www.change.org
Open in
urlscan Pro
104.17.89.51
Public Scan
Effective URL: https://www.change.org/p/free-the-commerford-elephants-send-beulah-karen-and-minnie-to-sanctuary?recruiter=91072807&utm...
Submission: On September 29 via api from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2020. Valid for: a year.
This is the only time www.change.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: s3-website-us-west-2.amazonaws.com
chng.it |
ASN13335 (CLOUDFLARENET, US)
www.change.org | |
assets-fe.change.org | |
assets.change.org |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com
collector-pxnslc0hv5.px-cloud.net |
ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f2.1e100.net
www.googleadservices.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15
static.hotjar.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-84-31.deploy.static.akamaitechnologies.com
cdn3.optimizely.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-223-23.deploy.static.akamaitechnologies.com
a11391265293.cdn.optimizely.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9
script.hotjar.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress2
vars.hotjar.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-166-191.compute-1.amazonaws.com
logx.optimizely.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
43 |
change.org
www.change.org static.change.org assets-fe.change.org assets.change.org |
3 MB |
5 |
google.com
apis.google.com www.google.com accounts.google.com |
54 KB |
5 |
optimizely.com
cdn.optimizely.com cdn3.optimizely.com a11391265293.cdn.optimizely.com logx.optimizely.com |
196 KB |
4 |
facebook.net
connect.facebook.net |
229 KB |
3 |
facebook.com
www.facebook.com |
309 B |
3 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com |
81 KB |
2 |
google.de
www.google.de |
213 B |
2 |
doubleclick.net
googleads.g.doubleclick.net stats.g.doubleclick.net |
1 KB |
2 |
bing.com
bat.bing.com |
8 KB |
2 |
px-cloud.net
collector-pxnslc0hv5.px-cloud.net |
1 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
1 |
twitter.com
analytics.twitter.com |
653 B |
1 |
t.co
t.co |
448 B |
1 |
ads-twitter.com
static.ads-twitter.com |
2 KB |
1 |
googleadservices.com
www.googleadservices.com |
11 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
52 KB |
1 |
chng.it
1 redirects
chng.it |
586 B |
78 | 17 |
Domain | Requested by | |
---|---|---|
22 | assets.change.org |
www.change.org
|
12 | www.change.org |
www.change.org
assets-fe.change.org |
6 | assets-fe.change.org |
www.change.org
assets-fe.change.org |
4 | connect.facebook.net |
www.change.org
assets-fe.change.org connect.facebook.net |
3 | www.facebook.com |
www.change.org
assets-fe.change.org connect.facebook.net |
3 | static.change.org |
www.change.org
|
2 | logx.optimizely.com |
assets-fe.change.org
|
2 | www.google.de |
www.change.org
|
2 | www.google.com |
www.change.org
|
2 | apis.google.com |
assets-fe.change.org
apis.google.com |
2 | bat.bing.com |
www.change.org
|
2 | collector-pxnslc0hv5.px-cloud.net |
www.change.org
assets-fe.change.org |
2 | www.google-analytics.com |
www.change.org
assets-fe.change.org |
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | accounts.google.com |
apis.google.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | stats.g.doubleclick.net |
assets-fe.change.org
|
1 | t.co |
www.change.org
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | a11391265293.cdn.optimizely.com |
cdn.optimizely.com
|
1 | cdn3.optimizely.com |
cdn.optimizely.com
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.change.org
|
1 | cdn.optimizely.com |
www.change.org
|
1 | chng.it | 1 redirects |
78 | 28 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.changeverein.org |
www.nonhumanrights.org |
www.pawsweb.org |
www.njherald.com |
www.mediapeta.com |
www.yelp.com |
changeverein.org |
help.change.org |
twitter.com |
www.facebook.com |
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-16 - 2021-08-16 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
cdn.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.px-cloud.net Let's Encrypt Authority X3 |
2020-08-16 - 2020-11-14 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-08-16 - 2020-11-14 |
3 months | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2020-08-14 - 2021-08-19 |
a year | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.cdn.optimizely.com GeoTrust RSA CA 2018 |
2020-03-05 - 2021-06-04 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-09-11 - 2020-12-10 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-08-17 - 2020-11-15 |
3 months | crt.sh |
*.apis.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-08-15 - 2020-11-13 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
accounts.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
logx.optimizely.com Amazon |
2020-09-21 - 2021-10-21 |
a year | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.change.org/p/free-the-commerford-elephants-send-beulah-karen-and-minnie-to-sanctuary?recruiter=91072807&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book.pacific_email_copy_en_gb_4.v1.pacific_email_copy_en_us_3.control.pacific_email_copy_en_us_5.v1.pacific_post_sap_share_gmail_abi.control&utm_term=464086
Frame ID: AAFCC2914674815AEF76B2A98681E88E
Requests: 76 HTTP requests in this frame
Frame:
https://a11391265293.cdn.optimizely.com/client_storage/a11391265293.html
Frame ID: CE190EBF532A3C020FBA60005311C7AC
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 4B02E7386828C5D899C7A1AA59105E34
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: 526949C7C10144DEDF954B8D0DC7AD42
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://chng.it/CRn7BkDhDq
HTTP 301
https://www.change.org/p/free-the-commerford-elephants-send-beulah-karen-and-minnie-to-sanctuary?re... Page URL
Detected technologies
React (JavaScript Frameworks) ExpandDetected patterns
- html /<[^>]+data-react/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Optimizely (Analytics) Expand
Detected patterns
- script /optimizely\.com.*\.js/i
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: Förder*in werden
Search URL Search Domain Scan URL
Title: Nonhuman Rights Project
Search URL Search Domain Scan URL
Title: Performing Animal Welfare Society
Search URL Search Domain Scan URL
Title: power-washed
Search URL Search Domain Scan URL
Title: 2006 incident
Search URL Search Domain Scan URL
Title: describe
Search URL Search Domain Scan URL
Title: Ãœber Change.org
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Title: Wirkung
Search URL Search Domain Scan URL
Title: Karriere
Search URL Search Domain Scan URL
Title: Verein
Search URL Search Domain Scan URL
Title: Presse
Search URL Search Domain Scan URL
Title: Hilfe
Search URL Search Domain Scan URL
Title: Anleitungen
Search URL Search Domain Scan URL
Title: NetzDG Bericht
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://chng.it/CRn7BkDhDq
HTTP 301
https://www.change.org/p/free-the-commerford-elephants-send-beulah-karen-and-minnie-to-sanctuary?recruiter=91072807&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book.pacific_email_copy_en_gb_4.v1.pacific_email_copy_en_us_3.control.pacific_email_copy_en_us_5.v1.pacific_post_sap_share_gmail_abi.control&utm_term=464086 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
78 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
free-the-commerford-elephants-send-beulah-karen-and-minnie-to-sanctuary
www.change.org/p/ Redirect Chain
|
143 KB 44 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Regular.woff2
static.change.org/fonts/ |
30 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Bold.woff2
static.change.org/fonts/ |
31 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendr-xlAQzDvJM_K3jpDV0qJITERnqSdSsqp59Kbg01qSQhg.css
assets-fe.change.org/fe/css/ |
167 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11391265293.js
cdn.optimizely.com/js/ |
1 MB 195 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IrNNPmFYgToQNuT-800x450-noPad.jpg
assets.change.org/photos/7/nn/pm/ |
99 KB 100 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cZPMzmibnlEnmOv-128x128-noPad.jpg
assets.change.org/photos/9/pm/zm/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
164 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontFaceObserverChunk-178abdcdd5cda3b09d2f.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
petitionsEntryChunk-5e0e2afeb69e1880f065.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
2 MB 474 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.js
www.change.org/NsLC0Hv5/ |
94 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
654 B 875 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
29 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1693228.js
static.hotjar.com/c/ |
169 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geo2.js
cdn3.optimizely.com/js/ |
293 B 700 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a11391265293.html
a11391265293.cdn.optimizely.com/client_storage/ Frame CE19 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f760510533a04b286d71885484801be8_dd12d9a5c737f431ddd4bdd1dfaa581cb25f989a
www.change.org/api-proxy/-/translations/de-DE/ |
379 KB 108 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
135 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 171 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.27ecd5bf525eb04f5bd9.js
script.hotjar.com/ |
360 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
4 B 67 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/de_DE/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
49 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
81 B 381 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
5 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
16 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
updatesAndCommentsChunk-05e0542c206d110e58f6.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
25 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
changeAssets-89e0ebf69b14d067c9bf.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
5 MB 1 MB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suggestedPetitionsChunk-b18ec2cc9111c21541ed.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 448 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 87 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 4B02 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1081902691834097
connect.facebook.net/signals/config/ |
524 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/991363857/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/991363857/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/de_DE/ |
201 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.rMJI4WR09CY.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCPRb_B1g8z3qIwl7l27GWLe47nxIA/ |
102 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
7 KB 4 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
1 KB 777 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
74 KB 26 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 256 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame 5269 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 285 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 139 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 140 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
366 B 431 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UPqoUpLJMxKyuZR-48x48-noPad.jpg
assets.change.org/photos/5/qo/up/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LAaHdWvPzYCCVbG-800x450-noPad.jpg
assets.change.org/photos/1/ah/dw/ |
92 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cZPMzmibnlEnmOv-48x48-noPad.jpg
assets.change.org/photos/9/pm/zm/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DECuPTPZJQBhDpp-48x48-noPad.jpg
assets.change.org/photos/7/cu/pt/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gStbEZyVmkPzfmQ-48x48-noPad.jpg
assets.change.org/photos/6/tb/ez/ |
450 B 751 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VVFeFXRZQSjKVNW-400x225-noPad.jpg
assets.change.org/photos/2/fe/fx/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IJhBgkQQoCbYdQU-400x225-noPad.jpg
assets.change.org/photos/7/hb/gk/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HFkPzKVgfwlpbBN-400x225-noPad.jpg
assets.change.org/photos/2/kp/zk/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IwAkdzxGiSMlgby-400x225-noPad.jpg
assets.change.org/photos/2/ak/dz/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GYZPFzMkVTlmRRR-400x225-noPad.jpg
assets.change.org/photos/0/zp/fz/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cMSjwHNzfZjktXb-400x225-noPad.jpg
assets.change.org/photos/6/sj/wh/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OesayziPqejOQyT-400x225-noPad.jpg
assets.change.org/photos/0/sa/yz/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XWWjGJcWdGQFwCc-400x225-noPad.jpg
assets.change.org/photos/5/wj/gj/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MjJpXdTusOQVlZc-400x225-noPad.jpg
assets.change.org/photos/3/jp/xd/ |
16 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JkyfrSqrFjMnPEX-400x225-noPad.jpg
assets.change.org/photos/1/yf/rs/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hztmJVeoMTIzebJ-400x225-noPad.jpg
assets.change.org/photos/6/tm/jv/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BpXANsDvcXcWuIG-400x225-noPad.jpg
assets.change.org/photos/8/xa/ns/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GAKysFstaFhOtba-400x225-noPad.jpg
assets.change.org/photos/6/ky/sf/ |
19 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lBXdbQtqFKuFCnY-400x225-noPad.jpg
assets.change.org/photos/4/xd/bq/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JpjlchOfcrvkGDd-400x225-noPad.jpg
assets.change.org/photos/6/jl/ch/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ |
0 53 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 653 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
52 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| changeTargetingData object| dataLayer string| _pxAppId string| _pxSelectedLocale object| webpackJsonp function| FontFaceObserver object| google_tag_data function| ga object| gaplugins object| PXNsLC0Hv5 object| PX undefined| _NsLC0Hv5handler function| postscribe object| google_tag_manager function| hj object| _hjSettings function| twq object| uetq undefined| _ object| optimizely function| setImmediate function| clearImmediate object| regeneratorRuntime object| airbrake object| __APOLLO_CLIENT__ object| recaptchaOptions function| trackEvent function| setOverrideVariation function| _sov function| FuzzySet function| fbq function| _fbq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| twttr function| UET object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| gaGlobal object| gaData function| fbAsyncInit object| __consolidated_events_handlers__ string| _pxParam1 object| FB object| gapi object| ___jsl object| gadgets object| osapi object| oauth222 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.com/ | Name: NID Value: 204=0F_Qo2dKgSrlDH8eZ4XyxtdwawIjAHRI5W3mdTJRPV3Wvo1_pBLGI5_W9xxgCSCQAJI42xhvejWG8oNWpXItpwAuH2AtbWko-hP5uoeKln8MC0k3ykZLXDzZlXhJoJegnDNneIUWa_xeSBJsZ92G_39GQpOaun28zdO47ZZiunA |
|
www.change.org/ | Name: _hjIncludedInSessionSample Value: 0 |
|
.change.org/ | Name: _hjTLDTest Value: 1 |
|
.change.org/ | Name: _gat Value: 1 |
|
.change.org/ | Name: _hjid Value: 7cb47886-ffc1-4629-9e78-d46c6947a292 |
|
.change.org/ | Name: _ga Value: GA1.2.563827668.1601398891 |
|
.change.org/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.change.org/ | Name: _fbp Value: fb.1.1601398891725.510496770 |
|
.change.org/ | Name: _uetsid Value: 45322659256dbb0d25991f7524b0d62f |
|
.change.org/ | Name: __cf_bm Value: cfab2bb06b3c03bd32bb6a2270aa1598c704d7b4-1601398890-1800-AU99SCYftYrCOWLEfgAi/S8QNnw+i9FPD5oU6BFfw9mezqjHxr4jWnjAHHhacswOpjjSmAW+cuFgn4IsAxKN9v4= |
|
.change.org/ | Name: _pxvid Value: 6bdbf48a-0275-11eb-aaad-0242ac120002 |
|
.www.change.org/ | Name: G_ENABLED_IDPS Value: google |
|
.change.org/ | Name: __cfduid Value: d1c292a5c4818a62e009a4d8eb3f832f31601398890 |
|
.change.org/ | Name: optimizelyEndUserId Value: oeu1601398890964r0.6864397708719885 |
|
.change.org/ | Name: _gid Value: GA1.2.1386420727.1601398891 |
|
.change.org/ | Name: _gcl_au Value: 1.1.493413459.1601398891 |
|
.change.org/ | Name: _uetvid Value: 4dc6fd4af7f090e4553f0cda9d1db48e |
|
.change.org/ | Name: __cfruid Value: f15ad99e35376b60a00de84827111e1c98b29dc2-1601398890 |
|
.change.org/ | Name: invite Value: %7B%22recruiter_id%22%3A91072807%2C%22requested_at%22%3A%222020-09-29T17%3A01%3A30.324Z%22%7D |
|
www.change.org/ | Name: _change_session Value: d0797dd39b41b8eb94f4833f76e4dfaf |
|
.change.org/ | Name: _px3 Value: 2e59fb2c9fe7a89842c2d27bfc946db85492ac805a4db9b33902f92750bb428d:vHKC4RLi9+cYKwvLClyAEk+8ZnfsH28I63uNGhtElDDS+Kwc4cz/VXZSVu6W9BGsOQ3d1MJ2hzvMj0tPuUSRHQ==:1000:JkGqp+HCzBi6uptuv3xnM+NgjDpYbbc01ipiybuBijNRCOTOpagG4tmxTh+MJMLHE6JkESmqDT0DlI3z75+gDawJ1/x6PJOYpZZLv08I5LLYjISgufKTgrNJ+VSvAD4Kys4hx+BOWW/lPRiS5FtbPgHKTdvrTbbQ38SfIzVyQy0= |
|
www.change.org/ | Name: _change_lang Value: %7B%22locale%22%3A%22de-DE%22%2C%22countryCode%22%3A%22DE%22%7D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.recaptcha.net https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://*.ads-twitter.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://px-cdn.net https://*.px-cloud.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://p2a.co https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com https://*.voteamerica.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://*.px-client.net https://*.px-cloud.net https://pxchk.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://api.stripe.com https://api.soundcloud.com https://api.airbrake.io https://www.voteamerica.com; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com https://*.hotjar.com https://*.hotjar.io; img-src * blob: data:; form-action 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a11391265293.cdn.optimizely.com
accounts.google.com
analytics.twitter.com
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.optimizely.com
cdn3.optimizely.com
chng.it
collector-pxnslc0hv5.px-cloud.net
connect.facebook.net
googleads.g.doubleclick.net
logx.optimizely.com
script.hotjar.com
static.ads-twitter.com
static.change.org
static.hotjar.com
stats.g.doubleclick.net
t.co
vars.hotjar.com
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.17.88.51
104.17.89.51
104.244.42.195
104.244.42.5
147.75.100.245
147.75.102.203
147.75.33.131
151.101.112.157
172.217.22.66
184.30.223.23
184.31.84.31
2620:1ec:c11::200
2a00:1450:4001:803::200d
2a00:1450:4001:809::2003
2a00:1450:4001:809::2008
2a00:1450:4001:814::200e
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:825::2004
2a00:1450:400c:c0c::9c
2a02:26f0:eb:383::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.186.220.184
52.218.184.2
54.227.166.191
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
09d8c394d34145c234494be8f445063a4ba21d9340a204453a3b391c33c7e007
0fe59fc81179fc0636cfd4db8a7e55a76c8c78c3e8bdb24e5987c8a027653fc0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13f0d018f385022a782bb89738563677e0822196be3c4dd549f5b4b74a2c56d2
157e1d4f9af6f93c7b2beb3492fea51f1834d0ebf879dc070fa1c9e0f7fcf8a0
167f176ddd3a4655ded12dbb3d89a023622c60fd33f675bc476479a44ec556e8
184515e8d75e8f336e4eb0c8b624cedbcf83b778deb3790e8b7769b290cb75f7
1ab4403b62544ba9c55552e5d1ef7cc66823d96fa570ca9e8e87eb70546faf73
2644575348eff1daeb338dbc1d08133002c5c1dcd0ebfba67b82dbfc2420e513
27616b69744fa7f41a0875c255d8a00f4b7e6a05d8b4a2f7fb242c1391bb1fd7
29eb44f0cf9b382213e855760eb4a49ffeca70812afe1d32ec2ace80586b6bb8
310af196a3d85c564b4e401a74359456cb30f06a0943be98496283f2fe5018b5
395285621bdb4246b78bbefe9b64e63d60f643a99484c6fc4ab50fc45f8d191e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45f04c6165d2ed65cd35d27953101851d712a857d043a3e49daedec68f8e65ce
49f5ef0622aa41208409e463886d0b7593175ad4a4e69ca2fdb5ed90cf5d6434
4bcbe40c78464f4aa254f70c15ca85486916e9a3278ca03b497d517c31d6f582
4e30fcaeaea5f57cf30e39125c927076184315a23fc4cf0ebf2647bd69f0b485
4f095bbe774fcde4b3d3031bb060774f4d4445d029e14ae3f76f82126682a75a
506fada47414bc74415b1fb5747e356c80ee071a2b3a4b2447edb236062f27cc
5089f000a5830ee964a9ab280d58617963c2528c90e7768f6ced3e957805158f
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
56410e6ddf119ec0df9539a78274f2d1221713b13d99072255da6c047e897c88
57c6ebd6db6a2063741662ca1f6bf743226b08873b19cf64e96cab1865b647ab
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
616886745384dbeac865a770c720ffc7e6bb67b1d05cecdf3115344af69a5d49
639b54d9b91b8b284848fd1730c4d08262dc5fe9aa69d19dcd8b4b2133cf5208
63f878a7a96bb92b87c8cce5382fffa5301986a658b33be1cdca62b3ff361c87
6621cefd96d7e04cb83edbc8679c846ca6ef8ec6fcc552e8a26c4fb824b55a9e
692988e93dc0feb8750fd2d3a4dd3f14a9bff53cf72e6436b82985f572b44d01
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
6ccfd6cef0c7217c4dd1cfcc9fe647d77dc24da71635b0d11d60ad497c2e7bbd
730f74d15ea90d12494286e6bba3a8e041b2aeb7c3170061b1987a0d92a5706e
763aaa9b795f8150ebaabd4c8e9fd6efa2959a61400709b817fc3b4040e8dfe7
771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1
7b4b192d4bdc946062175f9f166b33ff7466140616a2e7d224f0fa2b73c26f4d
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
84850785f800809da3498252d8de18dfe2d9206141483a7b5699b4d6a4696061
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cb11031d8ff3bde0c9add458111eddff9e8a74326180111262fe82a8f44f61
85d82b4b8be1231a21d7115ae39d38e454f8f4ed87248e26fb06f19f41efcb34
91dea834920bb9a7070b0b7143de6819c85c77c1f1142ffd48deac7a19897e92
92583e61343f9f3e6333ea90302f3cadafe3b820dfef37070f67fbcbb9d9af6c
96ef69c5f01d380dd3a50e38a9aa0593cb1507f40c5c8c9097c21e108eabeb2f
9fb7fec1dcf60dc00a9a4a6933f00122186508f789c79a1e9464c3e9eea78696
a5a8ce7c9fe8c41953b78ff8950af6325c58bdc97d784e33dc04c4f9920328e9
aae11b0cd75819757206b160aa77db3c0cd601f796f3e9e131770d2d51c8aa66
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aeb4e41c32f5c571004efbe4c85399385f37470c6de366a0bdf14def4ecdd36d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b7f50bd7195d1f45e8b63f8d6444dad5ad83d1f3510e0fb56c17617b480b232e
baf14045e973a69f4814b64731d58c380e2ce4c5bfb420bbc741a18c25e8847f
bfe8b65801f75790ad3ad9ef5fc29116e36b7dd5875b3e1fdf80cea1d4793e71
c65010cc3bc933f2b78e90d5d2a2484c4467a92752b2aa79f4a6e0d35a924218
cccf27ba9d4617150543252752df753992cf7919d341c0a772612b147e2d639d
cd0dd5ab6ba323a3fcd2c65b0c0428338b33c4e64418bc3e2d67c7ec8764e312
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec2331f348286f9c822f0f49b73c628fa31c34c9459355b38ab8cd1dc02414ad
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42179b4cec4dbd67bc1a6d03eb342f63ffb98910609c48bbcb25eab05d960ce
f589dffaca01a8e0fe8eb176e73fbd9f253d1f79227cca537326ac39720ffb1a
f928f4b71a55f593fafb6418c07df515322886790e2a36d830f8f6e4e0fc1efb