de8bc3b9491c5274251c28e43e7e0495f9e5db184f0feb781b1c9147b488ab8
771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
826008803caf0b3909ae403a82601ea7f1867cb6b040107e769432fcdb191a7e
82b4534de1268aff7a758aee01d86720b085f9cdd7ed4e59eee801d8baf69fb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cb11031d8ff3bde0c9add458111eddff9e8a74326180111262fe82a8f44f61
8e01c06509f0f97f361618399bd7c404fd9549018ce18bda9779d618a75a5477
937bcce87aa2af2c8d6bffb8568116ece776ff7b275ec37f11c31dfd02125b36
a1d217c384616f499a926b8caa8d8cbf706880824a4e67b24287b18b86cea3a8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee55f1d6a13bb89ad87b393b9a3b335ef580e75d08b50e9efb21699da4fe857
b021947ec03d0c870645f362365dd553dc3d596e5531a2801f1387be3c4bb9c9
b14701931e145ec735d777345c0ece29b81ffcd16d3faa1157e66b203422b42a
b16bec9ff8f02bc0bac8b477c2233626845aa1473c743ce3344249be3ad054c7
b28efd661503b5ed3fe564ccf2947cc60897ac0a9a704c0a56556ce349b7305a
bc4f4e6543f6c1ffb921dde82d2e8914eea2142b5553c05b80ce98aa9ad1727b
c1e123c22ea3092e1245bd420f687bffbbf1d3a86e8461fb3385b01bd9b29823
c42638ed3ba4c3545da3bc76613386e255dfa50a76998748813267c64fb7df75
c564509a50ce9ef93a1776a41576d7dd965955bf216655bf76ecd145317bae39
c9a1afa2e1939e6dd845c08c79828b539f49614e0031a0bf762c315ea76c7e73
cfdbdc02160ceaf7888e696c2d92b6439c22afe28f64ad4e7fc5c96204b634f0
d8616222338739d023fbcf7eb2419508b653bcad93bc99026f69a8b1d04f707e
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e464254db4f2e4385ff28663ad41b1af5b7add4a1e0922bd74a99291fb66342c
e6cc5d9267974ea7cee8bdbe146e173753b006b9510d248b76dad817087db6df
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
eef46741adfc3a9f76294d3b78f37a45f113092ac9d44ee77c7a038a88ff09a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effceff46eb84f62e1130dde70bc69d4219502603e03e6a8bb03d54c73a0c4ac
f79ba357bfb7da557e56a236ed0bcbce40296f2dcc6bee2f0e21ea8d303a1ab8
fd6885db85415cf2f1866d1574881f8e3c91ded6941d6550d848b511a253babc