![](/screenshots/ae44aa24-7328-4953-b11a-fbe9c87129e9.png)
www.change.org
Open in
urlscan Pro
104.17.88.51
Public Scan
Effective URL: https://www.change.org/p/ontario-demands-better-reduce-class-sizes-to-keep-schools-and-communities-safe?recruiter=10611...
Submission: On August 05 via manual from AE
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 6th 2020. Valid for: 6 months.
This is the only time www.change.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: s3-website-us-west-2.amazonaws.com
chng.it |
ASN13335 (CLOUDFLARENET, US)
www.change.org | |
assets-fe.change.org | |
assets.change.org |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
www.googleadservices.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress2
static.hotjar.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-8-4-210.deploy.static.akamaitechnologies.com
cdn3.optimizely.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-43-121-57.deploy.static.akamaitechnologies.com
a11391265293.cdn.optimizely.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress17
script.hotjar.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9
vars.hotjar.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-55-133.compute-1.amazonaws.com
logx.optimizely.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-122.fra53.r.cloudfront.net
images.thestar.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
46 |
change.org
www.change.org static.change.org assets-fe.change.org assets.change.org |
2 MB |
5 |
google.com
1 redirects
www.google.com apis.google.com accounts.google.com |
56 KB |
5 |
optimizely.com
cdn.optimizely.com cdn3.optimizely.com a11391265293.cdn.optimizely.com logx.optimizely.com |
156 KB |
4 |
facebook.net
connect.facebook.net |
228 KB |
3 |
facebook.com
www.facebook.com |
311 B |
3 |
hotjar.com
static.hotjar.com script.hotjar.com vars.hotjar.com |
74 KB |
2 |
google.de
www.google.de |
213 B |
2 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net stats.g.doubleclick.net |
2 KB |
2 |
bing.com
bat.bing.com |
8 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
thestar.com
images.thestar.com |
109 KB |
1 |
twitter.com
analytics.twitter.com |
283 B |
1 |
t.co
t.co |
170 B |
1 |
ads-twitter.com
static.ads-twitter.com |
2 KB |
1 |
googleadservices.com
www.googleadservices.com |
11 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
49 KB |
1 |
chng.it
1 redirects
chng.it |
529 B |
77 | 17 |
Domain | Requested by | |
---|---|---|
23 | assets.change.org |
www.change.org
assets-fe.change.org |
10 | www.change.org |
assets-fe.change.org
|
7 | static.change.org |
www.change.org
assets-fe.change.org |
6 | assets-fe.change.org |
www.change.org
assets-fe.change.org |
4 | connect.facebook.net |
www.change.org
assets-fe.change.org connect.facebook.net |
3 | www.facebook.com |
www.change.org
assets-fe.change.org connect.facebook.net |
2 | logx.optimizely.com |
assets-fe.change.org
|
2 | apis.google.com |
assets-fe.change.org
apis.google.com |
2 | www.google.de |
www.change.org
|
2 | www.google.com |
1 redirects
www.change.org
|
2 | bat.bing.com |
www.change.org
|
2 | www.google-analytics.com |
1 redirects
www.change.org
|
1 | images.thestar.com |
assets-fe.change.org
|
1 | accounts.google.com |
apis.google.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | vars.hotjar.com |
static.hotjar.com
|
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | t.co |
www.change.org
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | a11391265293.cdn.optimizely.com |
cdn.optimizely.com
|
1 | cdn3.optimizely.com |
cdn.optimizely.com
|
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.change.org
|
1 | cdn.optimizely.com |
www.change.org
|
1 | chng.it | 1 redirects |
77 | 28 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.changeverein.org |
nationalpost.com |
time.com |
globalhealth.washington.edu |
www.sickkids.ca |
ontarioliberal.ca |
changeverein.org |
help.change.org |
twitter.com |
www.facebook.com |
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-04-06 - 2020-10-09 |
6 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
cdn.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-06-17 - 2020-09-15 |
3 months | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2019-08-14 - 2020-08-18 |
a year | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.cdn.optimizely.com GeoTrust RSA CA 2018 |
2020-03-05 - 2021-06-04 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-06-18 - 2020-09-16 |
3 months | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-07-21 - 2020-10-12 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-06-16 - 2020-09-14 |
3 months | crt.sh |
*.apis.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
accounts.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
logx.optimizely.com DigiCert SHA2 High Assurance Server CA |
2018-10-01 - 2020-10-05 |
2 years | crt.sh |
*.thestar.com Trustwave Organization Validation SHA256 CA, Level 1 |
2018-10-03 - 2020-10-19 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.change.org/p/ontario-demands-better-reduce-class-sizes-to-keep-schools-and-communities-safe?recruiter=1061120960&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=psf_combo_share_initial&recruited_by_id=abb2eff0-6d30-11ea-ae0f-4b0f092b54bd
Frame ID: C4D5A0A0E157BAECEC4B1CF9F128D70F
Requests: 75 HTTP requests in this frame
Frame:
https://a11391265293.cdn.optimizely.com/client_storage/a11391265293.html
Frame ID: 2ECED69C6664F7953A2D6724040E4EE4
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 4B7A5B82A778460C1756290292356E40
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: B0094BE6F5CA87A2286C161E076D0A22
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/ae44aa24-7328-4953-b11a-fbe9c87129e9.png)
Page URL History Show full URLs
-
http://chng.it/Dd5yhfJFfn
HTTP 301
https://www.change.org/p/ontario-demands-better-reduce-class-sizes-to-keep-schools-and-communities-... Page URL
Detected technologies
![](/vendor/wappa/icons/React.png)
Detected patterns
- html /<[^>]+data-react/i
Detected patterns
- headers server /^cloudflare$/i
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
![](/vendor/wappa/icons/Optimizely.png)
Detected patterns
- script /optimizely\.com.*\.js/i
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: Förder*in werden
Search URL Search Domain Scan URL
Title: https://nationalpost.com/news/back-to-school-about-a-dozen-countries-have-returned-kids-to-classrooms-what-canada-can-learn-from-them
Search URL Search Domain Scan URL
Title: https://time.com/5868098/schools-reopening-coronavirus-denmark-south-korea-israel/?utm_source=email&utm_medium=email&utm_campaign=email-share-article&utm-term=world_global-health
Search URL Search Domain Scan URL
Title: https://globalhealth.washington.edu/sites/default/files/COVID-19%20Schools%20Summary%20%28updated%29.pdf
Search URL Search Domain Scan URL
Title: https://www.sickkids.ca/PDFs/About-SickKids/81407-COVID19-Recommendations-for-School-Reopening-SickKids.pdf
Search URL Search Domain Scan URL
Title: https://ontarioliberal.ca/steven-del-ducas-students-in-schools-action-plan/
Search URL Search Domain Scan URL
Title: Ãœber Change.org
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Title: Wirkung
Search URL Search Domain Scan URL
Title: Karriere
Search URL Search Domain Scan URL
Title: Verein
Search URL Search Domain Scan URL
Title: Presse
Search URL Search Domain Scan URL
Title: Hilfe
Search URL Search Domain Scan URL
Title: Anleitungen
Search URL Search Domain Scan URL
Title: NetzDG Bericht
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://chng.it/Dd5yhfJFfn
HTTP 301
https://www.change.org/p/ontario-demands-better-reduce-class-sizes-to-keep-schools-and-communities-safe?recruiter=1061120960&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&utm_term=psf_combo_share_initial&recruited_by_id=abb2eff0-6d30-11ea-ae0f-4b0f092b54bd Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 37- https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=433603843&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2Fp%2Fontario-demands-better-reduce-class-sizes-to-keep-schools-and-communities-safe%3Frecruiter%3D1061120960%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26utm_term%3Dpsf_combo_share_initial%26recruited_by_id%3Dabb2eff0-6d30-11ea-ae0f-4b0f092b54bd&dp=%2Fp%2Fontario-demands-better-reduce-class-sizes-to-keep-schools-and-communities-safe%3Frecruiter%3D1061120960%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26utm_term%3Dpsf_combo_share_initial%26recruited_by_id%3Dabb2eff0-6d30-11ea-ae0f-4b0f092b54bd&ul=en-us&de=UTF-8&dt=Petition%20%C2%B7%20Ontario%20Demands%20Better%3A%20Reduce%20Class%20Sizes%20to%20Keep%20Schools%20and%20Communities%20Safe%20%C2%B7%20Change.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABE~&jid=1865432340&gjid=963604127&cid=1855563609.1596612228&tid=UA-5889778-1&_gid=1996394662.1596612228&_r=1&z=1076975394 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=1855563609.1596612228&jid=1865432340&_gid=1996394662.1596612228&gjid=963604127&_v=j83&z=1076975394 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1855563609.1596612228&jid=1865432340&_v=j83&z=1076975394 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1855563609.1596612228&jid=1865432340&_v=j83&z=1076975394&slf_rd=1&random=3591873977
77 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
ontario-demands-better-reduce-class-sizes-to-keep-schools-and-communities-safe
www.change.org/p/ Redirect Chain
|
139 KB 41 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Regular.woff2
static.change.org/fonts/ |
30 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Bold.woff2
static.change.org/fonts/ |
31 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendr-xlAQzDvJM_K3jpDV0qJITERnqSdSsqp59Kbg01qSQhg.css
assets-fe.change.org/fe/css/ |
167 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11391265293.js
cdn.optimizely.com/js/ |
723 KB 155 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
157 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opKOxmObzBtLjJV-800x450-noPad.jpg
assets.change.org/photos/3/ko/xm/ |
74 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontFaceObserverChunk-bb113c8b8f61700bd517.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
petitionsEntryChunk-b108d53c21886b2037be.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
2 MB 550 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
29 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1693228.js
static.hotjar.com/c/ |
38 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geo2.js
cdn3.optimizely.com/js/ |
293 B 700 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a11391265293.html
a11391265293.cdn.optimizely.com/client_storage/ Frame 2ECE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.b87116e098bb2a0a700d.js
script.hotjar.com/ |
353 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 93 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 170 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c46adb18cd97bb87d1e040cefc8d6157_abf353f52a3c2bf3c6a09629df0cd55ac7c68ebe
www.change.org/api-proxy/-/translations/de-DE/ |
374 KB 107 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 283 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
134 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/991363857/ |
42 B 116 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/991363857/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 4B7A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/de_DE/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
49 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
81 B 383 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
6 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 171 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
updatesAndCommentsChunk-662d64130cf6e8630c36.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
25 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
changeAssets-ba06805f74b263b931de.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
5 MB 1 MB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 140 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 140 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suggestedPetitionsChunk-c15b51f62309e0b6cf36.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1081902691834097
connect.facebook.net/signals/config/ |
522 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/de_DE/ |
199 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.WuHGBC70tdw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCNpHoaMoiiRyTFOuGnNuTT-eiD9VA/ |
106 KB 36 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
81 KB 29 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame B009 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
htjQWNEfeTIwjrN-48x48-noPad.jpg
assets.change.org/photos/0/jq/wn/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EAjSdKlmzJGtANn-48x48-noPad.jpg
assets.change.org/photos/4/js/dk/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 853 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
school_petition.jpg
images.thestar.com/JVKRDET6cwRvfY-ecZwjtpjjf04=/1200x800/smart/filters:cb(1596496859505)/https://www.thestar.com/content/dam/thestar/news/gta/2020/08/03/thousands-sign-petition-asking-ontario-to-re... |
108 KB 109 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 803 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OLMpDThLBlasjXB-48x48-noPad.jpg
assets.change.org/photos/5/mp/dt/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ |
0 53 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cfvmxfsntNseurR-400x225-noPad.jpg
assets.change.org/photos/1/vm/xf/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
peCxdPsxbRGOzwO-400x225-noPad.jpg
assets.change.org/photos/3/cx/dp/ |
24 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ktAKWzcmQCAtykb-400x225-noPad.jpg
assets.change.org/photos/3/ak/wz/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JfslbrgKAWspRZY-400x225-noPad.jpg
assets.change.org/photos/6/sl/br/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ujuLSnHDatyzxXk-400x225-noPad.jpg
assets.change.org/photos/3/ul/sn/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CnJPiBmyiRoWyHp-400x225-noPad.jpg
assets.change.org/photos/7/jp/ib/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ziFXDJSYCcezHBb-400x225-noPad.jpg
assets.change.org/photos/7/fx/dj/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lfGLhfKxjwfJJqf-400x225-noPad.jpg
assets.change.org/photos/0/gl/hf/ |
26 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zsVfZpJYCAgKhBJ-400x225-noPad.jpg
assets.change.org/photos/7/vf/zp/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OXLwqClToBZRITf-400x225-noPad.jpg
assets.change.org/photos/7/lw/qc/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SwGbKGtMHggzhRk-400x225-noPad.jpg
assets.change.org/photos/2/gb/kg/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zBtqPCKFNGXjjom-400x225-noPad.jpg
assets.change.org/photos/8/tq/pc/ |
19 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EdJMomvABppQUEf-400x225-noPad.jpg
assets.change.org/photos/9/jm/om/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jZwhZrsDhUXmuHI-400x225-noPad.jpg
assets.change.org/photos/6/wh/zr/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OdjVkJgUeeBOmdS-400x225-noPad.jpg
assets.change.org/photos/9/jv/kj/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DWauaCtUXXvxfFi-48x48-noPad.jpg
assets.change.org/photos/5/au/ac/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SQmLtONFaihFYBi-48x48-noPad.jpg
assets.change.org/photos/4/ml/to/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 853 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QPFtUEAUvbfSEqV-48x48-noPad.jpg
assets.change.org/photos/1/ft/ue/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OwgknsxvgcdHIqn-48x48-noPad.jpg
assets.change.org/photos/8/gk/ns/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| changeTargetingData object| dataLayer object| google_tag_data function| ga object| gaplugins function| postscribe object| google_tag_manager function| hj object| _hjSettings function| twq object| uetq function| _ object| optimizely object| twttr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| UET object| webpackJsonp function| FontFaceObserver function| setImmediate function| clearImmediate object| regeneratorRuntime object| airbrake object| __APOLLO_CLIENT__ object| recaptchaOptions function| trackEvent function| setOverrideVariation function| _sov function| FuzzySet object| Backbone function| fbq function| _fbq object| gaGlobal object| gaData function| fbAsyncInit object| __consolidated_events_handlers__ object| FB object| gapi object| ___jsl object| gadgets object| osapi object| oauth218 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.com/ | Name: NID Value: 204=SBgK_yciQRNemZYeIHaq1RJytwr3_aHO_fERtyAvJUZpYGhSoAlHJAGxP_o9m4eZY1UKN-A4X-KWeCC1pSubA5xiBZNPQbLUnksLqrdkjFd6ZnNuyX99XJdbFrSWwoZeEVVYbAkOl_UfNhtbrxnfN2fM0vu-g3EgG1U2zelC1to |
|
.change.org/ | Name: _gat Value: 1 |
|
.change.org/ | Name: _ga Value: GA1.2.1855563609.1596612228 |
|
.change.org/ | Name: _hjid Value: ece088cc-4708-4c6d-983f-c962f2b3e99e |
|
.change.org/ | Name: _fbp Value: fb.1.1596612227890.669112940 |
|
.change.org/ | Name: _uetsid Value: 1e776149caf938d1ef8a6bd12673ddf3 |
|
.www.change.org/ | Name: G_ENABLED_IDPS Value: google |
|
.change.org/ | Name: __cfduid Value: d0897801fcdf52dff1ff73206672205f51596612226 |
|
.change.org/ | Name: optimizelyEndUserId Value: oeu1596612227026r0.6945946590212366 |
|
.change.org/ | Name: _gid Value: GA1.2.1996394662.1596612228 |
|
.change.org/ | Name: _gcl_au Value: 1.1.531077186.1596612227 |
|
.change.org/ | Name: _uetvid Value: 61375411ee37537d8f3cd4ee3474895c |
|
.change.org/ | Name: __cfruid Value: ff3596d639fa5bd4b86b638136d7614c76ea8a35-1596612226 |
|
.change.org/ | Name: __cf_bm Value: e4681e462b00dbe968129faaf31fef0cdb883524-1596612226-1800-AcOu9zmsUuTmqh+SqIte8Fy7U0yJhH2a1E2l0jNZZD70axyxVcjqpshlP9mMITNzs9sugiF8qU+dEeiWZQYDDSg= |
|
www.change.org/ | Name: _change_session Value: 1546585c346b2ce908d26940c72aa271 |
|
.change.org/ | Name: invite Value: %7B%22recruiter_id%22%3A1061120960%2C%22requested_at%22%3A%222020-08-05T07%3A23%3A46.642Z%22%7D |
|
www.change.org/ | Name: tracking_data Value: %7B%22user_uuid%22%3A%229999f090-d6ec-11ea-909c-0935fe8dba02%22%7D |
|
www.change.org/ | Name: _change_lang Value: %7B%22locale%22%3A%22de-DE%22%2C%22countryCode%22%3A%22DE%22%7D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.recaptcha.net https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://*.ads-twitter.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://px-cdn.net https://*.px-cloud.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://p2a.co https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://*.px-client.net https://*.px-cloud.net https://pxchk.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://api.stripe.com https://api.soundcloud.com https://api.airbrake.io https://api.zippopotam.us; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a11391265293.cdn.optimizely.com
accounts.google.com
analytics.twitter.com
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.optimizely.com
cdn3.optimizely.com
chng.it
connect.facebook.net
googleads.g.doubleclick.net
images.thestar.com
logx.optimizely.com
script.hotjar.com
static.ads-twitter.com
static.change.org
static.hotjar.com
stats.g.doubleclick.net
t.co
vars.hotjar.com
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.17.88.51
104.17.89.51
104.244.42.133
104.244.42.3
143.204.202.122
147.75.100.161
147.75.100.245
147.75.33.131
151.101.12.157
216.58.212.162
23.43.121.57
23.8.4.210
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:801::2004
2a00:1450:4001:801::200e
2a00:1450:4001:808::200e
2a00:1450:4001:809::200d
2a00:1450:4001:80b::2002
2a00:1450:4001:816::2008
2a00:1450:400c:c00::9d
2a02:26f0:6c00:183::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.236.55.133
52.218.217.202
01472b36f6aa86d86f3d608584b1495fa8eafb7edb6a3b55641e7d0f6e8e2b98
04bc5789bccb586c0633044e22ba468969a12eef6081df41cb4515ab2eb3de0e
061377601fa8ba8184b7ba492ef3d7f03c326602374d87dff76f2415a0cb25ad
0fd6b13fe134df5f9ffbbaba5d6663b7ca9504b5a7439c20ab6996bff2c55987
10649a735c096880614cf159b6063b7d65d9e29ab143e08d4d42ac1fbf70c527
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
144288dcfead1fd6a9fdab1a3f5503846b1e8b434e4ecbcdf1037abb07a443be
18bb893c7f130f2eac4865a10d038d4d1c00ef6016cdf26882e5cc9d91a71cc1
21109692a82516e7c8400e03ffcb37cbdb33b647077a1853e6a1ef2c773fa0f5
2351bc7fffb6bea2e6a2ed3056203d3dcf70aa280bd13f2336fd3c5e8ac308e8
28982a1c268af7c5bab4e5ab4ae8eb61698220b6d9cdc71c21b597e01ad13f82
2bf4a9e4c43d096e196d59dffe691309e3fbcf6a5fe3bb1e84f4a46df791db98
2eec8917ded9cd7f04f402cf5073dda030caf6780b20fdbd2bb6c1b517ae1a96
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
32d0eea824964457f28515efe6ad6bc77d5b18a3a1658e387d0c8c7a205f8282
35968c24a197d4d3bb9caf54ecb8256c322e50faac01364e2711c4481789a4ce
3c8660aad7b12eb2ded90659c27380e7a292aa3a07cef60aadb0fc36d8f2d456
3e3292317e2d81ef0911937957ffe67eab8d38678e89a797038bab54996c9f48
3f52723df7037dc039a28d031f1062dbd0b2893fcd0366d0dfb02865bb517676
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45e92705ccf674b48e3cc16e74941bd3ba7438e7518508c30dc432214ebe6d4b
4f988931659b3ec72e9fb583e9d4cd2db8447c8b7a6077a8d1a6fc4b803e46d7
5312351759fdb785aaf59efb176565b173a82075584c607a34342120d97fbd3e
54ea006a820fd89b3ef1171fbc7663872eee24e9203d84bae2671bfb459ed989
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
572f26931fa63f7b8a1e14ebe17b675eda20e4a9fac4844c4b29d53056a12e64
58ea06665a4fb4ba445a271fc204878f86a4db2eead2b55790edf501fe1e23f4
5be015df94026607a0893c4f9dd9ae40b88ef342edb68d44f1374caf15313ba1
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
5ed44719524ea2809dfae7077d4b4b9134c89d8fb0c859fbf497e8f06eb1728c
71aa66e3c94df617c70a1b9530acaa18c9f049d6d29dbaa6d0efe84d7104805a
72ea45630589930751844b017592cc99feb289ef7f72849277ce49b69731d6d5
74efce76c97a096d8372ee6a8aaafd49baea1f7c6c6e723e7955313cdc540a58
771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1
7f8d38edbb315e999159a11df6cdb31479261362286f455c86d76c82a51ff8a0
8b663f4a98939cc1b8ea24d10424e861a30a3a9fe3eb83b9b355eb7209dc156a
8f89dce5f183084944fbc96c6e660da3eeed7911c4f2c6f9a6007af09d23f147
93b25dedcc2bbd2c087d24bfed3ca9bcb135a97c224c861df039e6ce96de49bb
97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa
97e434e6cb6c64e2c37c11bc27b3fced5e6131c3ea5123da8ab220d3e5fe8e38
9c331d7bf153726390cacdfc0413837538f3768ef4eec6a7533e7ef94b86196f
9dda6e4f8f7d6a9e7f2f7bee81eae453637193de0e024a48721852e873dcfe33
ab23fc60415dac9b6fbf788c3b63651ec1490c9116afde92b03f374e3d1ef435
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b7f50bd7195d1f45e8b63f8d6444dad5ad83d1f3510e0fb56c17617b480b232e
c1ee828ff367c2502ff6dea96533e987cdf7514f79cca36bb2cb87338aa620be
c65010cc3bc933f2b78e90d5d2a2484c4467a92752b2aa79f4a6e0d35a924218
d044035c0bc2fa51aa829c8ef595f35f7a8cb19db414ba4d87f87ab48997b12a
d420a032ae8fd1e771dce1ae924ed9d289871c19f1e121352f85beb2c0757579
d4f0c6e77265b6e1ba18c111a23f35457a6985b3a0db097d002d3d038802b9aa
d8d139e423b625e06d3ef5e099bed68d1125b30ea9dd0f606b4d2160f60604c9
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e532d6e10225cbeda16af151e21d59f450e0a87c8fdb157154021bc94930da80
e84784c29da5b509deb0efa45da3de691570a2bff9715678e77bff5c74db04cb
ed1e5670a9f84487660d57de0d125ba174b1357e6d8eaa10e937af92fb6132c3
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f58ab2a718fb4aa1bc15a8b9db30b09cdae654394a835ebbfb3d7e2a4ea508bf
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
fac70370e7c859dbcbbf7f1f9db128fb1d0a65025a845bbcfa4857bdd48f78eb
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955