![](/screenshots/a16abf04-28cd-4f7a-99b1-3858272628c0.png)
www.change.org
Open in
urlscan Pro
104.17.89.51
Public Scan
Effective URL: https://www.change.org/p/que-alvarouribevel-se-retire-firmoparaqueuribeseretire?recruiter=24915786&utm_source=share_pet...
Submission: On June 18 via manual from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 31st 2018. Valid for: a year.
This is the only time www.change.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-website-us-west-2.amazonaws.com
chng.it |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.change.org | |
assets-fe.change.org | |
assets.change.org | |
static.change.org |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
static.change.org | |
assets-fe.change.org |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net
www.googleadservices.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net | |
staticxx.facebook.com |
ASN15169 (GOOGLE - Google LLC, US)
apis.google.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN15169 (GOOGLE - Google LLC, US)
accounts.google.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-146-52-112.compute-1.amazonaws.com
errors.client.optimizely.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
43 |
change.org
www.change.org static.change.org assets-fe.change.org assets.change.org |
2 MB |
7 |
google.com
1 redirects
www.google.com apis.google.com accounts.google.com |
54 KB |
5 |
facebook.com
1 redirects
www.facebook.com staticxx.facebook.com |
642 B |
5 |
facebook.net
connect.facebook.net |
138 KB |
3 |
optimizely.com
cdn.optimizely.com errors.client.optimizely.com |
114 KB |
2 |
google.de
www.google.de |
218 B |
2 |
doubleclick.net
1 redirects
stats.g.doubleclick.net googleads.g.doubleclick.net |
1 KB |
2 |
bing.com
bat.bing.com |
7 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
17 KB |
1 |
googleadservices.com
www.googleadservices.com |
9 KB |
1 |
gstatic.com
www.gstatic.com |
92 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
29 KB |
1 |
chng.it
1 redirects
chng.it |
486 B |
70 | 13 |
Domain | Requested by | |
---|---|---|
19 | assets.change.org |
www.change.org
assets-fe.change.org |
12 | www.change.org |
assets-fe.change.org
|
6 | assets-fe.change.org |
www.change.org
assets-fe.change.org |
6 | static.change.org |
www.change.org
assets-fe.change.org |
5 | connect.facebook.net |
www.change.org
assets-fe.change.org connect.facebook.net |
4 | www.google.com |
1 redirects
www.change.org
www.gstatic.com |
3 | www.facebook.com |
1 redirects
www.change.org
|
2 | errors.client.optimizely.com |
assets-fe.change.org
|
2 | staticxx.facebook.com |
connect.facebook.net
|
2 | www.google.de |
www.change.org
|
2 | apis.google.com |
assets-fe.change.org
apis.google.com |
2 | bat.bing.com |
www.change.org
|
2 | www.google-analytics.com |
1 redirects
www.change.org
|
1 | accounts.google.com |
apis.google.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.gstatic.com |
www.google.com
|
1 | www.googletagmanager.com |
www.change.org
|
1 | cdn.optimizely.com |
www.change.org
|
1 | chng.it | 1 redirects |
70 | 21 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.change.org |
guide.change.org |
twitter.com |
www.facebook.com |
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
change.org CloudFlare Inc ECC CA-2 |
2018-08-31 - 2019-08-31 |
a year | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
cdn.optimizely.com DigiCert ECC Secure Server CA |
2018-11-24 - 2020-02-23 |
a year | crt.sh |
www.google.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
*.google.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
www.googleadservices.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
www.bing.com Microsoft IT TLS CA 5 |
2017-07-20 - 2019-07-10 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-06-06 - 2019-09-04 |
3 months | crt.sh |
*.apis.google.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
www.google.de Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
accounts.google.com Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA |
2018-09-24 - 2020-09-28 |
2 years | crt.sh |
This page contains 5 frames:
Primary Page:
https://www.change.org/p/que-alvarouribevel-se-retire-firmoparaqueuribeseretire?recruiter=24915786&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=544237&recruited_by_id=8b96637b-9629-4446-a9ef-31f81bc63a5d
Frame ID: 6CFBFF0C3C4BD90D0427DDC241D9002B
Requests: 67 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftsXMUAAAAALlWG1yUWFRGkwxc7P-ZFroKILkc&co=aHR0cHM6Ly93d3cuY2hhbmdlLm9yZzo0NDM.&hl=en&v=v1559543665173&size=invisible&cb=xxesz7y839p6
Frame ID: 59D8E6945257B81CB4A6BAE2CF579CC0
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: 92811FDCF5D601A3AD0E6726238A776D
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 274E83D7851FD4302B302A32FEA511FA
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 2F076386BC16D7BBFFB151413EFE0751
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/a16abf04-28cd-4f7a-99b1-3858272628c0.png)
Page URL History Show full URLs
-
http://chng.it/Fh2cWx2jXw
HTTP 301
https://www.change.org/p/que-alvarouribevel-se-retire-firmoparaqueuribeseretire?recruiter=24915786&... Page URL
Detected technologies
![](/vendor/wappa/icons/React.png)
Detected patterns
- html /<[^>]+data-react/i
- script /react.*\.js/i
Detected patterns
- headers server /^cloudflare$/i
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
![](/vendor/wappa/icons/Optimizely.png)
Detected patterns
- script /optimizely\.com.*\.js/i
![](/vendor/wappa/icons/reCAPTCHA.png)
Detected patterns
- script /\/recaptcha\/api\.js/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Help
Search URL Search Domain Scan URL
Title: Guides
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://chng.it/Fh2cWx2jXw
HTTP 301
https://www.change.org/p/que-alvarouribevel-se-retire-firmoparaqueuribeseretire?recruiter=24915786&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=544237&recruited_by_id=8b96637b-9629-4446-a9ef-31f81bc63a5d Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 29- https://www.google-analytics.com/r/collect?v=1&_v=j76&aip=1&a=285166047&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2Fp%2Fque-alvarouribevel-se-retire-firmoparaqueuribeseretire%3Frecruiter%3D24915786%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26utm_term%3D544237%26recruited_by_id%3D8b96637b-9629-4446-a9ef-31f81bc63a5d&dp=%2Fp%2Fque-alvarouribevel-se-retire-firmoparaqueuribeseretire%3Frecruiter%3D24915786%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26utm_term%3D544237%26recruited_by_id%3D8b96637b-9629-4446-a9ef-31f81bc63a5d&ul=en-us&de=UTF-8&dt=Petition%20%C2%B7%20FIRMO%20PARA%20QUE%20URIBE%20SE%20RETIRE%20DE%20LA%20POL%C3%8DTICA%20%C2%B7%20Change.org&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAEABE~&jid=700482499&gjid=1610775218&cid=603658183.1560874052&tid=UA-5889778-1&_gid=1549628554.1560874052&_r=1&z=2135669154 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=603658183.1560874052&jid=700482499&_gid=1549628554.1560874052&gjid=1610775218&_v=j76&z=2135669154 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=603658183.1560874052&jid=700482499&_v=j76&z=2135669154 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=603658183.1560874052&jid=700482499&_v=j76&z=2135669154&slf_rd=1&random=1323957097
- https://www.facebook.com/connect/ping?client_id=48409868550&domain=www.change.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2f8102287538bc%26domain%3Dwww.change.org%26origin%3Dhttps%253A%252F%252Fwww.change.org%252Ff2c915dc0e345d4%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
- https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
70 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
que-alvarouribevel-se-retire-firmoparaqueuribeseretire
www.change.org/p/ Redirect Chain
|
105 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Regular.woff2
static.change.org/fonts/ |
30 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Bold.woff2
static.change.org/fonts/ |
31 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendr-JaaCnc-_3M-c4Pzo39azbyfZnvP206jEVjPW4lkZpLk.css.gz
assets-fe.change.org/rendr-fe/css/ |
168 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11391265293.js
cdn.optimizely.com/js/ |
472 KB 113 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
796 B 654 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mcFzfkukmmjnRjS-800x450-noPad.jpg
assets.change.org/photos/8/fz/fk/ |
40 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dIynKOmURkBBncM-48x48-noPad.jpg
assets.change.org/photos/3/yn/ko/ |
696 B 864 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LbKvqYCdeGMQnqM-128x128-noPad.jpg
assets.change.org/photos/4/kv/qy/ |
21 KB 21 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontFaceObserver-29dd4be78b972dac72ca.js.gz
assets-fe.change.org/react-fe/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
93 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
petitionsEntry-a88c9095057e501f9b0b.js.gz
assets-fe.change.org/react-fe/ |
1 MB 345 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1559543665173/ |
263 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6e42d3fef78c0c21be40f0956f947854_0a8085918b4d3a9af96f86531aaee31b1ff8d536
www.change.org/api-proxy/-/translations/en-US/ |
419 KB 110 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 59D8 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
53 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
43 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
81 B 464 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 254 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
5 KB 901 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
updatesAndCommentsChunk-753ecf4db7eb420c2274.js
assets-fe.change.org/react-fe/ |
27 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
changeAssets-b1e69a1e17dfb9b8f8f1.js.gz
assets-fe.change.org/react-fe/ |
4 MB 1017 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
107 B 230 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 114 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suggestedPetitionsChunk-0a52ad9e4bdb0455e4f3.js
assets-fe.change.org/react-fe/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 93 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1081902691834097
connect.facebook.net/signals/config/ |
228 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
197 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0mZLQwKb4f0.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCO5FZCvAxMaMpwGVdzixH-rkKn6aA/ |
106 KB 36 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
3 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
1 KB 682 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/991363857/ |
42 B 120 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/991363857/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
51 KB 19 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inferredEvents.js
connect.facebook.net/signals/plugins/ |
1 KB 894 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 933 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 246 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame 9281 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 274E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chk_captcha_v3
www.change.org/cdn-cgi/l/ |
0 246 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
107 B 389 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
log
errors.client.optimizely.com/ |
13 B 406 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 2F07 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwBURDtqMmXaVka-800x450-noPad.jpg
assets.change.org/photos/6/bu/rd/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LbKvqYCdeGMQnqM-48x48-noPad.jpg
assets.change.org/photos/4/kv/qy/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WsKsVVzbaRDHhSO-48x48-noPad.jpg
assets.change.org/photos/2/ks/vv/ |
787 B 916 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MJPuCYVpDcHjTiB-48x48-noPad.jpg
assets.change.org/photos/1/pu/cy/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mfwmOmyQvWnWnLK-400x225-noPad.jpg
assets.change.org/photos/1/wm/om/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NUQUzTkHZoUdUCQ-400x225-noPad.jpg
assets.change.org/photos/3/qu/zt/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IrVBzMQvNNMDbNf-400x225-noPad.jpg
assets.change.org/photos/7/vb/zm/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PEiUpIfuiArpMXl-400x225-noPad.jpg
assets.change.org/photos/9/iu/pi/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TnYPDmkrfrvVKbD-400x225-noPad.jpg
assets.change.org/photos/4/yp/dm/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gqnlobFwdlvprdR-400x225-noPad.jpg
assets.change.org/photos/6/nl/ob/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FMVlLJMbZYmTLGN-400x225-noPad.jpg
assets.change.org/photos/7/vl/lj/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RoyJOxSLoUAfEeU-400x225-noPad.jpg
assets.change.org/photos/3/yj/ox/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eRPTsImrigrsfBw-400x225-noPad.jpg
assets.change.org/photos/3/pt/si/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dNbEbohABakQUxl-400x225-noPad.jpg
assets.change.org/photos/8/be/bo/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oihJWqXwVBBtynS-400x225-noPad.jpg
assets.change.org/photos/6/hj/wq/ |
32 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IdaAIwsolWdRkXd-400x225-noPad.jpg
assets.change.org/photos/3/aa/iw/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
log
errors.client.optimizely.com/ |
0 240 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 148 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 945 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| changeTargetingData object| dataLayer object| google_tag_data function| ga object| gaplugins object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha function| FontFaceObserver function| postscribe object| google_tag_manager object| uetq undefined| _ object| webpackJsonp object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime object| scCGSHMRCache object| airbrake object| __APOLLO_CLIENT__ object| recaptchaOptions function| trackEvent object| optimizely function| setOverrideVariation function| FuzzySet object| closure_lm_629385 function| fbq function| _fbq object| gaGlobal object| gaData function| fbAsyncInit object| __consolidated_events_handlers__ function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET object| FB object| gapi object| ___jsl object| osapi15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.facebook.com/ | Name: fr Value: 0o7bTYSUSJ7Z9640X..BdCQxE...1.0.BdCQxE. |
|
.change.org/ | Name: _fbp Value: fb.1.1560874052268.212853834 |
|
.change.org/ | Name: __cfduid Value: d5cc3d3b24c883a458096c5d87a9699311560874050 |
|
.www.change.org/ | Name: G_ENABLED_IDPS Value: google |
|
.change.org/ | Name: _gat Value: 1 |
|
.change.org/ | Name: __cf_bm Value: b74679b9aab020c93f06ba5a4091657cf7094a8a-1560874052-1800-ARRIcHBO6SkqIqTADn3JOjrwXkFALuau8sgn4dYEErRo5dIJlWsvk92JAKqrXeU2G97ykgfvu9E6tR+dvoEBWpvZYOAjEbZkCUYz34RBTBcEJrmKdMEbaHX/4IWZAPecZQ== |
|
.change.org/ | Name: _gid Value: GA1.2.1549628554.1560874052 |
|
.change.org/ | Name: _gcl_au Value: 1.1.319417793.1560874051 |
|
www.change.org/ | Name: tracking_data Value: %7B%22user_uuid%22%3A%222cb4f050-91e3-11e9-89e6-5374cf74bec0%22%7D |
|
.change.org/ | Name: __cfruid Value: 02acb7bb189031bc4bf06b3ac4410bdb7bf37554-1560874051 |
|
www.change.org/ | Name: _change_session Value: 9e4c9aa6a3ca7daf8b3ff4b144a436c4 |
|
.change.org/ | Name: invite Value: %7B%22recruiter_id%22%3A24915786%2C%22requested_at%22%3A%222019-06-18T16%3A07%3A30.567Z%22%7D |
|
.google.com/ | Name: NID Value: 185=n83FTBhpQCvYRxEVfKtJERkVjvTDULMeg7gEDSfrB-pbVUJ2pJCtXOg7eQwZtWeur4lfE71gKXC-BmCZw_pPWebBV0YI0wLQm9v5TExg_w7rjdIHqEUEObCxcOncp25Kqi2JVHhVewp52CN9s35KvM6USTLqH5APQUrBio45cYA |
|
.change.org/ | Name: _ga Value: GA1.2.603658183.1560874052 |
|
www.change.org/ | Name: _change_lang Value: %7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22US%22%7D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://*.pubnub.com https://bat.bing.com https://*.briteverify.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://api.stripe.com https://*.pubnub.com https://*.briteverify.com https://api.soundcloud.com https://api.airbrake.io; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.optimizely.com
chng.it
connect.facebook.net
errors.client.optimizely.com
googleads.g.doubleclick.net
static.change.org
staticxx.facebook.com
stats.g.doubleclick.net
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.17.88.51
104.17.89.51
172.217.16.162
2620:1ec:c11::200
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200d
2a00:1450:4001:815::2003
2a00:1450:4001:815::2004
2a00:1450:4001:820::200e
2a00:1450:4001:821::2003
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9a
2a02:26f0:6c00:183::13b8
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.218.217.202
54.146.52.112
05ab2fe2c98d49e3cc724a9155b8ee8a2a6ed8400c694adb9c21e1c7498e316f
0a1113c6e1ff0656212277d1d0290975f9c551b2f8808973fdb73372611aaa29
0beed73aca0f3cb2857ad5e50c12b4c06873ba347b52be43f8a23daf3be8f179
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134d9689dd766fbea01b7b16563704e655883a93b76f55a6acf999f67510f8b5
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
18610ba50b178fde27c87d666eb150429d3d3bffff4db332a4c44097a2bcac67
25a6829dcfbfdccf9ce0fce8dfd6b36f27d99ef3f6d3a8c45633d6e25919a4b9
30427ea691f03669d6802131c1ef4a0d6cdb3fdb116de42ae5fb7d51ce6804b9
367e68aec4c344d850e885932413253464c2cee7481663654278945e88f46d9d
3c686c7880c12b58f897b30e0d7baf8706255deb2950c95886d87fa7fe88177e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
59493e79f2fa6a48a50453961c3056f7bfafb96ec2fd7a64109f51e3d5f06b87
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
6884471c4ea37959804b7023bf5402e187cda75daef1d71558b67dbd46d17d84
6c60604d0836b4f26c3133aaba4bfec57cc6c505355e7030c186059c36231773
771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1
793218afc331837ccb8376c7859362b13c979e42bc4d8768e89a43ada3dbb406
79dcc720a82183eb6a3813eddf3e77c755a70258cf926d17c0264770fea6c47a
8168186ca9cbc9f993fc5f2374976fc6abed1f4118eb0257fd7835ddfc4f647e
83f3ad738ad6a8e824228950083a675ceba1b86a4ebe49baf6f14b06ebeb7cba
85ef970b93bcac06fbb3569ee170eda002ed5f59b4064b60392a21d9d06ffa3b
8b1ed545cbcadc48d9b8b07fa002c06ef07bfe377e60287aa8ec8893a6ede972
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
91e8bcd90cc7547eb03bb094f398aac94215537ff1f5c4310d1e134e97b0e186
92b07f26b06548e0e5182502e9291dd6bac92a45d66cefe1f897e1c0ad1c3b22
95ea06d9826097ebf25d0fdf8059dae0c143991572bcbdeb641cba885b20b683
97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa
9877fc3037bc7cd9ae71e50a26dd4de607d189fbfcb4d95f78607390e007d7da
9cd346fc2a879c3b79b1dfe3ba5c8226542001f304396b5fe9d553f4a66b69b9
9db46612abafea5f434c67416a395ab963f4333575b16423bc441408ffa5bcac
af690d93b6fa1d6a156cd67f3adcc319085cce91bcdbd6921029fc40cc29be1f
b1f4d2f331f474afd4f3fb37d03003fd4dd893de94a5011283e8b332dbbd66e8
b7f50bd7195d1f45e8b63f8d6444dad5ad83d1f3510e0fb56c17617b480b232e
baca3cef51cbde4cbf7b706fbd9a03fa28f7bbdb9a9cb2abe6f4f105aa833e2b
c685424bbbb670362e68ca4d7025f6c59801f36bc84254d65c9d1327cbefe56d
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
ce0772f53e712e02620505ac22f0ed66b4cf2e96c4c0d8867e7e03a2ec527d98
d1c141a10fe647758c47ff578178c96f0c8d8704fd173e76810c118e9ed354d1
d3a1709fe8137c63c4f42cbe57bef6c0665e7063141f9571a3dadb7a2d7c5855
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44029bbf196b1da5653efeebe00d4a78f1abfa95c640bf251d438bb143abfc2
e68be1177d3cb5ea61c0032fbd03b65a76d5a866e5bee9aa6f5a6ada0c054061
e6ecfa7bb2a87b5796fceb432fbd2e1dfcb6ae3a587188575a3c3dea8eb01f3c
e8e5fe8177578150e8faf71219cfe439c2391501f077c8015ec03d694c9ea3ae
ea4a95c81cf223f1d01d7e2679403d4cd9adf9c1e944f26c65bb947eeaec1414
ebcc6f489d5b78f58f5325ab9e4497bef091b31540eae00ab69f3375556c85e4
ec108d24cc78e6d2e847948d34079251830c82913bf4a1288af1a299b5fde447
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12ff55e63fc09abfd3ef4ec1ded12cbd069f0cb94ee3bb365fd043f74893c75
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
f2e8007444f08d190f78b0468e39b6f12b99aac3b9a609af4f418cc7df340391
f366216943fdcaf1d17ccf427a10b3ba17d6644a8b2c2fa7245d916b4e817c7a
f84b08e40514c7560848cc3fa8b326deed286380a944d80ca6ce22b573ac80e1
fda0d54bbf4741f84319f339dccddbc72fc3aec7e59f77f4313ecaa6bf0ce5fc