www.change.org
Open in
urlscan Pro
104.17.88.51
Public Scan
Effective URL: https://www.change.org/p/hbo-remake-game-of-thrones-season-8-with-competent-writers?recruiter=72275872&utm_source=share...
Submission: On May 19 via manual from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 31st 2018. Valid for: a year.
This is the only time www.change.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2620:101:2005... 2620:101:2005:11f0::1001 | 16417 (IRONPORT-...) (IRONPORT-SYSTEMS-INC - Cisco Systems Ironport Division) | |
1 1 | 52.218.204.147 52.218.204.147 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
35 | 104.17.88.51 104.17.88.51 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
7 | 104.17.89.51 104.17.89.51 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:817::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00:181::13b8 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 4 | 2a00:1450:400... 2a00:1450:4001:820::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81e::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81a::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 172.217.22.2 172.217.22.2 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
7 | 2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c0b::9b | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 3 | 2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 3.94.69.243 3.94.69.243 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
66 | 15 |
ASN16417 (IRONPORT-SYSTEMS-INC - Cisco Systems Ironport Division, US)
secure-web.cisco.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.change.org | |
assets-fe.change.org | |
assets.change.org | |
static.change.org |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
static.change.org | |
assets-fe.change.org |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net
www.googleadservices.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net | |
staticxx.facebook.com |
ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-94-69-243.compute-1.amazonaws.com
errors.client.optimizely.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
42 |
change.org
www.change.org static.change.org assets-fe.change.org assets.change.org |
2 MB |
5 |
facebook.com
1 redirects
staticxx.facebook.com www.facebook.com |
1 KB |
5 |
facebook.net
connect.facebook.net |
133 KB |
4 |
google.com
1 redirects
www.google.com |
887 B |
3 |
optimizely.com
cdn.optimizely.com errors.client.optimizely.com |
114 KB |
2 |
google.de
www.google.de |
485 B |
2 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net stats.g.doubleclick.net |
2 KB |
2 |
bing.com
bat.bing.com |
7 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
googleadservices.com
www.googleadservices.com |
9 KB |
1 |
gstatic.com
www.gstatic.com |
92 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
28 KB |
1 |
chng.it
1 redirects
chng.it |
474 B |
1 |
cisco.com
1 redirects
secure-web.cisco.com |
269 B |
66 | 14 |
Domain | Requested by | |
---|---|---|
17 | assets.change.org |
www.change.org
assets-fe.change.org |
13 | www.change.org |
assets-fe.change.org
|
6 | assets-fe.change.org |
www.change.org
assets-fe.change.org |
6 | static.change.org |
www.change.org
assets-fe.change.org |
5 | connect.facebook.net |
www.change.org
assets-fe.change.org connect.facebook.net |
4 | www.google.com |
1 redirects
www.change.org
www.gstatic.com |
3 | www.facebook.com |
1 redirects
www.change.org
|
2 | errors.client.optimizely.com |
assets-fe.change.org
|
2 | staticxx.facebook.com |
connect.facebook.net
|
2 | www.google.de |
www.change.org
|
2 | bat.bing.com |
www.change.org
|
2 | www.google-analytics.com |
1 redirects
www.change.org
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.gstatic.com |
www.google.com
|
1 | www.googletagmanager.com |
www.change.org
|
1 | cdn.optimizely.com |
www.change.org
|
1 | chng.it | 1 redirects |
1 | secure-web.cisco.com | 1 redirects |
66 | 20 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.change.org |
guide.change.org |
twitter.com |
www.facebook.com |
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
change.org CloudFlare Inc ECC CA-2 |
2018-08-31 - 2019-08-31 |
a year | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-04-30 - 2019-07-23 |
3 months | crt.sh |
cdn.optimizely.com DigiCert ECC Secure Server CA |
2018-11-24 - 2020-02-23 |
a year | crt.sh |
www.google.com Google Internet Authority G3 |
2019-04-30 - 2019-07-23 |
3 months | crt.sh |
*.google.com Google Internet Authority G3 |
2019-04-30 - 2019-07-23 |
3 months | crt.sh |
www.googleadservices.com Google Internet Authority G3 |
2019-04-30 - 2019-07-23 |
3 months | crt.sh |
www.bing.com Microsoft IT TLS CA 5 |
2017-07-20 - 2019-07-10 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-04-22 - 2019-07-21 |
3 months | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2019-04-30 - 2019-07-23 |
3 months | crt.sh |
www.google.de Google Internet Authority G3 |
2019-04-30 - 2019-07-23 |
3 months | crt.sh |
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA |
2018-09-24 - 2020-09-28 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.change.org/p/hbo-remake-game-of-thrones-season-8-with-competent-writers?recruiter=72275872&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&recruited_by_id=7229c910-5ea6-11e3-a6ce-fbedce8246f6
Frame ID: 29ACF63566384F963E533D5E359C478A
Requests: 64 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftsXMUAAAAALlWG1yUWFRGkwxc7P-ZFroKILkc&co=aHR0cHM6Ly93d3cuY2hhbmdlLm9yZzo0NDM.&hl=en&v=v1557729121476&size=invisible&cb=i0pww5otfg62
Frame ID: 7AEC229AA553A8281D685C9544DB3011
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: CFED7BAF17F7E01E65F356B026019164
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 2AFBC86CD016942758C1FBEBB5D9C9DD
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://secure-web.cisco.com/1t-59h-OgTPhF4mFMEWoy_-jdAGqkC913EcnhLzGhUaSuxi8PAX8GlQpgAbGN3ZelTq40_m6k6yf...
HTTP 302
http://chng.it/gv9M5HfcWy HTTP 301
https://www.change.org/p/hbo-remake-game-of-thrones-season-8-with-competent-writers?recruiter=72275... Page URL
Detected technologies
React (JavaScript Frameworks) ExpandDetected patterns
- html /<[^>]+data-react/i
- script /react.*\.js/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /cloudflare/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
Optimizely (Analytics) Expand
Detected patterns
- script /optimizely\.com.*\.js/i
- env /^optimizely$/i
reCAPTCHA (Captchas) Expand
Detected patterns
- env /^Recaptcha$/i
webpack (Miscellaneous) Expand
Detected patterns
- env /^webpackJsonp$/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Help
Search URL Search Domain Scan URL
Title: Guides
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://secure-web.cisco.com/1t-59h-OgTPhF4mFMEWoy_-jdAGqkC913EcnhLzGhUaSuxi8PAX8GlQpgAbGN3ZelTq40_m6k6yfIGxwXfHyxazKNehOYUKRiMLQjd_pVmvKe8pLwY4q_JN8R9ycGwCwV1ewTgJMup4n3I7taY6VbC2S00FQnqoezrgpHNVgabbnGG27j10GowcdHuIG4eY_n5smtuQHVIS8zOvregdOOGYI6E1b0ZJkfozt6wJ66vEj-9pQ4egArFRWxOiO3UtZAfUKcUjZ1VR0UPLTzRSMQZQWmemqiEVpBRLf76W4QKJmKmzWpjowaJszMdoryXa52TRRaU1BrkV5_W9iDAYft_KLeQftp5ELxMHIjlyvSoFykp6X4oy-naiM9_sEKzcgEJ-tj-XpM7Sj1wxXA6pc5cIxVfDbI_Qq6CLd869QxAalRrtQ9vMUdnm0rQeq3B8JMmmlZlLxaqkgc-H8bJGOBmR5ohPGdK8XMm_Tie8msJmh2b5vA2exsq4J8-a4H9Caa6H-NnLZc1z_DYFghfic-6A/http%3A%2F%2Fchng.it%2Fgv9M5HfcWy
HTTP 302
http://chng.it/gv9M5HfcWy HTTP 301
https://www.change.org/p/hbo-remake-game-of-thrones-season-8-with-competent-writers?recruiter=72275872&utm_source=share_petition&utm_medium=abi_gmail&utm_campaign=address_book&recruited_by_id=7229c910-5ea6-11e3-a6ce-fbedce8246f6 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 30- https://www.google-analytics.com/r/collect?v=1&_v=j75&aip=1&a=1353062597&t=pageview&_s=1&dl=https%3A%2F%2Fwww.change.org%2Fp%2Fhbo-remake-game-of-thrones-season-8-with-competent-writers%3Frecruiter%3D72275872%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26recruited_by_id%3D7229c910-5ea6-11e3-a6ce-fbedce8246f6&dp=%2Fp%2Fhbo-remake-game-of-thrones-season-8-with-competent-writers%3Frecruiter%3D72275872%26utm_source%3Dshare_petition%26utm_medium%3Dabi_gmail%26utm_campaign%3Daddress_book%26recruited_by_id%3D7229c910-5ea6-11e3-a6ce-fbedce8246f6&ul=en-us&de=UTF-8&dt=Petition%20%C2%B7%20Remake%20Game%20of%20Thrones%20Season%208%20with%20competent%20writers.%20%C2%B7%20Change.org&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAEABE~&jid=828490114&gjid=1832045849&cid=470839087.1558267149&tid=UA-5889778-1&_gid=776516681.1558267149&_r=1&z=1438119935 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5889778-1&cid=470839087.1558267149&jid=828490114&_gid=776516681.1558267149&gjid=1832045849&_v=j75&z=1438119935 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=470839087.1558267149&jid=828490114&_v=j75&z=1438119935 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5889778-1&cid=470839087.1558267149&jid=828490114&_v=j75&z=1438119935&slf_rd=1&random=3009545545
- https://www.facebook.com/connect/ping?client_id=48409868550&domain=www.change.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df29c9bc09ce3e5%26domain%3Dwww.change.org%26origin%3Dhttps%253A%252F%252Fwww.change.org%252Ff19ea3f7179bf8%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
- https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
66 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
hbo-remake-game-of-thrones-season-8-with-competent-writers
www.change.org/p/ Redirect Chain
|
102 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Regular.woff2
static.change.org/fonts/ |
30 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Change-Calibre-Bold.woff2
static.change.org/fonts/ |
31 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendr-d8qTsKufpK_4IzikT4obM_9wqr0i1SbU7F-NaR_h7qA.css.gz
assets-fe.change.org/rendr-fe/css/ |
168 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11391265293.js
cdn.optimizely.com/js/ |
475 KB 113 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
796 B 576 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QxBarHFxRVkPmZn-800x450-noPad.jpg
assets.change.org/photos/1/ba/rh/ |
116 KB 116 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 921 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MxbcfCcEEPALUKa-128x128-noPad.jpg
assets.change.org/photos/7/bc/fc/ |
17 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontFaceObserver-82c57385d0627fc7182e.js.gz
assets-fe.change.org/react-fe/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
92 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
petitionsEntry-ebfbaf0f437ff6e0daf6.js.gz
assets-fe.change.org/react-fe/ |
1 MB 334 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1557729121476/ |
264 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1d5206402ca2c984ae962ddbe9d026bc_7d530955b1bcfbaab6a5426436edc02f40990c3b
www.change.org/api-proxy/-/translations/en-US/ |
416 KB 111 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 7AEC |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
53 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991363857/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 148 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
81 B 231 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
86 B 443 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 145 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
5 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
updatesAndCommentsChunk-f8f5d88f9e948bea33e0.js
assets-fe.change.org/react-fe/ |
26 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
changeAssets-a0c146fb795048b914ae.js.gz
assets-fe.change.org/react-fe/ |
4 MB 1005 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 114 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suggestedPetitionsChunk-9352b091fa811408b226.js
assets-fe.change.org/react-fe/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 114 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event_tracker
www.change.org/api-proxy/-/ |
2 B 114 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1081902691834097
connect.facebook.net/signals/config/ |
207 KB 55 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/991363857/ |
42 B 120 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/991363857/ |
42 B 376 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
195 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
6 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
938 B 668 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
www.change.org/api-proxy/ |
55 KB 13 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inferredEvents.js
connect.facebook.net/signals/plugins/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame CFED |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 324 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RzhkqWpXiLlhORI-48x48-noPad.jpg
assets.change.org/photos/4/hk/qw/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mmyuvnuqsvBqOPA-800x450-noPad.jpg
assets.change.org/photos/8/yu/vn/ |
178 KB 178 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MxbcfCcEEPALUKa-48x48-noPad.jpg
assets.change.org/photos/7/bc/fc/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chk_captcha_v3
www.change.org/cdn-cgi/l/ |
0 317 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
log
errors.client.optimizely.com/ |
13 B 406 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 2AFB Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WTdZcUwgibiBEAT-400x225-noPad.jpg
assets.change.org/photos/1/dz/cu/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wabTCsNYecaeUtF-400x225-noPad.jpg
assets.change.org/photos/6/bt/cs/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CwqTyYUpeHvCoGv-400x225-noPad.jpg
assets.change.org/photos/6/qt/yy/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CEFsutTzwzeQqEy-400x225-noPad.jpg
assets.change.org/photos/6/fs/ut/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SYkbBkHNuNCVvfU-400x225-noPad.jpg
assets.change.org/photos/2/kb/bk/ |
52 KB 52 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nmCUoPkQslMkjse-400x225-noPad.jpg
assets.change.org/photos/9/cu/op/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qbgDRBfTgYvQims-400x225-noPad.jpg
assets.change.org/photos/1/gd/rb/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
McJQydeWDEbPXOk-400x225-noPad.jpg
assets.change.org/photos/6/jq/yd/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lFiPCWsnhetdMCf-400x225-noPad.jpg
assets.change.org/photos/8/ip/cw/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UJiVJUyIzbgliJh-400x225-noPad.jpg
assets.change.org/photos/9/iv/ju/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
htNUiopBDegBkns-400x225-noPad.jpg
assets.change.org/photos/0/nu/io/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PUnKQMHYLRuAuky-400x225-noPad.jpg
assets.change.org/photos/5/nk/qm/ |
13 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
log
errors.client.optimizely.com/ |
0 240 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 145 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 948 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 823 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-user-profile.svg
static.change.org/profile-img/ |
1 KB 823 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| changeTargetingData object| dataLayer object| google_tag_data function| ga object| gaplugins object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| FontFaceObserver function| postscribe object| google_tag_manager object| uetq object| recaptcha undefined| _ object| webpackJsonp object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime object| scCGSHMRCache object| airbrake object| __APOLLO_CLIENT__ object| recaptchaOptions object| optimizely function| setOverrideVariation function| FuzzySet object| closure_lm_273967 function| fbq function| _fbq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET object| gaGlobal object| gaData function| fbAsyncInit object| __consolidated_events_handlers__ object| FB14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.facebook.com/ | Name: fr Value: 0Wp6Rvh9gpL85yn8Z..Bc4UUN...1.0.Bc4UUN. |
|
.change.org/ | Name: _fbp Value: fb.1.1558267149002.1959912757 |
|
.change.org/ | Name: _gat Value: 1 |
|
.change.org/ | Name: __cf_bm Value: 271bb6dcf06a4e4d1344e56c95deb291c9657af7-1558267149-1800-Afj18M2E+UdfKjE6n9mFms0LlOtvMctSvgoBtRIbzB7TCzwc8GSbLWzrv+hw3sMC45rP0UXx0Kg9HC/y3hQwRiPNgF1C+HTPi+ftEhoBoPwdTYd3x1igqGeYXrpgjFwT1A== |
|
.change.org/ | Name: _gid Value: GA1.2.776516681.1558267149 |
|
.change.org/ | Name: _gcl_au Value: 1.1.594299510.1558267148 |
|
www.change.org/ | Name: tracking_data Value: %7B%22user_uuid%22%3A%22819d56c0-7a2d-11e9-bf53-c77794726b43%22%7D |
|
.change.org/ | Name: __cfruid Value: 2bbbc4a68138aeab6784206d4f9c4ad98bc57d83-1558267148 |
|
www.change.org/ | Name: _change_session Value: 787a9253c7c6495d2b1c99d9161f9b26 |
|
.change.org/ | Name: invite Value: %7B%22recruiter_id%22%3A72275872%2C%22requested_at%22%3A%222019-05-19T11%3A59%3A07.859Z%22%7D |
|
.google.com/ | Name: NID Value: 183=392SHr4Aio5A6_Ad1UwyOiUCmqKhHfN8MVANluT9ySOpTSd90Oe1ywAkxxbLA7v4Mb7MbusIGemeQRYGNOJhGAUvIlqx8TrpSZchFHrARGGa857nHuBS42jDsffBx9Yp4drRh_nIVbKKtyckMnxEYppSoN3CENmmDRD6QscRwXw |
|
.change.org/ | Name: _ga Value: GA1.2.470839087.1558267149 |
|
www.change.org/ | Name: _change_lang Value: %7B%22locale%22%3A%22en-US%22%2C%22countryCode%22%3A%22US%22%7D |
|
.change.org/ | Name: __cfduid Value: da50659f79e12e5cc0e32564182e3e8341558267147 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://assets.change.org https://static.change.org https://assets-fe.change.org https://change-production.s3.amazonaws.com https://change-public-stuff.s3.amazonaws.com https://www.google.ca https://www.googleadservices.com https://www.youtube.com https://*.doubleclick.net https://*.google.com https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.gstatic.com https://*.ytimg.com https://*.facebook.com https://*.facebook.net https://*.fbcdn.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.twimg.com https://vk.com https://*.vk.com https://ajax.cdnjs.com https://cdnjs.cloudflare.com https://service.force.com https://change.my.salesforce.com https://help.change.org https://*.salesforceliveagent.com https://*.braintreegateway.com https://*.paypalobjects.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://js.stripe.com https://cdn.embedly.com https://player.vimeo.com https://*.pubnub.com https://bat.bing.com https://*.briteverify.com https://soundcloud.com https://w.soundcloud.com https://www.instagram.com https://www.flickr.com https://*.staticflickr.com; connect-src 'self' blob: https://*.change.org https://change-production.s3.amazonaws.com https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://*.facebook.net fbrpc://* fb-messenger://* https://*.twitter.com https://*.vk.com https://*.braintreegateway.com https://*.paypal.com *.optimizely.com optimizely.s3.amazonaws.com cdn-assets-prod.s3.amazonaws.com https://api.stripe.com https://*.pubnub.com https://*.briteverify.com https://api.soundcloud.com https://api.airbrake.io; font-src 'self' data: https://assets.change.org https://static.change.org https://d18kwxxua7ik1y.cloudfront.net https://d22r54gnmuhwmk.cloudfront.net https://fonts.gstatic.com; img-src * blob: data:; form-action 'self'; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets-fe.change.org
assets.change.org
bat.bing.com
cdn.optimizely.com
chng.it
connect.facebook.net
errors.client.optimizely.com
googleads.g.doubleclick.net
secure-web.cisco.com
static.change.org
staticxx.facebook.com
stats.g.doubleclick.net
www.change.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.17.88.51
104.17.89.51
172.217.22.2
2620:101:2005:11f0::1001
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2003
2a00:1450:4001:81e::2008
2a00:1450:4001:820::2004
2a00:1450:4001:821::2002
2a00:1450:400c:c0b::9b
2a02:26f0:6c00:181::13b8
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.94.69.243
52.218.204.147
02c12028c90522c06327c224fefc978df14d510bf337adeb97eb1fb719d2e63e
03159e81ca378030f0b221599beaaca67a9752cef11ddf1601aa6627b00c8c6d
05ef11f0e5f815dabfd2ae25b7c22d257ea834ba8465525423ffb60eca33002a
0c7b335682a43e3d24a0bebc3145f80c7e88b82f11d655046ea17fb36ce9a160
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1535c9017a607216922d7db548a8418b4193a908e387bc13a8b16d7b0e16dce2
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
1827abab22a4a8bd43812910900edff5f5014a8e17c3ee6688fe916657edc9bc
1ab04603bfa65598dbce7cef0768f325323ef73595c069f6466314622503091a
1dd4611302f30fe4a3cafdfa9753e720eac09a9419a61e7450363504d1d82215
22b2944ae25f941966ff6a5ce2fca82a7ed33db0f377435acf8669c03e47fc69
27e435bcc7cc67695801ddb5f2936fa557b101f9c7865c803b250588d0f50224
33b0ca30270a3bff45ebd6de6131f0d1d499903183b50e14fe85d02a48a4e3c2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4474f4b3a6e272e947719fa01a9794b4499f7f67d50db29f04524b24c8bd1be4
48be21432b4ed8c7fa8206974de2f4979139a0009e5cf7fb6bd09f3026b8bdb5
4f6c07871d03c291a341a4cd525ff53adad59341a97f82208448335e23443456
509a2c82437cf542613a3e8ae9b9581246eeadbd6c3aa5187cfede6666ae1486
53bb9a1193c9867e7125539cfae0ed3550ffcfb93f99720c9b917de54bdc0094
552426fa67711398e49423a732526e763187afd768567b87e139fec853820809
5af608de4a4e67296abfa7a10394b0d108854cc4e113bade9498cc7548b47bf6
5c7d3b6f3713a77ffacbb6bb22d7c3e26fb807ac885e212e2162b5da8ff2af76
771776746af6ffba4ab936380308f47c93c386d96e2711fdf96d6514bd0e5be1
77ca93b0ab9fa4aff82338a44f8a1b33ff70aabd22d526d4ec5f8d691fe1eea0
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
7fc7eff010e96f3bacd4812d863cf095b352fea5847c9fca2375d8946d6a07b9
81092c5c5097e470dee3f43f12e6a166090be6d58037798a969c4ba329955211
83e9a218a7821dac0b10724d0edfac6b6133963b6018ef5fdf1f56d958c2bc8f
873117163417e1b143672543dd0deeda13eddf20ec65a1f4f32281ccd6e03748
94381b501d4db20f6ddd33df6573b978b1f77f9801389d735955ee2208882057
96096fad5be8efe65fd4f4627c5fc164eb766458edf6082b0c22cff8729b475b
97540869be47f1cc8519503a4725b83e5b31b49fc011fa6bf354f4ff14e147fa
9cb229b22f54b747c287852c37e0054b2677948845dd078901aed3f8c0f6a83b
9d8cffc4090f13ea30d640298921f6cb3e15ea7622354d36631c39ce7a8c7d11
9d9e98fd59e29dde06352ead1586994823ce9145168090e8d88c99bb0c06a4fa
ad29f4d8d14f75abc7459ab15afa6a289436ba14a82b6db41340cfb090324152
b14ada5f3b861fe177692ecfdcfb1fd98c000b7967623a00ebc0425e8a017001
b7f50bd7195d1f45e8b63f8d6444dad5ad83d1f3510e0fb56c17617b480b232e
c821edd47e53f7730988698b3d2dbac187210e603fd853766a2584154d03444e
c89b2c2081235dea9826dcb89c89334e73a8d8c313f0610fd6feec73c8123bc8
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d1014dd86ebf5e5b98a0fdee2ff1a8cb6c30c2a4c2bfd3bc15b0aaa3a8dd93c2
d2aa84ad7db72d21f56fb8fa1fdf2952fb734f67d942348588de033d1f8ad598
dd4a7babad15a13062ed550944e1eb05650b77441fe861a5ec6130b24997e57a
df88832440236ae4a14951cbadd37af5ce629c9b87d3d254c38b20ea1760fa0a
e1edb3fb1e8e28f29e8abf314f0d34466dc449f0530dae0fa582e6aa68dc4413
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee2df9e008021c0ce1fbf3612bfef57e7666294fa01bd4d9764931ff9add417a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f79279e4062d1965584ea0a57b964806ee4d9db8529f0da4420fd4c696ea40a4
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fb006820fb48813fe6ed367ce7bd52b4de6b10f271cee887a0643b1d8ca4c514
fcce66314321d66ab77ad3728e162757d200a621fa43859ad5449512aaedc5e0