www.change.org
Open in
urlscan Pro
104.17.88.51
Public Scan
Effective URL: https://www.change.org/p/mayor-of-yulin-mr-wei-tao-the-barbaric-yulin-dog-meat-festival-must-come-to-an-end-once-and-fo...
Submission: On June 18 via manual from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 31st 2018. Valid for: a year.
This is the only time www.change.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: click.mail.change.org
click.mail.change.org |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.change.org | |
assets-fe.change.org | |
static.change.org | |
assets.change.org |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
assets-fe.change.org | |
static.change.org |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com | |
apis.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net
www.googleadservices.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN15169 (GOOGLE - Google LLC, US)
maps.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
accounts.google.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
staticxx.facebook.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-226-220-225.compute-1.amazonaws.com
errors.client.optimizely.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
45 |
change.org
1 redirects
click.mail.change.org www.change.org assets-fe.change.org static.change.org assets.change.org |
2 MB |
7 |
google.com
1 redirects
www.google.com apis.google.com accounts.google.com |
54 KB |
5 |
facebook.com
www.facebook.com staticxx.facebook.com |
835 B |
5 |
facebook.net
connect.facebook.net |
138 KB |
4 |
googleapis.com
maps.googleapis.com |
111 KB |
3 |
optimizely.com
cdn.optimizely.com errors.client.optimizely.com |
115 KB |
2 |
google.de
www.google.de |
218 B |
2 |
doubleclick.net
1 redirects
stats.g.doubleclick.net googleads.g.doubleclick.net |
2 KB |
2 |
bing.com
bat.bing.com |
7 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
17 KB |
1 |
googleadservices.com
www.googleadservices.com |
9 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
29 KB |
1 |
gstatic.com
www.gstatic.com |
92 KB |
1 |
amazonaws.com
s3.amazonaws.com |
4 KB |
77 | 14 |
Domain | Requested by | |
---|---|---|
21 | assets.change.org |
www.change.org
|
15 | www.change.org |
www.change.org
assets-fe.change.org |
6 | static.change.org |
www.change.org
assets-fe.change.org |
5 | connect.facebook.net |
www.change.org
assets-fe.change.org connect.facebook.net |
4 | www.facebook.com |
assets-fe.change.org
www.change.org |
4 | maps.googleapis.com |
assets-fe.change.org
maps.googleapis.com |
4 | www.google.com |
1 redirects
www.change.org
www.gstatic.com |
2 | errors.client.optimizely.com |
assets-fe.change.org
|
2 | www.google.de |
www.change.org
|
2 | apis.google.com |
assets-fe.change.org
apis.google.com |
2 | bat.bing.com |
www.change.org
|
2 | www.google-analytics.com |
1 redirects
www.change.org
|
2 | assets-fe.change.org |
www.change.org
|
1 | staticxx.facebook.com |
connect.facebook.net
|
1 | accounts.google.com |
apis.google.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.change.org
|
1 | www.gstatic.com |
www.google.com
|
1 | s3.amazonaws.com |
www.change.org
|
1 | cdn.optimizely.com |
www.change.org
|
1 | click.mail.change.org | 1 redirects |
77 | 23 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.change.org |
guide.change.org |
twitter.com |
www.facebook.com |
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
change.org CloudFlare Inc ECC CA-2 |
2018-08-31 - 2019-08-31 |
a year | crt.sh |
cdn.optimizely.com DigiCert ECC Secure Server CA |
2018-11-24 - 2020-02-23 |
a year | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
www.google.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2018-12-03 - 2019-10-25 |
a year | crt.sh |
*.google.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
www.googleadservices.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
www.bing.com Microsoft IT TLS CA 5 |
2017-07-20 - 2019-07-10 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-06-06 - 2019-09-04 |
3 months | crt.sh |
*.apis.google.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
www.google.de Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
accounts.google.com Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA |
2018-09-24 - 2020-09-28 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.change.org/p/mayor-of-yulin-mr-wei-tao-the-barbaric-yulin-dog-meat-festival-must-come-to-an-end-once-and-for-all?j=543618&sfmc_sub=781809243&l=32_HTML&u=67253873&mid=7233053&jb=4308&utm_medium=email&utm_source=aa_sign_human&utm_campaign=543618&utm_content=&sfmc_tk=VYoKt0AfcQp3jXwwi8RJj10wsvjzXCijNBUxAPpLoaDwH%2ftjgoNICo7iB2pCSI5J&j=543618&sfmc_sub=781809243&l=32_HTML&u=67253873&mid=7233053&jb=4308
Frame ID: 85C02DD8DEBB331B859D395E65B88643
Requests: 75 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftsXMUAAAAALlWG1yUWFRGkwxc7P-ZFroKILkc&co=aHR0cHM6Ly93d3cuY2hhbmdlLm9yZzo0NDM.&hl=en&v=v1559543665173&size=invisible&cb=w3cr0mc151it
Frame ID: 9848E4D28E9740125D7BCD574FF95578
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: 6320BF59E8C9292EB3061677BBD1D85E
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: A55F73B8F231F72E7D38CA3C6478803E
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://click.mail.change.org/?qs=5dc7fcb33cddc70a3baccbef72a5da8d6a055411088ffd7ba9e2c4a9579bc58796957861...
HTTP 302
https://www.change.org/p/mayor-of-yulin-mr-wei-tao-the-barbaric-yulin-dog-meat-festival-must-come-t... Page URL
Detected technologies
React (JavaScript Frameworks) ExpandDetected patterns
- script /react.*\.js/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Optimizely (Analytics) Expand
Detected patterns
- script /optimizely\.com.*\.js/i
reCAPTCHA (Captchas) Expand
Detected patterns
- script /\/recaptcha\/api\.js/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Help
Search URL Search Domain Scan URL
Title: Guides
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.mail.change.org/?qs=5dc7fcb33cddc70a3baccbef72a5da8d6a055411088ffd7ba9e2c4a9579bc58796957861ed3a5b3a7d11d9a89acfd761eebe37c42be611026d6f3c89a4192f4a
HTTP 302
https://www.change.org/p/mayor-of-yulin-mr-wei-tao-the-barbaric-yulin-dog-meat-festival-must-come-to-an-end-once-and-for-all?j=543618&sfmc_sub=781809243&l=32_HTML&u=67253873&mid=7233053&jb=4308&utm_medium=email&utm_source=aa_sign_human&utm_campaign=543618&utm_content=&sfmc_tk=VYoKt0AfcQp3jXwwi8RJj10wsvjzXCijNBUxAPpLoaDwH%2ftjgoNICo7iB2pCSI5J&j=543618&sfmc_sub=781809243&l=32_HTML&u=67253873&mid=7233053&jb=4308 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 31- https://www.google-analytics.com/r/collect?v=1&_v=j76&aip=1&a=1492836057&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2Fp%2Fmayor-of-yulin-mr-wei-tao-the-barbaric-yulin-dog-meat-festival-must-come-to-an-end-once-and-for-all%3Fj%3D543618%26sfmc_sub%3D781809243%26l%3D32_HTML%26u%3D67253873%26mid%3D7233053%26jb%3D4308%26utm_medium%3Demail%26utm_source%3Daa_sign_human%26utm_campaign%3D543618%26utm_content%3D%26sfmc_tk%3DVYoKt0AfcQp3jXwwi8RJj10wsvjzXCijNBUxAPpLoaDwH%252ftjgoNICo7iB2pCSI5J%26j%3D543618%26sfmc_sub%3D781809243%26l%3D32_HTML%26u%3D67253873%26mid%3D7233053%26jb%3D4308&dp=%2Fp%2Fmayor-of-yulin-mr-wei-tao-the-barbaric-yulin-dog-meat-festival-must-come-to-an-end-once-and-for-all%3Fj%3D543618%26sfmc_sub%3D781809243%26l%3D32_HTML%26u%3D67253873%26mid%3D7233053%26jb%3D4308%26utm_medium%3Demail%26utm_source%3Daa_sign_human%26utm_campaign%3D543618%26utm_content%3D%26sfmc_tk%3DVYoKt0AfcQp3jXwwi8RJj10wsvjzXCijNBUxAPpLoaDwH%252ftjgoNICo7iB2pCSI5J%26j%3D543618%26sfmc_sub%3D781809243%26l%3D32_HTML%26u%3D67253873%26mid%3D7233053%26jb%3D4308&ul=en-us&de=UTF-8&dt=Petition%20%C2%B7%20Mayor%20of%20Yulin%2C%20Mr.%20Wei%20Tao%3A%20The%20Barbaric%20Yulin%20Dog%20Meat%20Festival%20Must%20Come%20to%20an%20End%20Once%20and%20For%20All%20%C2%B7%20Change.org&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAEABE~&jid=1429528528&gjid=977175151&cid=1610392056.1560879161&tid=UA-5889778-1&_gid=1805822165.1560879161&_r=1&z=865848142 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=1610392056.1560879161&jid=1429528528&_gid=1805822165.1560879161&gjid=977175151&_v=j76&z=865848142 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1610392056.1560879161&jid=1429528528&_v=j76&z=865848142 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=1610392056.1560879161&jid=1429528528&_v=j76&z=865848142&slf_rd=1&random=4196538772
77 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
mayor-of-yulin-mr-wei-tao-the-barbaric-yulin-dog-meat-festival-must-come-to-an-end-once-and-for-all
www.change.org/p/ Redirect Chain
|
181 KB 50 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11391265293.js
cdn.optimizely.com/js/ |
486 KB 115 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendr-JaaCnc-_3M-c4Pzo39azbyfZnvP206jEVjPW4lkZpLk.css.gz
assets-fe.change.org/rendr-fe/css/ |
168 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
changeAssets-b1e69a1e17dfb9b8f8f1.js.gz
assets-fe.change.org/react-fe/ |
4 MB 1017 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6e42d3fef78c0c21be40f0956f947854_0a8085918b4d3a9af96f86531aaee31b1ff8d536.js
www.change.org/api-proxy/-/locale_data/rendr-fe/en-US/ |
704 KB 174 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
796 B 578 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 922 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Icon_google.png
s3.amazonaws.com/change-assets/iconography/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WjkvzLPgpflYuMv-800x450-noPad.jpg
assets.change.org/photos/3/kv/zl/ |
63 KB 63 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-org-profile.svg
static.change.org/profile-img/ |
8 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1559543665173/ |
263 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
93 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 9848 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
53 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Regular.woff2
static.change.org/fonts/ |
30 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Bold.woff2
static.change.org/fonts/ |
31 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
43 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
106 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
HEAD H2 |
activity
www.change.org/api-proxy/-/users/953852599/subscriptions/ |
0 361 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meta_data
www.change.org/api-proxy/-/petitions/15789944/ |
702 B 422 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responses
www.change.org/api-proxy/-/petitions/15789944/ |
12 B 172 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recent
www.change.org/api-proxy/-/petitions/15789944/updates/ |
366 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
comments
www.change.org/api-proxy/-/ |
53 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
5 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US
www.change.org/api-proxy/-/petitions/promoted/ |
152 KB 29 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 308 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 115 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1081902691834097
connect.facebook.net/signals/config/ |
228 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0mZLQwKb4f0.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCO5FZCvAxMaMpwGVdzixH-rkKn6aA/ |
106 KB 36 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 116 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
197 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/991363857/ |
42 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/991363857/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inferredEvents.js
connect.facebook.net/signals/plugins/ |
1 KB 899 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame 6320 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
likes
www.change.org/api-proxy/-/ |
12 B 231 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fKuOwhSlMPyCWaS-400x400-noPad.jpg
assets.change.org/photos/7/uo/wh/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uiSglhvFJsPJprs-400x400-noPad.jpg
assets.change.org/photos/2/sg/lh/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
store
www.change.org/api-proxy/-/longlinks/ |
70 B 331 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
store
www.change.org/api-proxy/-/longlinks/ |
70 B 275 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 346 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xd_arbiter.php
staticxx.facebook.com/connect/ Frame A55F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 245 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chk_captcha_v3
www.change.org/cdn-cgi/l/ |
0 245 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
log
errors.client.optimizely.com/ |
13 B 406 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TMGUXPpgEDaqmMi-400x225-noPad.jpg
assets.change.org/photos/1/gu/xp/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twYewcFkamilSsk-400x225-noPad.jpg
assets.change.org/photos/5/ye/wc/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MkMvatUeYoXPEIW-400x225-noPad.jpg
assets.change.org/photos/4/mv/at/ |
32 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lVKZTiFvxuQfWBV-400x225-noPad.jpg
assets.change.org/photos/4/kz/ti/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YvwglcYCeERxAzZ-400x225-noPad.jpg
assets.change.org/photos/7/wg/lc/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NhPuheCxcVvSPlo-400x225-noPad.jpg
assets.change.org/photos/2/pu/he/ |
25 KB 25 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zfokreaSRspgqnH-400x225-noPad.jpg
assets.change.org/photos/4/ok/re/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WgwWWoojnEwrDLr-400x225-noPad.jpg
assets.change.org/photos/0/ww/wo/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gBgdxIbcthtBbch-400x225-noPad.jpg
assets.change.org/photos/9/gd/xi/ |
43 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PmGSeusszbLQAKn-400x225-noPad.jpg
assets.change.org/photos/9/gs/eu/ |
22 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pqmAoBwcuozBqSz-400x225-noPad.jpg
assets.change.org/photos/5/ma/ob/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xiKeMKrtQojySGS-400x225-noPad.jpg
assets.change.org/photos/5/ke/mk/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HJfyphLqkvguYRC-400x225-noPad.jpg
assets.change.org/photos/6/fy/ph/ |
16 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DfXJVxyBeDgmxCH-400x225-noPad.jpg
assets.change.org/photos/0/xj/vx/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YEHytPWacezoVWl-400x225-noPad.jpg
assets.change.org/photos/8/hy/tp/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
log
errors.client.optimizely.com/ |
0 240 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 145 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 949 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qyDEKfNCAoOjxVo-48x48-noPad.jpg
assets.change.org/photos/4/de/kf/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/36/12/ |
71 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/36/12/ |
135 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 139 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wYynCapQcZZKXWC-48x48-noPad.jpg
assets.change.org/photos/8/yn/ca/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PWcTQIRGUjHWdev-48x48-noPad.jpg
assets.change.org/photos/7/ct/qi/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
61 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| changeTargetingData object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| dataLayer object| google_tag_data function| ga object| gaplugins function| postscribe object| google_tag_manager object| recaptcha undefined| _ function| setImmediate function| clearImmediate object| Backbone object| core object| __core-js_shared__ object| global object| System function| asap function| Observable object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| Stickyfill object| uetq function| removePreBundleEvents object| closure_lm_235676 function| fbq function| _fbq object| TwitterCldr function| FontFaceObserver object| gaGlobal function| fbAsyncInit object| __APOLLO_CLIENT__ function| __loadGooglePlaces object| optimizely object| airbrake object| TwitterCldrDataBundle object| gaData function| FuzzySet object| scCGSHMRCache object| App function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gapi object| ___jsl object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| UET object| FB object| _listeningTo string| _listenId object| osapi object| _xdc_15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.facebook.com/ | Name: fr Value: 03cHCoVAMsWsr4LTa..BdCSA5...1.0.BdCSA5. |
|
.change.org/ | Name: _fbp Value: fb.1.1560879161607.48039163 |
|
.change.org/ | Name: __cfduid Value: db24dbd312f9de186b7cb4e156ec6d6af1560879159 |
|
.www.change.org/ | Name: G_ENABLED_IDPS Value: google |
|
.change.org/ | Name: _gat Value: 1 |
|
.change.org/ | Name: __cf_bm Value: d0e11bf56dba3f324a20d2a6570b89e9f6fbcbff-1560879161-1800-AXIwzwIZLs2sRXcsKa7rZBdOscdlIBZ1VISAxGZdWQnpwU/+YxVrvjnkzvbPKH1Tw9nC0Gk01wvsA9PA8HjPLZjg13lCmfFqaRbbgGW9mXz0muzCmXQdJGN+e3EMA1wc0A== |
|
.change.org/ | Name: _gid Value: GA1.2.1805822165.1560879161 |
|
.change.org/ | Name: _gcl_au Value: 1.1.886286348.1560879160 |
|
www.change.org/ | Name: tracking_data Value: %7B%22user_uuid%22%3A%2242ed4d20-649a-11e9-8a39-8d75b7036a64%22%7D |
|
.change.org/ | Name: __cfruid Value: 6c116f05196061de4793a1490798993a2dca15b4-1560879159 |
|
www.change.org/ | Name: _change_id Value: b50029fe6ccbbc23f096fee9a44a579bbc41c7e1.953852599.1560879159420 |
|
.google.com/ | Name: NID Value: 185=VdHcW1JR5HbHOdtnQiZQavZWVRbCP0ICTv3m1Bil955dzt4pKDDvEacvbDl_8XxNL8bcj6IeiHR-4N7IaBbi_dVn-J3JntF8L3vxpIRjwDUtCh6IKQGpQf0M0cyG-yf2UaI-pY-BNFn9GpQx7--SJ1ONtJ3NJSQnxEvPuaEJMAE |
|
.change.org/ | Name: _ga Value: GA1.2.1610392056.1560879161 |
|
www.change.org/ | Name: _change_lang Value: %7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22US%22%7D |
|
www.change.org/ | Name: _change_session Value: 4626bb74866a148c24a7d4dd9bdb75b0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://*.pubnub.com https://bat.bing.com https://*.briteverify.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://api.stripe.com https://*.pubnub.com https://*.briteverify.com https://api.soundcloud.com https://api.airbrake.io; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
apis.google.com
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.optimizely.com
click.mail.change.org
connect.facebook.net
errors.client.optimizely.com
googleads.g.doubleclick.net
maps.googleapis.com
s3.amazonaws.com
static.change.org
staticxx.facebook.com
stats.g.doubleclick.net
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.17.88.51
104.17.89.51
13.111.45.51
216.58.206.2
2620:1ec:c11::200
2a00:1450:4001:808::2008
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200d
2a00:1450:4001:818::2002
2a00:1450:4001:81e::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:821::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c08::9c
2a02:26f0:6c00:183::13b8
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
54.226.220.225
54.231.80.243
0c200f48ea9e8d6415722f2d770b4629a1c40306387c516e74b9e72ddbfcac15
0dd1e4ed331940e3b0b55c056c9219b55f3e0f18de922c09fd3702c10ad83c38
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11a9c39433ee4a76f9960c5d30e1fb57c7393ac50bf7e252ad1480f106a472ff
134d9689dd766fbea01b7b16563704e655883a93b76f55a6acf999f67510f8b5
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
1ad69dea92d710948bd0d9c7b90f4e2afc78747ac7be94a6290593090a269386
1f36f9ee974fa75962032e3e8299f8c50d2939e44c186e168addabdfea6723fd
25a6829dcfbfdccf9ce0fce8dfd6b36f27d99ef3f6d3a8c45633d6e25919a4b9
261b5ffd53ad5f42d5961bbf42ad4dc64df38de1690c0c6be6f7abff4f338d36
2c94916d0d203cd96de3ac03a900858218d6822b6a266feafc788ba6f919f352
2ed6be3dfadefa6c5bf2f9f4a7747e3c68776e6fd65c99cc3c0bca82edc90949
2f22aaf2e8367b02152b442ef28df7084601e0ded40c7d8f7b6f24be66b326fb
392674f321ef63bb29a1003d83fa65cd61eccf91a5c18bb2b2053f1c21c0f3b4
43bdfba1f55fc580edb685f2e026b536fee6b64f52541ee435371c915073325d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4515757ca460438979a49c88e34a5636635fbf1cacdbd8d5636c691f45653cc3
482e6fb56ec9c4bf6de4267c406b38eced51b07b9747c0622a2800c8aa0f5463
4c1cd7f472e4a62c9877855a57765f053effcafee618cf9940bb60665b6c7933
503b2c8274a3fd8de4567d9031ced8bd745b043fefd805a9b51804d274793ccf
52b29b53b3381aa124691fe0ee1f8daa7ee094883143f4007fce8e838db95163
54cd44f6cee6b47a232898f292deff2eeb54e2a858107893dd43ffd9de9e896e
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
62911988d0ff003eebfbf545d9f04643fb39a765b44d30cd99bb5a8201cd73b1
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
6884471c4ea37959804b7023bf5402e187cda75daef1d71558b67dbd46d17d84
6b29b3cab63c4d3c00eb70fbca41e536f0872beef618b44bf1108ddb7bb1076e
6c60604d0836b4f26c3133aaba4bfec57cc6c505355e7030c186059c36231773
6d61995bbfdaf1447e15c8919caaad7eb795740e5a513c38b11cab2ec779ff80
6e0bcfb5542c272b51cd717b8d717f65943a54373da215bca74f3d72fba2de28
6ea50b75230e7bb41609fa2748308291166428d9e47b326537156427187587dc
771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1
793218afc331837ccb8376c7859362b13c979e42bc4d8768e89a43ada3dbb406
834c4955cef1355091e06d728ac1be96f04d15731b1b2ef0b2f59f210973062d
87272f629795eb8644d8bb7e0ad3f1627e9024eedc231f64d903ff91211be4c5
8b2b7d03198215716c233bafb94c5d242a32d6570ebb4ef07e9d2e2aad818eea
8c5921bea0e2a45a97e97289ff75e4d8addfdbebc1591f6cef3a445327053cde
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
906421e04de13c629aa250c9d73ce5012a410d098f1a18a9c0e258da4f988d26
97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa
98cbc30e2098a3cff65cf596cd41696c3dba16c109d14aea9fcf0431701e77d6
a50f8bac12b96b9c119fa0f79d6d933de9e1aae988b42bb91f0c20b897fc8531
a794713d600a09fce654736e1cc5dc6871df2937f7c4d146f23017c91c5b029e
c5a4630bee786a1195437b281501a58cc9e00242e108ed4326aede5d579a6acc
cb87efff0a88ed44c9e7becc76e69e695c70002921f9e689c4c1734357f49927
cc6fb48e90fd9e7c4abbea1ee61f7befcfacc9129d1ad038b1bb9a5641c70be6
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cd4313c2e685bb5c7e357b11729784bc3afab592fb47de11ecdbe3ef74051606
cd94869bcc588dbcee78b336120ff0d4e78b99b28fc82c7488acf2dfa8b1c4e3
d6525c541685f1725c5942f3c4864884f2ad9a4d3709a773777a7f395ecaf3f4
d7eb0a91afe344971f7064ea1e0f21e8a3aefea199bfa21d9f7058ebfa46eb85
e2dd2d169621d2b013202c6d4a3e2ca22b1353aba8c46b9d104a298c4ff18c22
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ecfa7bb2a87b5796fceb432fbd2e1dfcb6ae3a587188575a3c3dea8eb01f3c
e8e5fe8177578150e8faf71219cfe439c2391501f077c8015ec03d694c9ea3ae
ea4a95c81cf223f1d01d7e2679403d4cd9adf9c1e944f26c65bb947eeaec1414
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
eef46741adfc3a9f76294d3b78f37a45f113092ac9d44ee77c7a038a88ff09a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef310d1d64072c4421ff47fae340b8abc6bb7aceae56b36fca187a4ec3ebada0
f12ff55e63fc09abfd3ef4ec1ded12cbd069f0cb94ee3bb365fd043f74893c75
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
f4504cd65786ee824a8220b4a770378db1c25d36eae09bfc4bf92af80e61a0d1