www.change.org
Open in
urlscan Pro
104.17.88.51
Public Scan
Effective URL: https://www.change.org/p/monsieur-le-directeur-de-la-ders-demande-de-prise-en-compte-de-l-implication-des-personnels-de...
Submission: On August 07 via manual from FR
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 6th 2020. Valid for: 6 months.
This is the only time www.change.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: s3-website-us-west-2.amazonaws.com
chng.it |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com
collector-pxnslc0hv5.px-cloud.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-37-32-235.deploy.static.akamaitechnologies.com
cdn3.optimizely.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-17-191-240.deploy.static.akamaitechnologies.com
a11391265293.cdn.optimizely.com |
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
www.googleadservices.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress12
static.hotjar.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15
vars.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-50-60.eu-west-1.compute.amazonaws.com
in.hotjar.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-160-25.compute-1.amazonaws.com
logx.optimizely.com |
Domain | Requested by | |
---|---|---|
16 | assets.change.org |
www.change.org
assets-fe.change.org |
10 | www.change.org |
www.change.org
assets-fe.change.org |
6 | assets-fe.change.org |
www.change.org
assets-fe.change.org |
4 | connect.facebook.net |
www.change.org
assets-fe.change.org connect.facebook.net |
3 | www.facebook.com |
www.change.org
assets-fe.change.org connect.facebook.net |
3 | static.change.org |
www.change.org
|
2 | logx.optimizely.com |
assets-fe.change.org
|
2 | www.google.de |
www.change.org
|
2 | www.google.com |
1 redirects
www.change.org
|
2 | apis.google.com |
assets-fe.change.org
apis.google.com |
2 | bat.bing.com |
www.change.org
|
2 | collector-pxnslc0hv5.px-cloud.net |
www.change.org
assets-fe.change.org |
2 | www.google-analytics.com |
1 redirects
www.change.org
|
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | in.hotjar.com |
assets-fe.change.org
|
1 | accounts.google.com |
apis.google.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | t.co |
www.change.org
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | static.ads-twitter.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | a11391265293.cdn.optimizely.com |
cdn.optimizely.com
|
1 | cdn3.optimizely.com |
cdn.optimizely.com
|
1 | www.googletagmanager.com |
www.change.org
|
1 | cdn.optimizely.com |
www.change.org
|
1 | chng.it | 1 redirects |
68 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.change.org |
guide.change.org |
twitter.com |
www.facebook.com |
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-04-06 - 2020-10-09 |
6 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
cdn.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.px-cloud.net Let's Encrypt Authority X3 |
2020-05-26 - 2020-08-24 |
3 months | crt.sh |
*.optimizely.com DigiCert SHA2 Secure Server CA |
2020-01-20 - 2021-03-20 |
a year | crt.sh |
*.cdn.optimizely.com GeoTrust RSA CA 2018 |
2020-03-05 - 2021-06-04 |
a year | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-06-17 - 2020-09-15 |
3 months | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2019-08-14 - 2020-08-18 |
a year | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-07-21 - 2020-10-12 |
3 months | crt.sh |
*.apis.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-06-18 - 2020-09-16 |
3 months | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-06-16 - 2020-09-14 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
accounts.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.hotjar.com Amazon |
2019-09-27 - 2020-10-27 |
a year | crt.sh |
logx.optimizely.com DigiCert SHA2 High Assurance Server CA |
2018-10-01 - 2020-10-05 |
2 years | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.change.org/p/monsieur-le-directeur-de-la-ders-demande-de-prise-en-compte-de-l-implication-des-personnels-de-orange-france-ders?recruiter=1133287201&utm_source=share_petition&utm_medium=copylink&utm_campaign=share_petition&utm_term=G%3ESearch%3ESAP%3EFR%3EBrand%3EGeneral%3EExact
Frame ID: 7767555775927F1264FC749E301F0FB4
Requests: 66 HTTP requests in this frame
Frame:
https://a11391265293.cdn.optimizely.com/client_storage/a11391265293.html
Frame ID: 618F006C24B4AF7BD7B60A6EBD4E84E5
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 137485DBF6180DFFE9795CC51CD533F4
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: 2456CB00F6CB126D0C60AC0FE1F6BEE8
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://chng.it/zsVHgXQMht
HTTP 301
https://www.change.org/p/monsieur-le-directeur-de-la-ders-demande-de-prise-en-compte-de-l-implicati... Page URL
Detected technologies
React (JavaScript Frameworks) ExpandDetected patterns
- html /<[^>]+data-react/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Optimizely (Analytics) Expand
Detected patterns
- script /optimizely\.com.*\.js/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Help
Search URL Search Domain Scan URL
Title: Guides
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://chng.it/zsVHgXQMht
HTTP 301
https://www.change.org/p/monsieur-le-directeur-de-la-ders-demande-de-prise-en-compte-de-l-implication-des-personnels-de-orange-france-ders?recruiter=1133287201&utm_source=share_petition&utm_medium=copylink&utm_campaign=share_petition&utm_term=G%3ESearch%3ESAP%3EFR%3EBrand%3EGeneral%3EExact Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 30- https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=463888156&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2Fp%2Fmonsieur-le-directeur-de-la-ders-demande-de-prise-en-compte-de-l-implication-des-personnels-de-orange-france-ders%3Frecruiter%3D1133287201%26utm_source%3Dshare_petition%26utm_medium%3Dcopylink%26utm_campaign%3Dshare_petition%26utm_term%3DG%253ESearch%253ESAP%253EFR%253EBrand%253EGeneral%253EExact&dp=%2Fp%2Fmonsieur-le-directeur-de-la-ders-demande-de-prise-en-compte-de-l-implication-des-personnels-de-orange-france-ders%3Frecruiter%3D1133287201%26utm_source%3Dshare_petition%26utm_medium%3Dcopylink%26utm_campaign%3Dshare_petition%26utm_term%3DG%253ESearch%253ESAP%253EFR%253EBrand%253EGeneral%253EExact&ul=en-us&de=UTF-8&dt=Petition%20%C2%B7%20Demande%20de%20prise%20en%20compte%20de%20l%27implication%20des%20personnels%20de%20Orange%20France%20DERS%20%C2%B7%20Change.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABE~&jid=1602113562&gjid=508380597&cid=1343492471.1596780828&tid=UA-5889778-1&_gid=1167575872.1596780828&_r=1&z=1775567793 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=1343492471.1596780828&jid=1602113562&_gid=1167575872.1596780828&gjid=508380597&_v=j83&z=1775567793 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1343492471.1596780828&jid=1602113562&_v=j83&z=1775567793 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1343492471.1596780828&jid=1602113562&_v=j83&z=1775567793&slf_rd=1&random=2746563355
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
monsieur-le-directeur-de-la-ders-demande-de-prise-en-compte-de-l-implication-des-personnels-de-orange-france-ders
www.change.org/p/ Redirect Chain
|
128 KB 39 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Regular.woff2
static.change.org/fonts/ |
30 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Bold.woff2
static.change.org/fonts/ |
31 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendr-xlAQzDvJM_K3jpDV0qJITERnqSdSsqp59Kbg01qSQhg.css
assets-fe.change.org/fe/css/ |
167 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11391265293.js
cdn.optimizely.com/js/ |
743 KB 156 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
157 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dYwjCftfhzHoNxi-800x450-noPad.jpg
assets.change.org/photos/9/wj/cf/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontFaceObserverChunk-203a73f12f1128f3ba69.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
petitionsEntryChunk-fcaf4ff07c042d247b5b.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
2 MB 551 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.js
www.change.org/NsLC0Hv5/ |
94 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
654 B 875 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geo2.js
cdn3.optimizely.com/js/ |
290 B 697 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a11391265293.html
a11391265293.cdn.optimizely.com/client_storage/ Frame 618F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
29 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-1693228.js
static.hotjar.com/c/ |
64 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d85a0794fe58269bafd49bc760778e21_3566e1298b9c64b8439cf3154eda49902f97c945
www.change.org/api-proxy/-/translations/en-US/ |
320 KB 87 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
134 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
49 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
81 B 259 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 294 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
updatesAndCommentsChunk-5f493a05b3d252af0617.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
25 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
changeAssets-e5ec62cdc944882ee785.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
5 MB 1 MB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 243 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 141 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suggestedPetitionsChunk-74708d73b71378851839.js
assets-fe.change.org/fe/12cdb2e55cd2c60e8d0ecbd35d1b6b74/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 148 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.9e0dfa53977fdaaa37e1.js
script.hotjar.com/ |
355 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 449 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1081902691834097
connect.facebook.net/signals/config/ |
524 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 1374 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
200 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.WuHGBC70tdw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCNpHoaMoiiRyTFOuGnNuTT-eiD9VA/ |
106 KB 36 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
889 B 722 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
206 B 318 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
46 KB 19 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/991363857/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/991363857/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 259 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame 2456 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/1693228/ |
178 B 320 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxnslc0hv5.px-cloud.net/api/v2/ |
366 B 431 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 650 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ |
0 38 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zOMTLdyHQMthaxZ-400x225-noPad.jpg
assets.change.org/photos/1/mt/ld/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yInvqOihBReQtnM-400x225-noPad.jpg
assets.change.org/photos/4/nv/qo/ |
111 KB 112 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yKHkHKYjKUASuDj-400x225-noPad.jpg
assets.change.org/photos/6/hk/hk/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gjjIVLQqhNVazgN-400x225-noPad.jpg
assets.change.org/photos/9/ji/vl/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZxcSkxxQIYEveOv-400x225-noPad.jpg
assets.change.org/photos/0/cs/kx/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uNtGGkZoxgRnuuz-400x225-noPad.jpg
assets.change.org/photos/5/tg/gk/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RfItNRbRXdAjVXO-400x225-noPad.jpg
assets.change.org/photos/4/it/nr/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QMSwfFqstCnRiRK-400x225-noPad.jpg
assets.change.org/photos/8/sw/ff/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RveKTAWffIEXCFz-400x225-noPad.jpg
assets.change.org/photos/0/ek/ta/ |
23 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AEPTkLOsUSsJMgW-400x225-noPad.jpg
assets.change.org/photos/4/pt/kl/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZvctbLFLNWRTdXc-400x225-noPad.jpg
assets.change.org/photos/8/ct/bl/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XaoZqpEBhAUPuZD-400x225-noPad.jpg
assets.change.org/photos/5/oz/qp/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QbrXYhHdWDgKGmv-400x225-noPad.jpg
assets.change.org/photos/9/rx/yh/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mylaLTYqhScqWHI-400x225-noPad.jpg
assets.change.org/photos/0/la/lt/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IfysFyzwcIXXLRO-400x225-noPad.jpg
assets.change.org/photos/5/ys/fy/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 359 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| changeTargetingData object| dataLayer string| _pxAppId object| webpackJsonp function| FontFaceObserver object| google_tag_data function| ga object| gaplugins object| PXNsLC0Hv5 object| PX undefined| _NsLC0Hv5handler function| postscribe object| google_tag_manager function| _ object| optimizely function| setImmediate function| clearImmediate object| regeneratorRuntime object| airbrake object| __APOLLO_CLIENT__ object| recaptchaOptions function| trackEvent function| setOverrideVariation function| _sov function| hj object| _hjSettings function| twq object| uetq function| FuzzySet object| Backbone function| fbq function| _fbq object| gaGlobal object| gaData function| fbAsyncInit object| __consolidated_events_handlers__ function| UET object| twttr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled string| _pxParam1 object| FB object| gapi object| ___jsl object| gadgets object| osapi object| oauth221 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.com/ | Name: NID Value: 204=GFRQHrxV-z7VhT7uwCdXHmHW0nttqGDdnorgisrfrL5mqlUSxF1KMIFdBkh54kfsffhRmPxxmdSfOOuztxXISETl-goFfzxUEVjtV65hIrZfCN3Axg5MI4FdzlrU2KubrzQ6hvkW7c6EVtQLJLzuq9Kw9BuowsafXYT8Pnnuo0Y |
|
.change.org/ | Name: _uetvid Value: a9acd1b3331110a35f739169bba3536b |
|
.change.org/ | Name: _fbp Value: fb.1.1596780828966.557904844 |
|
.change.org/ | Name: _uetsid Value: 6ef9929d087499025a7ca96372ef88be |
|
.change.org/ | Name: _gat Value: 1 |
|
.change.org/ | Name: __cf_bm Value: 679a25fca688f5a0a8a57c036d6365267b714f4a-1596780827-1800-AS0r8CzHpNIprAyzupz2PVdB8dmGSNz9+ax+de/Uq2ym6xoLo4P5kKcDlkvwI+aXe+KttO+MqLva+ErKyKEDgBk= |
|
.change.org/ | Name: _pxvid Value: 27dcb6c5-d875-11ea-898d-0242ac120007 |
|
.change.org/ | Name: _gid Value: GA1.2.1167575872.1596780828 |
|
.change.org/ | Name: _gcl_au Value: 1.1.163681957.1596780828 |
|
.www.change.org/ | Name: G_ENABLED_IDPS Value: google |
|
.change.org/ | Name: __cfduid Value: d2ddf691e6b8e22e8eb5e3ae8edb692671596780826 |
|
.change.org/ | Name: optimizelyEndUserId Value: oeu1596780828009r0.6285442441954752 |
|
.change.org/ | Name: __cfruid Value: 025e647150b22bb355706a4ee64cd6130057ee5e-1596780827 |
|
www.change.org/ | Name: _change_session Value: 16ac888c24dec1773c0f2838992ac92d |
|
.change.org/ | Name: invite Value: %7B%22recruiter_id%22%3A1133287201%2C%22requested_at%22%3A%222020-08-07T06%3A13%3A47.151Z%22%7D |
|
.change.org/ | Name: _hjid Value: 7614e296-bdd5-4e59-9aa4-cb73a33db905 |
|
.change.org/ | Name: _ga Value: GA1.2.1343492471.1596780828 |
|
www.change.org/ | Name: tracking_data Value: %7B%22user_uuid%22%3A%2227584150-d875-11ea-929a-7b25ab2f358a%22%7D |
|
.change.org/ | Name: _px3 Value: 08f6079b4116c6b1fc347b9748126a226536d553d6da49fbe183c2041dcf8ac8:AcjKUF55bgU1Ee869o+Z6seBlngYecV65YlPChVXg42Mr/2ao1tVQaB8ZVbMBRf/ZYMS03KhW5ZLidJrzbGy9A==:1000:iyYdponOro/OYHnsz+oA3bB0AeZy+g0cNSmLVxD5Gnca5imqWlPsmCM790WMKYcKQ/cMILJ9v7g2RQr16HdkXLXn/84Gw45t60/hDB3vUFsIuXygfmS6juoyfamd24OJ7a7cq/DXLJtKVSMexumJ6O6luiPyQdvH/giEqvHR6kk= |
|
www.change.org/ | Name: _hjIncludedInCCSample Value: 1 |
|
www.change.org/ | Name: _change_lang Value: %7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22BE%22%7D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.recaptcha.net https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://*.ads-twitter.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://px-cdn.net https://*.px-cloud.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://p2a.co https://code.jquery.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://bat.bing.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://*.px-client.net https://*.px-cloud.net https://pxchk.net https://*.hotjar.com:* https://*.hotjar.io wss://*.hotjar.com https://api.stripe.com https://api.soundcloud.com https://api.airbrake.io https://api.zippopotam.us; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com https://*.hotjar.com https://*.hotjar.io; img-src * blob: data:; form-action 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a11391265293.cdn.optimizely.com
accounts.google.com
analytics.twitter.com
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.optimizely.com
cdn3.optimizely.com
chng.it
collector-pxnslc0hv5.px-cloud.net
connect.facebook.net
googleads.g.doubleclick.net
in.hotjar.com
logx.optimizely.com
script.hotjar.com
static.ads-twitter.com
static.change.org
static.hotjar.com
stats.g.doubleclick.net
t.co
vars.hotjar.com
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.17.88.51
104.17.89.51
104.244.42.131
104.244.42.5
147.75.102.203
147.75.33.229
147.75.84.91
151.101.112.157
172.217.18.2
2.17.191.240
23.37.32.235
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:808::200d
2a00:1450:4001:816::200e
2a00:1450:4001:81f::200e
2a00:1450:4001:821::2008
2a00:1450:4001:825::2002
2a00:1450:400c:c00::9c
2a02:26f0:6c00:183::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.203.160.25
35.186.220.184
52.213.50.60
52.218.224.202
0a0133cfb0058a048db8bde46f1efef457c5507f60fb543f6de1e4af2706775b
0b0abc92d5b255db2884928e626ee80408af79a81b0da921910a9effb04e77e7
0e095589d02cd69c31c90c72cc7c34bf24e0316afa3317df533403d5c4d07d54
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
154b5afb9b4f97afa8cdc70800498ddb72d87aae84431dc34aeea8ea2c3d4291
1760ccf576564233d85f4bc66cb45ad451cb9cb8825aa6e1f2498ca1d2deb158
1a2684adb4b431902ef03f7959757f5163ed2ddc548e216654fa7858b1f4fd9b
1c7e3299dbed5da717a0b662e7bd9b7ed8bddcd00fb8979ef72c2dfec5a15a9f
1f46c9cb4df42d29d60a0a973494a815a4bee5b75be6d452d1a7117a27653fb2
2dec6b6202a9cb024600df3ac4062afb19ba68e8d1e09eb39624092388970aee
2ea09b5db7a225cce705f521cf9cb6a2f597441d2b8efec723370d3192b3118d
32d0eea824964457f28515efe6ad6bc77d5b18a3a1658e387d0c8c7a205f8282
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e95ca22e21a9960f7628da500c296e1bf969af49f12e21947dd00f8f850b90e
531b2af63d091af330c21f779ed3b2cdf7bc00ec64b0e5f658980cc28a6b34f4
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
56c3349e6bedb28f120afd0a105ebeddc2e38a230a48e4fde1f2622e4f1d7188
5aa59976259ce2568a094d8d2605551354f43fe4b883c26a4de607b99abe8ba7
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
6b960a046b27829f267f70ebeec6e685e7e5c777318d66c05af452106d743bea
771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1
7cc6691a2d86abe26d768243a031511af82130dbc0c3d145d4694f6aef5d0c2d
833c5003151a1ce3ca2818dd2fcea97940210b77598cf4a04c6b98c38b2e66e7
8498cd8097c19c6136822e8ad256574232222c2976ff4777250a8f68e7036ee6
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
8f0e2beaf45b974494b1b103e1cf7f8025e8e85a860b2b328cbbd27a6e54c57a
92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43
93b25dedcc2bbd2c087d24bfed3ca9bcb135a97c224c861df039e6ce96de49bb
962490036f77d4e4f38644d81114ef17a8e5c39b2e2813ee4e6b93f8966b5b85
97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa
9799112f58227a060b689fa53c5e8fc095b27d3fbf88c8e2d3db5d4e40e5d204
a6137cb94ff5a94e0fa508b8de6fe60399a8659a1e62e899f61d05447186b20d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acdd0c300ec689abc9c0fa6fb70979b07cc01786a8a85ce83266dba24f48af0c
afbe2b3bc81e67b6583305c7128c6be2c1c4c2bcddb185495982d790e4c30922
b14701931e145ec735d777345c0ece29b81ffcd16d3faa1157e66b203422b42a
b16bec9ff8f02bc0bac8b477c2233626845aa1473c743ce3344249be3ad054c7
b7f50bd7195d1f45e8b63f8d6444dad5ad83d1f3510e0fb56c17617b480b232e
b8510c3342406d5d15db64549668e3ae2c388943277d81b86501a2658c287d25
bb3986c8db5ea2e24569f03a6c5af1f6d2b1bc4febc06364e8527885e4d0b4eb
c22e3ae36d68a0309acf73e12863c1952238ea3c6476aaef1be328cb590ff73e
c65010cc3bc933f2b78e90d5d2a2484c4467a92752b2aa79f4a6e0d35a924218
c904df109b5ddfc3dd57f60d6d23b0e063d8351c8c167b1fcb3af189b54fc3ff
cfdbdc02160ceaf7888e696c2d92b6439c22afe28f64ad4e7fc5c96204b634f0
d3b59a8175f8087132d14b3e2505234f51b260c438278d043d02a61c48a6ad11
dc3fe7790e2623087e9283752a2b58e75ad146ff358349b61a3e468cf8e0d01c
dd21f2f10f9632994cbf29e3ecbe4c8506cd69ce2242ca163583804e4c1f1b06
df0db1d69614350744dca68f170f4626117c0491db3bdb7c5936dd96df616a66
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4810ba276e4e5b51061ae2bf801517b3c122432b365d1ed98fc4718ce7474dc
fb93a4162e602a0de8d8681ecf622784cf6cf67b5afff82718e1260036e4d8fb
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ffb64a9c37e9d41e345f54ffa21640f4f60ff4d9689836f101f101c05c15e19f