54.191.27.240
Open in
urlscan Pro
54.191.27.240
Malicious Activity!
Public Scan
Submission: On February 11 via manual from US
Summary
This is the only time 54.191.27.240 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: American Express (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
37 | 54.191.27.240 54.191.27.240 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
5 | 52.29.213.99 52.29.213.99 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
15 | 104.109.79.176 104.109.79.176 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 104.109.73.124 104.109.73.124 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 3 | 52.48.166.254 52.48.166.254 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 172.82.228.17 172.82.228.17 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
2 | 35.158.49.49 35.158.49.49 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 148.173.97.38 148.173.97.38 | 6307 (AMERICAN-...) (AMERICAN-EXPRESS - American Express Company) | |
1 | 54.230.44.144 54.230.44.144 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 18.194.76.195 18.194.76.195 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
67 | 10 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-191-27-240.us-west-2.compute.amazonaws.com
54.191.27.240 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-213-99.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-79-176.deploy.static.akamaitechnologies.com
www.aexp-static.com | |
icm.aexp-static.com | |
web.aexp-static.com | |
www.americanexpress.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-73-124.deploy.static.akamaitechnologies.com
service.maxymiser.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-166-254.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
omn.americanexpress.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-49-49.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN6307 (AMERICAN-EXPRESS - American Express Company, US)
www425.americanexpress.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-44-144.fra6.r.cloudfront.net
sec.levexis.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-194-76-195.eu-central-1.compute.amazonaws.com
ep.americanexpress.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
aexp-static.com
www.aexp-static.com icm.aexp-static.com web.aexp-static.com |
69 KB |
7 |
ensighten.com
nexus.ensighten.com |
18 KB |
5 |
americanexpress.com
omn.americanexpress.com www425.americanexpress.com ep.americanexpress.com www.americanexpress.com |
16 KB |
3 |
demdex.net
1 redirects
dpm.demdex.net |
5 KB |
2 |
maxymiser.net
service.maxymiser.net |
11 KB |
1 |
levexis.com
sec.levexis.com |
7 KB |
67 | 6 |
Domain | Requested by | |
---|---|---|
7 | www.aexp-static.com |
54.191.27.240
nexus.ensighten.com www.aexp-static.com |
7 | nexus.ensighten.com |
54.191.27.240
nexus.ensighten.com |
3 | web.aexp-static.com |
54.191.27.240
|
3 | icm.aexp-static.com |
54.191.27.240
|
3 | dpm.demdex.net |
1 redirects
54.191.27.240
www.aexp-static.com |
2 | www.americanexpress.com |
54.191.27.240
|
2 | service.maxymiser.net |
54.191.27.240
service.maxymiser.net |
1 | ep.americanexpress.com |
54.191.27.240
|
1 | sec.levexis.com |
54.191.27.240
|
1 | www425.americanexpress.com |
www.aexp-static.com
|
1 | omn.americanexpress.com |
www.aexp-static.com
|
67 | 11 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/
Frame ID: (464B31B19DA5DBBCE9AC82AE2ED0396C)
Requests: 67 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- headers server /php\/?([\d.]+)?/i
Amazon EC2 (Web Servers) Expand
Detected patterns
- headers server /\(Amazon\)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
HeadJS (JavaScript Libraries) Expand
Detected patterns
- env /^head$/i
SiteCatalyst (Analytics) Expand
Detected patterns
- env /^s_(?:account|objectID|code|INST)$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Twitter Bootstrap () Expand
Detected patterns
- script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i
Page Statistics
134 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Skip to main content
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Account Home
Search URL Search Domain Scan URL
Title: Register for Online Services
Search URL Search Domain Scan URL
Title: Activate a new Card
Search URL Search Domain Scan URL
Title: Support 24/7
Search URL Search Domain Scan URL
Title: Support 24/7
Search URL Search Domain Scan URL
Title: Support 24/7
Search URL Search Domain Scan URL
Title: Download the Amex App
Search URL Search Domain Scan URL
Title: Platinum
Search URL Search Domain Scan URL
Title: Centurion
Search URL Search Domain Scan URL
Title: American Express @Work
Search URL Search Domain Scan URL
Title: Online Merchant Services
Search URL Search Domain Scan URL
Title: International Payments for Businesses
Search URL Search Domain Scan URL
Title: International Money Transfers for Card Members
Search URL Search Domain Scan URL
Title: View all Cards
Search URL Search Domain Scan URL
Title: View all Cards
Search URL Search Domain Scan URL
Title: Compare Cards
Search URL Search Domain Scan URL
Title: Find a Card
Search URL Search Domain Scan URL
Title: View Personal Cards
Search URL Search Domain Scan URL
Title: View Dollar and Euro Cards
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Find a Card
Search URL Search Domain Scan URL
Title: Compare Cards
Search URL Search Domain Scan URL
Title: Why American Express?
Search URL Search Domain Scan URL
Title: Why American Express?
Search URL Search Domain Scan URL
Title: Refer friends. Get rewarded.
Search URL Search Domain Scan URL
Title: View All Business Cards
Search URL Search Domain Scan URL
Title: View Business Cards
Search URL Search Domain Scan URL
Title: Compare Business Cards
Search URL Search Domain Scan URL
Title: Gold Business Charge
Search URL Search Domain Scan URL
Title: Platinum Business Charge
Search URL Search Domain Scan URL
Title: Why American Express for your Business
Search URL Search Domain Scan URL
Title: Find out about our Corporate Cards
Search URL Search Domain Scan URL
Title: Compare Solutions
Search URL Search Domain Scan URL
Title: Enquire about the Corporate Card programme
Search URL Search Domain Scan URL
Title: View Gift Cards
Search URL Search Domain Scan URL
Title: Book Travel Online
Search URL Search Domain Scan URL
Title: Book Travel Online
Search URL Search Domain Scan URL
Title: Book Cruise Online
Search URL Search Domain Scan URL
Title: Book FINE HOTELS & RESORTS
Search URL Search Domain Scan URL
Title: Book The Hotel Collection
Search URL Search Domain Scan URL
Title: Destination Guides
Search URL Search Domain Scan URL
Title: The Travel Blog
Search URL Search Domain Scan URL
Title: View Travel Rewards Cards
Search URL Search Domain Scan URL
Title: Global Business Travel Solutions
Search URL Search Domain Scan URL
Title: Corporate Foreign Exchange
Search URL Search Domain Scan URL
Title: Small Business Travel
Search URL Search Domain Scan URL
Title: Foreign Exchange Services
Search URL Search Domain Scan URL
Title: Travellers Cheques
Search URL Search Domain Scan URL
Title: Using your Card abroad
Search URL Search Domain Scan URL
Title: Insurance Homepage
Search URL Search Domain Scan URL
Title: Travel Insurance
Search URL Search Domain Scan URL
Title: Gadget Insurance
Search URL Search Domain Scan URL
Title: Shop with your points
Search URL Search Domain Scan URL
Title: Shop with your points
Search URL Search Domain Scan URL
Title: Membership Rewards
Search URL Search Domain Scan URL
Title: Membership Rewards
Search URL Search Domain Scan URL
Title: Travel with your points
Search URL Search Domain Scan URL
Title: Travel with your points
Search URL Search Domain Scan URL
Title: Latest Membership Rewards offers
Search URL Search Domain Scan URL
Title: Latest Membership Rewards offers
Search URL Search Domain Scan URL
Title: About the Membership Rewards programme
Search URL Search Domain Scan URL
Title: Cashback Cards
Search URL Search Domain Scan URL
Title: Avios Cards
Search URL Search Domain Scan URL
Title: Starpoints
Search URL Search Domain Scan URL
Title: Nectar Points
Search URL Search Domain Scan URL
Title: Cardmember offers
Search URL Search Domain Scan URL
Title: Refer friends. Get rewarded.
Search URL Search Domain Scan URL
Title: Entertainment
Search URL Search Domain Scan URL
Title: Merchant Home
Search URL Search Domain Scan URL
Title: Manage Merchant Account
Search URL Search Domain Scan URL
Title: Contact Us and FAQs
Search URL Search Domain Scan URL
Title: Apply Now to Accept the Card
Search URL Search Domain Scan URL
Title: View Corporate Cards
Search URL Search Domain Scan URL
Title: Customer Centre
Search URL Search Domain Scan URL
Title: Global Business Travel Solutions
Search URL Search Domain Scan URL
Title: Meetings & Events
Search URL Search Domain Scan URL
Title: International Payments for Businesses
Search URL Search Domain Scan URL
Title: View Business Cards
Search URL Search Domain Scan URL
Title: Global NetworkExpandir / Colapsar
Search URL Search Domain Scan URL
Title: Home
Search URL Search Domain Scan URL
Title: Issuers
Search URL Search Domain Scan URL
Title: Acquirers
Search URL Search Domain Scan URL
Title: Service Providers
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: (Change Country)
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Search
Search URL Search Domain Scan URL
Title: Log In
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Change Country
Search URL Search Domain Scan URL
Title: Find an ATM
Search URL Search Domain Scan URL
Title: Forgot User ID or Password
Search URL Search Domain Scan URL
Title: Create New Online Account
Search URL Search Domain Scan URL
Title: Activate New Card
Search URL Search Domain Scan URL
Title: Download the Amex App
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: View Cards
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Dollar and Euro Currency Cards
Search URL Search Domain Scan URL
Title: Business Cards
Search URL Search Domain Scan URL
Title: Corporate Cards
Search URL Search Domain Scan URL
Title: Gift Cards
Search URL Search Domain Scan URL
Title: Insurance
Search URL Search Domain Scan URL
Title: Travel Services
Search URL Search Domain Scan URL
Title: Membership Rewards Programme
Search URL Search Domain Scan URL
Title: International Money Transfers
Search URL Search Domain Scan URL
Title: Merchant Services
Search URL Search Domain Scan URL
Title: Accept the Card
Search URL Search Domain Scan URL
Title: Form & Document Centre
Search URL Search Domain Scan URL
Title: Online Services
Search URL Search Domain Scan URL
Title: ATM Locator
Search URL Search Domain Scan URL
Title: Shop Confidently
Search URL Search Domain Scan URL
Title: Frequently Asked Questions
Search URL Search Domain Scan URL
Title: Moving Abroad?
Search URL Search Domain Scan URL
Title: Financial Hardship and Bereavement
Search URL Search Domain Scan URL
Title: About American Express
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Site Map
Search URL Search Domain Scan URL
Title: US Modern Slavery Act
Search URL Search Domain Scan URL
Title: US tax trategy
Search URL Search Domain Scan URL
Title: About American Express
Search URL Search Domain Scan URL
Title: Website Rules and Regulations
Search URL Search Domain Scan URL
Title: Trademarks
Search URL Search Domain Scan URL
Title: Privacy Statement
Search URL Search Domain Scan URL
Title: Privacy Statement
Search URL Search Domain Scan URL
Title: Complaint Handling
Search URL Search Domain Scan URL
Title: Security Alerts
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 38- http://dpm.demdex.net/id?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields HTTP 302
- http://dpm.demdex.net/id/rd?d_visid_ver=1.5.2&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
67 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/ |
64 KB 64 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
campaign-tracking-2.1.min.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
17 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5f021c9958b7a7edc05dbf5319f6b37a.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
164 B 405 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ELILODefault.css
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
11 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RWDcmaxLogon.css
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
751 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ELILOLarge.css
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
227 B 521 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
euc_thirdparty_identify.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MYCALOGON.html
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
779 B 1 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
foresee-surveydef.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
65 KB 66 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
foresee-dhtml.css
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
8 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
90 KB 90 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
visitorAPI-intl.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
16 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mmcore.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
24 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mmpackage-1.12.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inav_responsive_intl.css
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
116 KB 116 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btnSpriteStyles.css
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
20 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.gif
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
43 B 336 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_bluebox.gif
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtkp_aa.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
10 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RWDLogon.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
112 KB 112 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img_orangearrow.gif
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
181 B 475 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
defaultticketink.jpg
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pes4all.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
37 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
predSearchIntl.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
predectiveSearch.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
29 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
predSearchIntl.css
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
commonFunctionsResponsive_Intl.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
62 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gct.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
8 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent(1).php
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
761 B 1002 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
352be1405d1e1252df5266bdd825d195.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
5 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
91f25615d131a8019f5ca57c5cdf5753.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
82c5c7f70e5f65f093d22d74a7906f73.js
nexus.ensighten.com/amex/prod/code/ |
26 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
efae85c92fac67837bb80336d83e7e23.js
nexus.ensighten.com/amex/prod/code/ |
1 KB 960 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3f166b96408837817b9a0698d844f252.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
foresee-trigger.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
78 KB 78 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s_code_myca_context.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
69 KB 70 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
visitorAPI-intl.js
www.aexp-static.com/api/axpi/omniture/ |
16 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mmcore.js
service.maxymiser.net/cdn/americanexpressuk/js/ |
27 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mmpackage-1.12.js
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
service.maxymiser.net/cg/v5/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
omn.americanexpress.com/ |
155 B 573 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
iNav_ngi_sprite_new.gif
www.aexp-static.com/nav/ngn/img/ |
23 KB 23 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
img_shdw_mainNav.png
www.aexp-static.com/nav/ngn/img/ |
143 B 315 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
elilo-sprite.gif
54.191.27.240/amex/c15585d7fb97cb736b97cb7c7f36b97cb7c36b98b97cb75db97cb7c17cb7c/index_files/img/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
euc_thirdparty_identify.js
www.aexp-static.com/nav/ngn/js/ |
2 KB 970 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
MYCALOGON.html
icm.aexp-static.com/Internet/PZN/en_UK/Default/ |
779 B 509 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
iNav_ngi_sprite_footer.gif
www.aexp-static.com/nav/ngn/img/ |
934 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
defaultticketink.jpg
icm.aexp-static.com/Internet/PZN/UK/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
img_orangearrow.gif
icm.aexp-static.com/Internet/PZN/en_CA/Images/ |
181 B 310 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
predSearchIntl.js
web.aexp-static.com/uk/content/js/ |
1 KB 666 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
predSearchIntl.css
web.aexp-static.com/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap.js
nexus.ensighten.com/amexeu/ |
28 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
predectiveSearch.js
web.aexp-static.com/js/ |
29 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
euc_cookie.js
www.aexp-static.com/nav/ngn/js/ |
44 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/amexeu/ |
337 B 537 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/amex/intl_amexhead/ |
349 B 544 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
euc_cookie.css
www.aexp-static.com/nav/ngn/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
JsonServlet
www425.americanexpress.com/cookieweb/ |
44 B 253 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5f021c9958b7a7edc05dbf5319f6b37a.js
nexus.ensighten.com/amex/intl_amexhead/code/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
campaign-tracking-2.1.min.js
sec.levexis.com/external/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c2aece862b4b9c680936ea72284adec2.js
nexus.ensighten.com/amexeu/prod/code/ |
18 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ep.americanexpress.com/pc/amex/ |
42 B 685 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
foresee-surveydef.js
www.americanexpress.com/api/axpi/foresee/ |
67 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
foresee-dhtml.css
www.americanexpress.com/api/axpi/foresee/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: American Express (Financial)240 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| browser object| isIpadIpod undefined| mt object| $itag string| itag_siteerror object| EUCThirdParty function| cookieStatus function| readCookie function| isValuePresentInArray function| getCurrentEnv number| eli string| pesDefaultResponse object| chars_mob object| chars_tab object| chars_desk boolean| spaexist boolean| giftcardconfirmpage object| fsr_qs function| devicesizecal function| fsr_readCookie object| fsr_unichars function| CampaignTrackingRules object| ensBootstraps object| INTLamexhead function| _log function| doSCLoad function| Visitor object| s_c_il number| s_c_in object| visitor object| mmsystem object| mmcore object| mmRequestCallbacks object| NAV number| j object| iNavConfig string| s_TopNav string| pageState object| RSA object| liloNameSpace object| AMEXMYCALOGON object| doc undefined| itag_intlinkimp function| $mycaLogon function| rwdLogonInit undefined| $ function| jQuery function| getId boolean| initialized object| defaultOfferdata object| rtdOfferdata boolean| isMYCASOA boolean| isMYCAESTMT object| persProductCode object| logoffRE object| thankyouRE object| accActivityRE object| placementList object| KeynoteRE number| soaCount object| persOfferProduct object| persCmFiveAry object| persCrdOfrIndAry object| soaRE string| pesHookPages string| pesHookPageId string| pesHookMarkets string| pesDelMarkets string| pesMarketsWithBB string| pesMarketsMigrated string| pesCookieCheck string| pesMarketsRedesigned boolean| usrConsent number| pesEnv string| commonSoln string| lang_MktCd function| getEnvironment string| persSrcUrl string| persRtdUrl string| persProto string| pesCmaxUrl string| env object| head object| script object| PZN_PES function| json_parse function| pesRenderRTDOffers function| pesRenderDefaultOffers function| populateDiv function| getValue string| docUrl string| persLanguage string| persCountry string| serviceType string| clientType string| requestType string| persPageId string| defaultURL object| pesJsonResponse object| pesErrorResponse object| element function| initOmnDefault function| initiateNav number| lastpredictiveindex undefined| searchimg number| enterStatus number| enterStatus1 string| srchlastValue number| srchtimer object| mylangObj boolean| srchomnClick string| pSrchVersion function| getJSONpredictive object| NAV_PreSearch string| filepath string| fsrhostname object| e1host object| e2host object| e3host string| fsrMarket object| FSR object| ForeSee function| omn_rmaction function| omn_rmvar function| omn_bpoclick function| omn_bpoimpression function| ctn_rmaction function| ctn_rmvar function| omn_mer_rmaction function| omn_mer_rmleadstart function| omn_mer_rmshare function| omn_mer_rmvidstart function| omn_mer_rmvidcomplete function| omn_mer_trackdownload function| omn_mer_rmvar function| omn_mer_tracklogin function| omn_relatedprodclick function| searchWidgetAction function| searchWidgetError function| searchWidgetFAQAction function| searchWidgetHyperlinkClick function| searchWidgetSearch function| omn_rmdiscuss function| omn_rmfollowcomplete function| omn_rmfollowstart function| omn_rmlogin function| omn_rmprofile function| omn_rmregcomplete function| omn_rmregstart function| omn_rmaddpaybill function| omn_rmaddsscard function| omn_rmeStatement function| t function| tl function| $iN object| s_TopNavTmp function| iNavLangRelatedText string| mktUpperCase function| loadScriptAsync boolean| predictiveloadflag object| icats_obj object| Bootstrapper function| initGCT object| qsArray string| k object| o object| _enslog object| EUCOverlay string| euEnvCheckVar object| SWITCHON_MARKETS string| euc_domain object| BROWSER_SETTINGS_PLUS_MARKET object| OPTIN_MARKETS object| _E1_CONTEXT_ARRAY object| _E2_CONTEXT_ARRAY object| _E3_CONTEXT_ARRAY object| POLICY_ARRAY object| PRIVACY_ARRAY string| euc_cssUrl string| euc_browser object| link string| euc_locale function| inScopeURL function| euContextCheck function| isMarketInList function| euEnvCheck function| getParentDomain function| createCookiePrivacy function| amexCookieValCallback function| dropTpSyncCookie string| currDomain object| body object| boxesDiv function| showConsentOverlay function| initCookieProcess function| softPolicyLinkClickHandler function| policyLinkClickHandler function| strictprivacyLinkClickHandler function| acceptClickHandler function| declineClickHandler function| continueClickHandler function| getMarketLink function| isConsentRecorded function| trim function| bringBkFocus function| recordConsent function| dropAmexCookie function| checkAmexCookie function| trackConsent string| psj0 function| itm_EUTags string| sToken string| s_devprod object| s_rmvars string| s_rmact number| s_rmi number| omn_temp function| s_rmobj function| omn_rmvidstart function| omn_rmvidcomplete function| omn_rmsocialaction function| omn_rmshare function| omn_rmsiteerror function| omn_rmphonedial function| omn_rmassistaction function| omn_rmsearch function| omn_rmsearchclick function| s_doPlugins function| s_cleanQS function| c_rspers function| c_r function| c_w function| AppMeasurement function| s_gi function| s_pgicq object| omn object| s number| s_objectID number| s_giq boolean| __$$FSRINIT$$__6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
54.191.27.240/ | Name: CheckStatus Value: Y |
|
54.191.27.240/ | Name: fsr.a Value: 1518391922624 |
|
54.191.27.240/ | Name: AMCV_5C36123F5245AF470A490D45%40AdobeOrg Value: 793872103%7CMCMID%7C91736952336518373984366854675431884134%7CMCAAMLH-1518996722%7C6%7CMCAAMB-1518996722%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCAID%7C2D406939053119A0-40000100C005BE6C |
|
54.191.27.240/ | Name: mmapi.store.s.0 Value: %7B%22mmparams.d%22%3A%7B%7D%2C%22mmparams.p%22%3A%7B%7D%7D |
|
54.191.27.240/ | Name: mmapi.store.p.0 Value: %7B%22mmparams.d%22%3A%7B%7D%2C%22mmparams.p%22%3A%7B%22pd%22%3A%221549927922129%7C%5C%22-1761177541%7CAQAAAApVAgDc4phA2w8AAREAAUKETnk5AQAt9yenp3HVSC33J6encdVIAAAAAP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAZEaXJlY3QB2w8BAAAAAAAAAAAA%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAAAAAAAAAFF%5C%22%22%2C%22srv%22%3A%221549927922129%7C%5C%22fravwcgeu12%5C%22%22%7D%7D |
|
54.191.27.240/ | Name: mmcore.tst Value: 0.333 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dpm.demdex.net
ep.americanexpress.com
icm.aexp-static.com
nexus.ensighten.com
omn.americanexpress.com
sec.levexis.com
service.maxymiser.net
web.aexp-static.com
www.aexp-static.com
www.americanexpress.com
www425.americanexpress.com
104.109.73.124
104.109.79.176
148.173.97.38
172.82.228.17
18.194.76.195
35.158.49.49
52.29.213.99
52.48.166.254
54.191.27.240
54.230.44.144
0c93e19037feb44dc3dda4686c1e6798c1eda0d7375068361ef6a39f388cb6c4
0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3
183346f0a0af6252f7e760e6e75a59687ee3ef522fe787015c2ae37c13faa806
194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12
194b6119fc281b37083150ed737be6da2828f7624ce2b0a5d57151095ec53279
232e596cecd9de10f2b93d9a8840d20e37c5b997330583791199e5faf2596165
263adeb3aa1cbc6acc7bcb5298400860196f4bf1052b661a75bd2d5c27131df7
2664df32dbdece3f95fc2a3ad51aa8dea6c53ea36c9ebbac95f6e00815442997
289e6a214b2ecb9df84a8e945b5019502c80605f8410b70857e24e2c48979b58
290509f8a7a1c850e10f31b5d1b663463aba5cd083ecb054e3f779c7861d2752
44c9be88a065fc85f31c4e8a3c4e7971f863fbf028d1bafa5b99a47f200322e6
4b22ee6807a2e4ddfd1bf16851609a7a009f4c6bd5aeb78162f121cb89492f02
4e8d2179880ca3d1d95fb66b2970cce9c77c704729765899a0d4f7d0f1e7c31f
4f6897c95a3eadc5046de738c2af4c53dc8e0c4016010287e4b1c67af3a3e947
55205b33498928f1d49f8c085ae2d66116700b244135f297a47dff5b36ac13d3
5b2e19da41d37800c05fcaf65d0ea8af9b836a3ba4d48a133e59b5e0a1c94ebe
6417c477f567e655eb9797d084803f2e80bd2b8d978aa853877a5a2028cb0381
68e0a6ce3093791926563a2a14d78661e1e3a5cbd7d480f3dc52de3bff276ed4
6a6333c750e4ed7d2e866fca36f330a1ee05c9414e46dee3c7ac333b2eda3d61
7266422500cb40caa594945b3382fe22971b0a206b6eb23f4b00b32755be40d4
788a1949d75c7f72e4bb7112727169304146d5e0adee0bce587a06bafd592a55
7a08b2385ac73de850f7950a37e28717f37e42ce4c7419a16f22c04b52a71f4b
7bb028a4355de8c20a6d8bb1e17db4c1fbdcb888fd94b061bb9e0eb2b6eb787a
7c3561cb6494af21aeb93bee7364f2914e578a6fb8208bd3c8812a071c2ca4bb
84ad133132567b004e6586cec956212f857f8280a60ad3553cdfeea9552700cb
8708a8b8805628e28317db93be78643fc7000ff4cd19f8a6e656a417db580d42
8901b87c3125997a9f8f9c42c006eeb498774c239446026260f9b1c679bc84da
89abfe88e3b2877a0b6b8f3c6aff9a4a209b6288e05b0fc260939071bde0c898
9193026efab3bc4f806c6f825c7c58835f42f630e229bf460b22db03772d4c9b
9c2361f3b8d864af81c9a61a1cbcc932a49dcd10513320b09aa7ee53e39d2a53
a08b991dfa19ba78445b35bf92a865eadb08f832ab3e1913d55c39dae902bde8
a249022af99b2b62452a7a853a158cf3b9a7fb1d57524dad3cce4873ceafd4d4
a28e95ac5bd8a7bea9160133b965b4ad487947089c754bff3cf2f9acc5c315a1
a5d0dc0c73a19e24902f36ce3bf6ee6b1a8bfbdf3d61e77d91eb4024a1c2dddf
a84253ed57724eb24d03c265dc7d71aadfa7921494d8195d75d026078f75f2a7
ad76da66686b4cf8d9e7a577c377a3fbaadaf96f2c495545ca381770b382447d
af60202d274f272c5334d9e7b5e5ae107df32985941794284b11479b88a8e3e2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e
be77843061cd5a947774a901e305d787e429a11d0d65535ce4fff903d1ae36dd
c6d0c052bbac253a6682d171e506423e24fb8992e64d70023f760787d45e8830
cabbcd406eefdbf1dc05e05b585fbbb3d27c492154e661b5c14d68754d6167b5
cc4b0a52a2581bd9d4d428ae363ea89d2921fbac0c30b0e0a72ad712b2c934c6
cd55811866034ce4b837ef937c9dd03efbde607254caa8b4f6e107374d8a21fc
cdf23a6d6d521d6e9be46b389943d85f0e7f1f864e0db49e9a7229433e2d682d
d04be2b47a2cbba425f232c1b4868ec42af99f437f47d5189c7726ab0f61a7a8
d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b
eaa6d8079c18e64f1a56ade85bd6c5082dd3bf72fc3e790ac7cd54f23b6cf145
edee23ca7a0bbddf54044d8d5e7543b36766802d952e1565e5d5405739931744
eec7a96e3781d0eb7c7784a019dded860b7d24dc1c98ae54149c695b83f77658
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f533ad331d10d34ab6bf196971e1df83891eea50b8c4902355dd1d4dbd4e11a2
f579e856464d62e4acffa1d66a76cbb63e79e86ccf8e19ec49f561a59e68b573
fd38d747f63c634e15042af454d0da0e0ecaa4620a3800304044616807043f72
ff923028c24f8699ba96628c404f99304be76fadf8ca3ed6a356f02a3135ff09