![](/screenshots/e6e5b212-ef61-413d-a877-de30ff223b51.png)
travel.americanexpress.ca
Open in
urlscan Pro
23.45.103.227
Malicious Activity!
Public Scan
Effective URL: https://travel.americanexpress.ca/service/static_page.cfm?page=travel_advice
Submission: On March 25 via manual from CA
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 27th 2019. Valid for: 2 years.
This is the only time travel.americanexpress.ca was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: American Express (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 65.117.228.68 65.117.228.68 | 53316 (ASN-CHEET...) (ASN-CHEETA-MAIL) | |
17 | 23.45.103.227 23.45.103.227 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
18 | 104.28.1.16 104.28.1.16 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 19 | 23.45.100.166 23.45.100.166 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 99.86.7.89 99.86.7.89 | 16509 (AMAZON-02) (AMAZON-02) | |
2 2 | 23.45.238.252 23.45.238.252 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
9 | 18.197.253.20 18.197.253.20 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 93.184.220.41 93.184.220.41 | 15133 (EDGECAST) (EDGECAST) | |
6 | 208.87.210.123 208.87.210.123 | 40612 (SWITCHFLY...) (SWITCHFLY-40612-AS) | |
1 | 65.52.62.25 65.52.62.25 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
14 | 52.218.21.139 52.218.21.139 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 95.101.185.162 95.101.185.162 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 4 | 52.18.60.121 52.18.60.121 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 15.188.31.119 15.188.31.119 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 139.71.113.91 139.71.113.91 | 6307 (AMERICAN-...) (AMERICAN-EXPRESS) | |
2 | 178.249.101.23 178.249.101.23 | 11054 (LIVEPERSON) (LIVEPERSON) | |
1 | 151.101.13.192 151.101.13.192 | 54113 (FASTLY) (FASTLY) | |
1 | 178.249.101.98 178.249.101.98 | 11054 (LIVEPERSON) (LIVEPERSON) | |
1 | 2a03:6400:10:... 2a03:6400:10:0:178:249:97:99 | 11054 (LIVEPERSON) (LIVEPERSON) | |
4 | 208.89.12.87 208.89.12.87 | 11054 (LIVEPERSON) (LIVEPERSON) | |
2 | 34.248.85.42 34.248.85.42 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 139.71.50.190 139.71.50.190 | 6307 (AMERICAN-...) (AMERICAN-EXPRESS) | |
111 | 21 |
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-103-227.deploy.static.akamaitechnologies.com
travel.americanexpress.ca |
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-100-166.deploy.static.akamaitechnologies.com
www.aexp-static.com | |
icm.aexp-static.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-89.fra6.r.cloudfront.net
js-cdn.dynatrace.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-238-252.deploy.static.akamaitechnologies.com
www.americanexpress.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN40612 (SWITCHFLY-40612-AS, US)
PTR: h-208-87-210-123.ip.ezrez.com
americanexpress.switchfly.com |
ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com
tuitravel.s3-eu-west-1.amazonaws.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-185-162.deploy.static.akamaitechnologies.com
www.tripadvisor.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-60-121.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-31-119.eu-west-3.compute.amazonaws.com
omns.americanexpress.com |
ASN6307 (AMERICAN-EXPRESS, US)
PTR: cdaas11.americanexpress.com
cdaas.americanexpress.com |
ASN11054 (LIVEPERSON, US)
PTR: am-lpcdn.lpsnmedia.net
lpcdn.lpsnmedia.net |
ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
va.v.liveperson.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-85-42.eu-west-1.compute.amazonaws.com
bf44539bru.bf.dynatrace.com |
ASN6307 (AMERICAN-EXPRESS, US)
PTR: gctv4-r2.americanexpress.com
gct.americanexpress.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
switchfly.com
cdn.switchfly.com americanexpress.switchfly.com |
533 KB |
19 |
aexp-static.com
1 redirects
www.aexp-static.com icm.aexp-static.com qwww.aexp-static.com Failed |
502 KB |
17 |
americanexpress.ca
travel.americanexpress.ca |
137 KB |
14 |
amazonaws.com
tuitravel.s3-eu-west-1.amazonaws.com |
74 KB |
10 |
americanexpress.com
3 redirects
email.americanexpress.com www.americanexpress.com omns.americanexpress.com cdaas.americanexpress.com gct.americanexpress.com |
8 KB |
9 |
ensighten.com
nexus.ensighten.com |
48 KB |
7 |
liveperson.net
lptag.liveperson.net publisher.liveperson.net va.v.liveperson.net |
110 KB |
4 |
demdex.net
1 redirects
dpm.demdex.net |
5 KB |
3 |
dynatrace.com
js-cdn.dynatrace.com bf44539bru.bf.dynatrace.com |
70 KB |
2 |
lpsnmedia.net
lpcdn.lpsnmedia.net accdn.lpsnmedia.net |
1 KB |
2 |
webtype.com
cloud.webtype.com pls.webtype.com |
2 KB |
1 |
tripadvisor.com
www.tripadvisor.com |
2 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
111 | 13 |
Domain | Requested by | |
---|---|---|
18 | cdn.switchfly.com |
travel.americanexpress.ca
js-cdn.dynatrace.com |
17 | travel.americanexpress.ca |
travel.americanexpress.ca
cdn.switchfly.com |
16 | www.aexp-static.com |
1 redirects
travel.americanexpress.ca
nexus.ensighten.com |
14 | tuitravel.s3-eu-west-1.amazonaws.com |
travel.americanexpress.ca
|
9 | nexus.ensighten.com |
travel.americanexpress.ca
nexus.ensighten.com |
6 | americanexpress.switchfly.com |
travel.americanexpress.ca
js-cdn.dynatrace.com |
4 | va.v.liveperson.net |
lptag.liveperson.net
|
4 | cdaas.americanexpress.com |
nexus.ensighten.com
cdaas.americanexpress.com travel.americanexpress.ca |
4 | dpm.demdex.net |
1 redirects
travel.americanexpress.ca
js-cdn.dynatrace.com |
3 | icm.aexp-static.com |
travel.americanexpress.ca
js-cdn.dynatrace.com nexus.ensighten.com |
2 | bf44539bru.bf.dynatrace.com |
js-cdn.dynatrace.com
|
2 | lptag.liveperson.net |
www.aexp-static.com
|
2 | omns.americanexpress.com |
js-cdn.dynatrace.com
travel.americanexpress.ca |
2 | www.americanexpress.com | 2 redirects |
1 | gct.americanexpress.com | |
1 | accdn.lpsnmedia.net |
lptag.liveperson.net
|
1 | lpcdn.lpsnmedia.net |
lptag.liveperson.net
|
1 | publisher.liveperson.net |
lptag.liveperson.net
|
1 | www.tripadvisor.com |
travel.americanexpress.ca
|
1 | pls.webtype.com |
travel.americanexpress.ca
|
1 | cloud.webtype.com |
travel.americanexpress.ca
|
1 | js-cdn.dynatrace.com |
travel.americanexpress.ca
|
1 | email.americanexpress.com | 1 redirects |
0 | truncated Failed |
travel.americanexpress.ca
|
0 | qwww.aexp-static.com Failed |
travel.americanexpress.ca
|
111 | 25 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
travel.americanexpress.co.uk DigiCert SHA2 Extended Validation Server CA |
2019-02-27 - 2021-03-03 |
2 years | crt.sh |
switchfly.com CloudFlare Inc ECC CA-2 |
2019-09-26 - 2020-09-25 |
a year | crt.sh |
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2018-08-08 - 2020-07-23 |
2 years | crt.sh |
js-cdn.dynatrace.com Amazon |
2019-05-29 - 2020-06-29 |
a year | crt.sh |
nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2019-10-03 - 2020-10-02 |
a year | crt.sh |
s1.wac.edgecastcdn.net DigiCert SHA2 Secure Server CA |
2018-11-05 - 2020-11-20 |
2 years | crt.sh |
*.switchfly.com Go Daddy Secure Certificate Authority - G2 |
2020-01-03 - 2022-01-03 |
2 years | crt.sh |
*.webtype.com Sectigo RSA Domain Validation Secure Server CA |
2019-06-30 - 2021-07-12 |
2 years | crt.sh |
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2020-12-10 |
a year | crt.sh |
www.tripadvisor.com DigiCert SHA2 Extended Validation Server CA |
2019-03-21 - 2020-04-30 |
a year | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
omns.americanexpress.com DigiCert SHA2 Secure Server CA |
2020-02-06 - 2022-02-10 |
2 years | crt.sh |
cdaas1.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2019-10-15 - 2021-10-19 |
2 years | crt.sh |
*.liveperson.net COMODO RSA Organization Validation Secure Server CA |
2017-12-17 - 2020-12-16 |
3 years | crt.sh |
liveperson.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-04-14 - 2020-04-11 |
a year | crt.sh |
*.lpsnmedia.net COMODO RSA Organization Validation Secure Server CA |
2018-02-26 - 2021-02-25 |
3 years | crt.sh |
*.v.liveperson.net COMODO RSA Organization Validation Secure Server CA |
2018-05-08 - 2020-05-07 |
2 years | crt.sh |
*.bf.dynatrace.com Amazon |
2020-03-07 - 2021-04-07 |
a year | crt.sh |
gctv4-r2.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2019-05-10 - 2021-05-13 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://travel.americanexpress.ca/service/static_page.cfm?page=travel_advice
Frame ID: 614CC2504B120127C1EFE47313706112
Requests: 113 HTTP requests in this frame
Frame:
https://lpcdn.lpsnmedia.net/le_secure_storage/3.9.0.13-release_5023/storage.secure.min.html?loc=https%3A%2F%2Ftravel.americanexpress.ca&site=14106077&env=prod&isCrossDomain=true
Frame ID: C02B2070F2BB25FC663F96A6564B9809
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/e6e5b212-ef61-413d-a877-de30ff223b51.png)
Page URL History Show full URLs
-
http://email.americanexpress.com/a/hBee44YAQB6DpB91gQ1NyKmd8cL/amex5
HTTP 307
https://travel.americanexpress.ca/service/static_page.cfm?page=travel_advice Page URL
Detected technologies
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
![](/vendor/wappa/icons/LivePerson.png)
Detected patterns
- script /^https?:\/\/lptag\.liveperson\.net\/tag\/tag\.js/i
![](/vendor/wappa/icons/ensighten.png)
Detected patterns
- script /\/\/nexus\.ensighten\.com\//i
Page Statistics
67 Outgoing links
These are links going to different origins than the main page.
Title: Flight
Search URL Search Domain Scan URL
Title: Hotel
Search URL Search Domain Scan URL
Title: Car
Search URL Search Domain Scan URL
Title: Bundles
Search URL Search Domain Scan URL
Title: Fine Hotels & Resorts
Search URL Search Domain Scan URL
Title: The Hotel Collection
Search URL Search Domain Scan URL
Title: Government of Canada’s Travel Advice and Advisories
Search URL Search Domain Scan URL
Title: World Heath Organization
Search URL Search Domain Scan URL
Title: Detailed map of the spread of the virus
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: LOGIN
Search URL Search Domain Scan URL
Title: Travel Documents and Visas
Search URL Search Domain Scan URL
Title: Get travel insurance
Search URL Search Domain Scan URL
Title: Air Passenger Protection Regulations
Search URL Search Domain Scan URL
Title: Health & Medical requirements
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Personal Cards
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Small Business Cards
Search URL Search Domain Scan URL
Title: Corporate Cards
Search URL Search Domain Scan URL
Title: American Express Gift Cards
Search URL Search Domain Scan URL
Title: Add Someone to Your Account
Search URL Search Domain Scan URL
Title: Membership Rewards® Program
Search URL Search Domain Scan URL
Title: American Express App
Search URL Search Domain Scan URL
Title: Insurance Home
Search URL Search Domain Scan URL
Title: Book Travel Online
Search URL Search Domain Scan URL
Title: Merchant Services
Search URL Search Domain Scan URL
Title: Accept the Card
Search URL Search Domain Scan URL
Title: Form & Document Centre
Search URL Search Domain Scan URL
Title: Online Services
Search URL Search Domain Scan URL
Title: Global Assist
Search URL Search Domain Scan URL
Title: Shop Confidently
Search URL Search Domain Scan URL
Title: See Merchants Near You
Search URL Search Domain Scan URL
Title: Refer a Friend
Search URL Search Domain Scan URL
Title: About American Express
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Sign Up for Email Offers
Search URL Search Domain Scan URL
Title: Frequently Asked Questions
Search URL Search Domain Scan URL
Title: Moving Abroad?
Search URL Search Domain Scan URL
Title: Change country
Search URL Search Domain Scan URL
Title: Français
Search URL Search Domain Scan URL
Title: Trademarks
Search URL Search Domain Scan URL
Title: Terms & Conditions of Use
Search URL Search Domain Scan URL
Title: Updated Online Privacy Statement (01/2018)
Search URL Search Domain Scan URL
Title: Complaint Handling
Search URL Search Domain Scan URL
Title: Codes of Conduct & Commitments
Search URL Search Domain Scan URL
Title: Amex Bank of Canada Prime Rate
Search URL Search Domain Scan URL
Title: Security Alerts
Search URL Search Domain Scan URL
Title: Accessibility Policy
Search URL Search Domain Scan URL
Title: Accessibility Plan
Search URL Search Domain Scan URL
Title: Cardmember Agreements
Search URL Search Domain Scan URL
Title: American Express Company
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://email.americanexpress.com/a/hBee44YAQB6DpB91gQ1NyKmd8cL/amex5
HTTP 307
https://travel.americanexpress.ca/service/static_page.cfm?page=travel_advice Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 15- https://www.aexp-static.com/nav/ngn/js/euc_thirdparty_identify.js HTTP 301
- https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/js/euc_thirdparty_identify.js
- https://www.americanexpress.com/ensighten-head-intl HTTP 301
- https://nexus.ensighten.com/amex/intl_amexhead/Bootstrap.js
- https://www.americanexpress.com/adobetrackingintl?ens_mk=en-CA HTTP 301
- https://nexus.ensighten.com/amex/Bootstrap.js?ens_mk=en-CA
- https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1585158214699 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1585158214699
111 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
static_page.cfm
travel.americanexpress.ca/service/ Redirect Chain
|
371 KB 74 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
externals-pkg.js
cdn.switchfly.com/assets/10bb153/js/packages/js/ |
846 KB 214 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ezrez-lib-nomaps-pkg.js
cdn.switchfly.com/assets/10bb153/js/packages/js/ |
138 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ezrez-base-pkg.js
cdn.switchfly.com/assets/10bb153/js/packages/js/ |
36 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ez-static-page-pkg.js
cdn.switchfly.com/assets/10bb153/js/packages/js/ |
65 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ez-externals-pkg.css
cdn.switchfly.com/assets/10bb153/js/packages/css/ |
64 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ez-all-pkg.css
cdn.switchfly.com/assets/10bb153/js/packages/css/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ez-old-pkg.css
cdn.switchfly.com/assets/10bb153/js/packages/css/ |
65 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ez-static-page-pkg.css
cdn.switchfly.com/assets/10bb153/js/packages/css/ |
3 KB 919 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
cdn.switchfly.com/assets/10bb153/client_assets/imagesw/americanexpress/default/css/ |
52 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
cdn.switchfly.com/assets/10bb153/client_assets/imagesw/americanexpress/cageneral/css/ |
592 B 672 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
travel-theme.css
cdn.switchfly.com/assets/10bb153/client_assets/imagesw/americanexpress/default/css/ |
92 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
static_page.css
cdn.switchfly.com/assets/10bb153/client_assets/imagesw/americanexpress/default/css/ |
3 KB 937 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
master.css
travel.americanexpress.ca/images_w/americanexpress/nav/catravel/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responsive-search-form.css
travel.americanexpress.ca/client_assets/imagesw/americanexpress/default/css/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search-form.css
travel.americanexpress.ca/client_assets/imagesw/americanexpress/default/css/ |
33 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
euc_thirdparty_identify.js
icm.aexp-static.com/content/dam/Navigation/nav/ngn/js/ Redirect Chain
|
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eu_cookie_compliance.js
travel.americanexpress.ca/client_assets/imagesw/americanexpress/default/eu_cookie_compliance/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagent_ICA27SVafghjlqrux_10185200219132536.js
js-cdn.dynatrace.com/jstag/1623d230d17/ |
180 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/amex/intl_amexhead/ Redirect Chain
|
84 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ato-subnav.css
www.aexp-static.com/cdaas/tls/premiumhotel/subnav/styles/ |
20 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ato-subnav-fonts.css
www.aexp-static.com/cdaas/tls/premiumhotel/subnav/styles/ |
446 KB 236 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
www.aexp-static.com/cdaas/tls/premiumhotel/subnav/js/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ato-subnav-load-2.0.js
www.aexp-static.com/cdaas/tls/premiumhotel/subnav/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ato-subnav-resize-2.1.js
www.aexp-static.com/cdaas/tls/premiumhotel/subnav/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
calendar.gif
travel.americanexpress.ca/images_w/americanexpress/nav/catravel/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
be462c3b-8c21-40fe-a8be-462f778fa3ce.css
cloud.webtype.com/css/ |
712 B 633 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saml.css
cdn.switchfly.com/assets/10bb153/client_assets/imagesw/americanexpress/default/css/ |
1013 B 404 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
miniItinerary.css
cdn.switchfly.com/assets/10bb153/client_assets/imagesw/americanexpress/default/css/ |
3 KB 735 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
static_pages.css
americanexpress.switchfly.com/images_w/americanexpress/nav/default/ |
1 MB 151 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
master_client.css
travel.americanexpress.ca/images_w/americanexpress/nav/ukgeneric/ |
1 KB 614 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_alert.gif
americanexpress.switchfly.com/images_w/americanexpress/nav/default/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca_travelheader_dt.png
cdn.switchfly.com/images_w/americanexpress/nav/default/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_info.gif
americanexpress.switchfly.com/images_w/americanexpress/nav/default/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
249 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
382 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v.gif
pls.webtype.com/ |
807 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
qwww.aexp-static.com/nav/ngn/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
www.aexp-static.com/nav/ngn/fonts/ |
68 KB 69 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
subnav.json
icm.aexp-static.com/Internet/travel/common/en-ca/ |
4 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visitorAPI-intl.js
www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/4.4.0/ |
59 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_AC_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_NZ_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_TS_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_AS_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_AA_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_BA_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_CX_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_DL_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_EY_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_LH_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_PD_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_QR_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_UA_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
airlines_WS_350_100_r.png
tuitravel.s3-eu-west-1.amazonaws.com/public/logos/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TA_logo_notag_CA-11897-0.png
www.tripadvisor.com/img/cdsi/partner/AmExVacations/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
acta.png
travel.americanexpress.ca/images_w/americanexpress/nav/default/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tico.png
travel.americanexpress.ca/images_w/americanexpress/nav/default/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/amex/ Redirect Chain
|
65 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/ |
2 KB 906 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-flag-ca.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/flags/ |
754 B 668 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
underscore_throttle.js
travel.americanexpress.ca/client_assets/imagesw/americanexpress/default/js/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
travel.americanexpress.ca/client_assets/imagesw/americanexpress/cageneral/js/ |
834 B 528 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
omniture.js
travel.americanexpress.ca/client_assets/imagesw/americanexpress/default/js/ |
14 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
static_page.js
travel.americanexpress.ca/client_assets/imagesw/americanexpress/default/js/ |
1 KB 536 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
truncated
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
www.aexp-static.com/nav/ngn/fonts/ |
37 KB 38 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
325e6ad0-38fb-4bad-861c-d965eab101d5-1.ttf
qwww.aexp-static.com/nav/ngn/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
342cdec0-7d5d-43a9-84bf-8a77730526ee-3.woff
www.aexp-static.com/nav/ngn/fonts/ |
37 KB 38 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
GuardianEgyp-Light-Web.woff2
americanexpress.switchfly.com/images_w/americanexpress/nav/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gct_intl.js
www.aexp-static.com/cdaas/api/axpi/gct/1.0.0/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/nav/ngn/fonts/ |
36 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/amex/ |
591 B 733 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search-form.js
travel.americanexpress.ca/client_assets/imagesw/americanexpress/default/js/ |
31 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
travel.americanexpress.ca/client_assets/imagesw/americanexpress/default/js/ |
44 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
floodlight.js
travel.americanexpress.ca/client_assets/imagesw/americanexpress/cageneral/js/ |
10 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cta.js
travel.americanexpress.ca/client_assets/imagesw/americanexpress/default/js/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/amex/intl_amexhead/ |
284 B 426 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
omns.americanexpress.com/ |
89 B 648 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4d78cf92b1d520148bea4b33cb47cc36.js
nexus.ensighten.com/amex/intl_amexhead/code/ |
595 B 777 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
GuardianEgyp-Light-Web.woff
americanexpress.switchfly.com/images_w/americanexpress/nav/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GuardianEgyp-Light-Web.woff2
cdn.switchfly.com/assets/10bb153/client_assets/imagesw/americanexpress/default/webfonts/ |
31 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3380bc39062fe898a9a0c07fc0056958.js
nexus.ensighten.com/amex/prod/code/ |
548 B 730 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cf678753ad12330a1173f7477f4c4eaf.js
nexus.ensighten.com/amex/prod/code/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a80eddb3d3396f7e38e210dd1167b90b.js
nexus.ensighten.com/amex/prod/code/ |
683 B 866 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8ce5d40e23f72f81a9d020274b2bc0dd.js
nexus.ensighten.com/amex/prod/code/ |
10 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ac.js
cdaas.americanexpress.com/api/axpi/ensighten/adchoice/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s_code_ctn_global.js
www.aexp-static.com/cdaas/api/axpi/omniture/scode/ |
53 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ac.css
cdaas.americanexpress.com/api/axpi/ensighten/adchoice/ |
1 KB 932 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
icm.aexp-static.com/Internet/SMC/images/Chat/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
le-mtagconfig.js
www.aexp-static.com/cdaas/api/axpi/ensighten/ctc-ca-mx-it/ |
2 KB 998 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
lptag.liveperson.net/tag/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adchoice_icon_mob.png
cdaas.americanexpress.com/api/axpi/ensighten/adchoice/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adchoice_close.png
cdaas.americanexpress.com/api/axpi/ensighten/adchoice/ |
590 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
.jsonp
lptag.liveperson.net/lptag/api/account/14106077/configuration/applications/taglets/ |
269 KB 98 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
travel_canada_en.js
publisher.liveperson.net/external-project/14106077/js/ |
793 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.9.0.13-release_5023/ Frame C02B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zones
accdn.lpsnmedia.net/api/account/14106077/configuration/le-campaigns/ |
6 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s35553501199236
omns.americanexpress.com/b/ss/amexpressctnentfbprod/1/H.22.1/ |
43 B 359 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14106077
va.v.liveperson.net/api/js/ |
243 B 1 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14106077
va.v.liveperson.net/api/js/ |
42 B 769 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14106077
va.v.liveperson.net/api/js/ |
109 B 829 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.png
cdn.switchfly.com/assets/10bb153/js/libs/yui/2.9.0/build/assets/skins/sam/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
calendar_arrow_left.gif
americanexpress.switchfly.com/images_w/americanexpress/nav/default/ |
197 B 573 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
calendar_arrow_right.gif
americanexpress.switchfly.com/images_w/americanexpress/nav/default/ |
202 B 578 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_close.gif
americanexpress.switchfly.com/images_w/americanexpress/nav/default/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-search-calendar.png
cdn.switchfly.com/images_w/americanexpress/nav/default/ |
854 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bf
bf44539bru.bf.dynatrace.com/ |
937 B 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bf
bf44539bru.bf.dynatrace.com/ |
938 B 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LogEvent.do
gct.americanexpress.com/gct/ |
0 264 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14106077
va.v.liveperson.net/api/js/ |
73 B 800 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- qwww.aexp-static.com
- URL
- https://qwww.aexp-static.com/nav/ngn/fonts/325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
- Domain
- truncated
- URL
- data:truncated
- Domain
- qwww.aexp-static.com
- URL
- https://qwww.aexp-static.com/nav/ngn/fonts/325e6ad0-38fb-4bad-861c-d965eab101d5-1.ttf
- Domain
- americanexpress.switchfly.com
- URL
- https://americanexpress.switchfly.com/images_w/americanexpress/nav/fonts/GuardianEgyp-Light-Web.woff2
- Domain
- americanexpress.switchfly.com
- URL
- https://americanexpress.switchfly.com/images_w/americanexpress/nav/fonts/GuardianEgyp-Light-Web.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: American Express (Financial)329 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| log4javascript function| SimpleDateFormat object| Prototype object| Abstract object| Try object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Ajax function| $ object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position object| Scriptaculous object| Builder object| Effect object| Droppables object| Draggables function| Draggable function| SortableObserver object| Sortable object| Autocompleter object| Control object| YAHOO object| Y object| Y_DOM object| EMPTY_ARRAY object| Y_UA object| Y_Lang object| Y_DOC object| Y_DOCUMENT_ELEMENT function| Y_DOM_inDoc function| Y_mix function| Y_guid function| Y_getDoc function| Y_Array function| Y_DOM_allById string| COMPARE_DOCUMENT_POSITION string| OWNER_DOCUMENT object| Selector string| PARENT_NODE string| TAG_NAME string| ATTRIBUTES string| COMBINATOR string| PSEUDOS object| SelectorCSS2 object| Dom undefined| xOp7Up undefined| xOp6Dn undefined| xIE4Up undefined| xIE4 undefined| xIE5 undefined| xNN4 string| xUA undefined| v function| xBackground function| xClientHeight function| xClientWidth function| xClip function| xColor function| xDef function| xDisplay function| xGetComputedStyle function| xGetElementById function| xHasPoint function| xHeight function| xHide function| xLeft function| xMoveTo function| xNum function| xOffsetLeft function| xOffsetTop function| xPageX function| xPageY function| xParent function| xResizeTo function| xScrollLeft function| xScrollTop function| xShow function| xStr function| xTop function| xVisibility function| xWidth function| xZIndex function| xAddEventListener function| xResizeEvent function| xScrollEvent function| xEvent function| xPreventDefault function| xRemoveEventListener function| xStopPropagation function| xDisableDrag object| _xDrgMgr function| xEnableDrag function| _xOMD function| _xOMM function| _xOMU function| XRegExp function| ResizableTextbox function| TextboxList function| $pick function| FacebookList function| $$ undefined| Sizzle object| Sound boolean| xMac object| Mousetrap object| EzRez object| _mockConsole string| func boolean| formWasSubmitted function| validateAndDisableForm function| disableForm function| submitAndDisableForm function| submitForm function| confirmAction function| displaySection function| visibilitySection function| areaWindow function| newWindow function| newTallWindow function| isText function| ValidOrEmptyPtc function| isNonNull function| isPercentage function| isNumeric function| isNumericList function| isIntegerList function| isPositive function| isPositiveOrZero function| isInteger function| isEmail function| isPhoneNum function| isRadioSelected function| validateCountryState function| validateSelection function| validateForm function| addValidation function| removeValidation function| findValidationField function| isDate function| makeDatesClose function| roundToPennies function| changeClass undefined| req function| loadXMLDoc function| processReqChange function| hasClass function| appendClass function| removeClass function| swapClass function| validateCPF function| validateNonEmptyField function| displayDetails function| createDetailsLinkText function| displayAllDetails function| createShowHideAllLinkText number| highZ function| showHelp function| showModal function| hideElement function| hideHelpArea object| validationFields object| validationFields2 object| validationMessages object| validationType object| App object| EUCThirdParty function| cookieStatus function| readCookie function| isValuePresentInArray function| getCurrentEnv number| eli object| dT_ object| dtrum object| ensBootstraps object| INTLamexhead function| _log function| doSCLoad string| scodeId string| omn_currency boolean| executeOldOmniture string| atoSubNavJsonLocation string| atoSubNavJsonBackup function| atoSubNavJquery string| atoSubNavMenuButtonText string| atoSubNavCloseButtonText string| atoSubNavBlogText string| atoSubNavBookusText string| atoSubNavHotelOffersText string| atoSubNavFHRText string| atoSubNavTHCText string| atoSubNavIAPText function| atoSubNavCreateLists object| dheading object| iheading object| hd object| hi function| atoSubnavIsMenuExpanded function| atoSubnavShowHighlight function| atoSubnavHideHighlight function| atoSubnavHideHighlightBlur function| atoSubnavSupportMenuColumns string| currentPage function| atoSubnavGetTkeyTrefLabels function| atoSubnavHideHighlightOptions number| len string| loginURL string| logoutURL boolean| loyaltySessionRevalidationNeeded function| e object| visitor object| adobe function| Visitor object| s_c_il number| s_c_in object| Bootstrapper function| initGCT object| qsArray string| k object| o object| gfPop function| popCal string| translation_search_form_anytime function| _ object| _enslog object| icats_obj object| AmericanExpress function| addOmnDataDelay object| startTime number| TimeOutID function| iTagRuleCheckTimer function| loadNGAMUTracking string| s_environment string| s_devprod boolean| isScodeHardCoded string| s_account object| s object| s_rmvars string| s_rmact number| s_rmi number| omn_temp function| omn_rmvar function| s_rmobj function| omn_rmaction function| ctn_rmvar function| ctn_rmaction function| s_doPlugins function| omn_rmvidstart function| omn_rmvidcomplete function| omn_rmsocialaction function| omn_rmshare function| omn_rmsiteerror function| omn_rmassistaction function| omn_rmsearch function| omn_rmsearchclick string| s_code string| s_objectID function| s_gi string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft function| s_c boolean| omn_clickmap object| LoginCTA object| EzOmniture string| omn_pagename string| omn_hierarchy string| omn_language string| omn_ctnmrenrolledstatus string| omn_cardtype string| omn_ctnloginstatus string| acwindowsize string| acurl boolean| acflag boolean| acspaflag boolean| spaboot string| devicesize string| devicewidth function| getacdevicesizewidth function| getScriptURL string| scriptURL string| scriptPath string| httpsProt string| UAgent string| imgacfilehref string| fileacHref object| opinionLabCSS1 object| addivMain object| addiv object| adclosediv boolean| storcheck undefined| adwrap undefined| acid function| acRegisterEvents object| lpTag object| lpMTagConfig string| lpSiteId function| _typeof function| _extends object| proxyless string| S string| omn_PageId string| omn_ReqId string| s_tnt object| s_i_1americanexpress object| sheet function| addCSSRule string| omnVariables function| lpCb89726x192904 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
travel.americanexpress.ca/ | Name: rxvt Value: 1585160017582|1585158214479 |
|
.americanexpress.ca/ | Name: LPSID-14106077 Value: F6mRwxpDTu6s5tedYR0_nA |
|
travel.americanexpress.ca/ | Name: dtPC Value: -16$558214475_472h6vNSKRXXGHNLMBAJCRRLDKSUEYWMOQNWTT-0 |
|
.americanexpress.ca/ | Name: LPVID Value: U2YzQxNWM5MWM0ZWIxYTdh |
42 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accdn.lpsnmedia.net
americanexpress.switchfly.com
bf44539bru.bf.dynatrace.com
cdaas.americanexpress.com
cdn.switchfly.com
cloud.webtype.com
dpm.demdex.net
email.americanexpress.com
gct.americanexpress.com
icm.aexp-static.com
js-cdn.dynatrace.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
nexus.ensighten.com
omns.americanexpress.com
pls.webtype.com
publisher.liveperson.net
qwww.aexp-static.com
travel.americanexpress.ca
truncated
tuitravel.s3-eu-west-1.amazonaws.com
va.v.liveperson.net
www.aexp-static.com
www.americanexpress.com
www.tripadvisor.com
americanexpress.switchfly.com
qwww.aexp-static.com
truncated
104.28.1.16
139.71.113.91
139.71.50.190
15.188.31.119
151.101.13.192
178.249.101.23
178.249.101.98
18.197.253.20
208.87.210.123
208.89.12.87
23.45.100.166
23.45.103.227
23.45.238.252
2a03:6400:10:0:178:249:97:99
34.248.85.42
52.18.60.121
52.218.21.139
65.117.228.68
65.52.62.25
93.184.220.41
95.101.185.162
99.86.7.89
014307feba22c040cd01510cc39d5e72d5aec7997db32ca0a448593ea9e394c7
02d15463190e329a0e5ab3cdfb0424f95a5496d7d4362a368d3997f9cf44f80d
07a1dd815b7e83b59e1181940fca31b77627bd16dedc54ac65becc50fbe062ec
08bc98e36011faa65bd97b6d07dca0e098d8fb0124933ff222bcd4633fd16ec3
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
092919701797e86d465cda23fb146c2d21576c0cb37623c203e25e9c643e551c
0a851b5fda6b13a3b230048c5ec35b15d0c960a4072eb35a445ea44b7a5cfce4
0bc75e15959389438e4bc01e5b7f4726472b6ddcf65cbaa19a8cf8857c30ffb8
116797c15dd345353d4db6b07579b29f4112b39bb45522ceee3655a11e6479d1
12675ce34a6e40378c1194a2b38b6ec4743e26a810182257ba1a424fca7bbf52
129b50a0ddd632a0012d9e623a0aba1a20ad48dc960cdb9f07fc37c352cb331a
163d30d98bc34761bfb65d15d7b84b09ae545f27913402764a81ab537da1220a
192090aeb90cd2000825b5d30c327932774390e4d9cb74d198237b49c767a287
194761ee1ad416ec9ec01562d1128c628d7b0e10889481a61711e9f6c890a82a
19cd375cc5f4321e9a879e61b1f29e2c46a0009d9d186c07b46acaf8281d0624
1ca88e167808c30e712b1b633a574d4a0ca7efb45c9410c00ad38a2088a0a49e
1cb51adcd93063744715b9abca57abb12c28d47ac8303ff1a0899c85c16ff8ef
207d9336d19a26cd11ae3fa28464b3f929dd7b6905bf9d47e8aea056dcbe79f9
21055c158d07d137ea139bcd6d44be82df994f9e801caf867b7f269cfc3b3eb5
2a4b0de1f6cfbf5e88f515c7ceb8a74c3b0fa82d41c274baf79b986c21c304d6
2d466eddb72a793e571765ab97992f44c56efd457e9ef064f1d838c0ba4fbb51
2ef044158ac2fd548fa07a6e781147dfd3798004619575bdeb9f3c8030931944
32e4d3f53bc6b024ad4fff9ebca73e3b3a03d4896e67010bc08714503d1819a7
336f2030b2b2b0ba0bdee40fbe2406108ad27e28a9d14c72fdf866e2391ac776
34f6d4df0ac969b60405b084f3a5828185c8fafaa517065a196e80f193df4aa4
380d129ab6c63f8615d420b63b5612f1694392ea702077ac5c84e681297989ce
381093d55bbd1955d2a86e40568a5e5a37939d7c5ae1026b1e4bf1e919836865
38e8d1f0a31a3297886ced526ea85641ba835f737ccdba53c6c96c201029be90
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3fcda9337bb86bcf3d37187f11b99b9b3540ff55c1b347d4174e7367bb35953b
4310aa73f2aacfd1db5f463731d125a1d0d15ba5f4b4eb068d26837fa16abee9
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
4a9531772cdc572754aa6cb619508eaa840e370fec3a89fb6ab37cb1a2a280b9
4af55f80c23c121748e347557ca1d6291a9f32275b7457a33ed66daa767bcd85
4b48235343fa9b98713fcea208367ea76ee311c5cd1d37eb4392ae6cd4f7b256
50b4f1e8d0fbc1a7700223d72b150ad736e8df237c9bebf49a73a5cc93365824
5319a306445c36a3c9602f5d2e1b9fb5e09aabc87cb0ff31da55bdb34baa579c
53f4fbd79ef5a544eb28ea9472c8ee20d220939a3faed242871568782c1984cf
55321a792263e371c7cebee9d4a4cfa6e6e4d0ce2762c633f15ed07c2b7813b2
568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c
5c96875771d8edfc96c7ed41006bf07e0900f517fea45f004c8d79452f31ab03
606bc1849bef6d29e2ff2f2810570c23c79a04910b1c62b027320e69e60ebbf8
677a07ae073fed4209adf0e8684c6086aa936166370d34ef4393855571c1d374
6dacec3def855ef72fca28acccf42333764069e675d755a39cbf36b8fbb2eda7
6dfbebb88e792d94f162ed131dbc6dd53777a8c5041037ae6a5561f0e7489a1a
6e6e6cc2edac3c4aa992d2c0e6a100f4f0216e97aa7eda9942e6c2e43f00f44f
6f5abc870913e4def16189c563f025676b0f6353ed2b8dd277d2cba761a789fc
70b682318fce408e6ad7d157ed9d173e08862c04ecb78a75dad78f53bcb67cc8
74b2019d0df85bb2dcfea8c6704d89b80429ad82e8caa479b59bef7a9aa6df06
7945617d8642a9431cb6c253259fa3752f8f639dac006b76b18e5e4615b87a81
80c903c4aed0271f2497f8082dc49e84cadc7090683bdbab825790080ebcc50e
81f71a48347d68ab223309b382998903bf1b21ace2c1cf177c61ac0e8cc072a6
822cd7ebec3f2421bb7c4c2ef13abaf167253b1618b4b9e981ec43363bffbbc7
84f8f76172141ef6d72e424e33c85a2b97072e480046da992d2e27726650595c
86a003a05b835ffffe975e53658baffbfec9cbfd87fcbc7eeda483c3761da936
88100663f2cb530246c41c7a0a803ee9938add191474d678baf4a9648bfb5b99
8dc843af44b8a2cfdf528a7eecca7a402ad69cf6e720ddb498d226a99ab88de7
8e503618ec66fad85fb3fcdc943ba0a99aacab04a45f35806abef3fc89c85d7d
90c8c95333ec4c9d5c54c1f203f00346e54ad94d9ce8e463d9ed1ce4cb66d216
913d965bf5c0a8d038c0f4166bcaa1b41c0e26463cf42b39dfabdede49018201
91b6c8d99cd7431026762dd11dcef187e81bb4483d7ad28aef8cf787d581d23c
9a057fc61cb184d52e6fac386d82c7f00965a7287641f939b8b782133ebaca1c
9a29963f44e616be6e1660261aab4bb26e7dc1a54b948c2bf89ae8cb205e97f7
9aa10d870dc388e5080b77d0bda50a6c2023a5bbf1db467be1d6e82fbb2eb0da
9aaf956d8063e673da7fd9153a913fd8b47f7937b2cafa494ae557c2c36047b2
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a5e1bb5b2f49c091eca58561cea13f6b8c8e6d57e37658540b734ff9d5cd9141
a717a791f34c3adb482d60b9475d52b68637a20ff65c26d28f0a5e5739195aad
a8903e89ed1662f3e7f54fd03f1b0a8805f27823fb3a21f19c17ab97c62b1fa4
a956653aba147a018960f1782e25cdcac093813a38c2bfb49307b5074696b2a4
aa3dead0e25179283eeb009828c69329bad1fa193428edcbe4c58b2be83ece8f
ae150985afb795662c2a1eb4178d06b62ee25fcaf208fcd63a576a4bfce43349
b03beb587c9780d9140f1a64446e0212a1d838a47e382c482315440e7286ee1b
b1c207df0ddc57f35ad0c2b1ae836a2de474ce113fd9d98625d62ac3867d8ed0
b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9
b218f56d76366651d480242a13f7076a0e9a3a1435809fb29c1f8d9478da0466
b305a227e2a0232843e0a82d8414ab3a61e83c7b8f7c00927e2e3bb56fd08c09
b3e75938a5b817dbe131dc8040170a6502414549e2185105bf6c08d563d9b049
b52133fcc0ccef11f2d3e479c97d01fa4519e7e8b46207dfc29b2445af6848cb
b908d606dc2ae5657fab223399249dfe2bb26b46d9cd8ba0ce4282cb3cb0e3a7
c096556612a6bebceba8a8a4f82f0a6a556c84d485b3f5f4e927b3177a5b296b
c20a46e1e0c771e260a97303b83a37cdeaaaa8d41ce0f8ef36a20fed6f9573a4
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9
c6267e9d7d821c8da155a369636d1c17b2ce6c56582ec1f653700e0e6c4eebf2
cb22cdcfe2957918119a12083af7fc8610ae95f06a0b447d72bf26c1f5c56d70
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
cdec16998b03f4932668d1fd7c63dd71a1388a708090b790dfdd4f4a6ac0277e
d0701647073058aa026c1a8d44b46f08bb4e297cae0b6f440a585f38bf75c8b1
d3465edaa0c5a6ae5a6551cfe2b8e2cbf8c64a1f66aca5c3043d22012bf1ad3d
d3a286387b0ac395a5652ffcb2bba500c9abc10b16b1799b4c59cebc181308b6
ddb6da3c2c4c267b57a7e071958ed3622fdb68527efdd0bc9b45794ee1e3e37a
ddd8db2765def659cdae3c3b9c4c037e036dbd4e37bab0f0835dcbc7a72fffc0
e23fe6ae8d9b9a7c218fc5c20138867d64b263f1fe8f1346cac63a8b1360a58c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83ca2adaf944ae01a3283d78c9b568dba16f783f40b1e5f1dfbf0c1738d2393
e8e25031a06de68bd7366fe65947615a6f8eef6aed2d32605211de4ac919f82f
ea4ace89fe7d1b56b425c7cb893e9548b493048b57c93a9e713e8879c83739cc
eb775f4af14df7bbad9ec8e1421c272f3e246b998623565025d592ab3ef48f49
ec4255529fa012df83031a4a396aecec63d81d60e5b258815c8785bcfd8b692b
ed892e5b6bcc659078fbafcd9b0466965b3be1df44326b75dcfe4fa7fd95adac
ee56c5127609d41ad014b31267479bb9b34548f954dfd0921b9a35f943559ebf
f2e3be4d56cfc7a17624dd494e3f1f2bca5b2de8f8c6755f21d3f70a445e2f11
f5b831b25f59db5b5af58cd1a65f2162f3d2669f0283fd7e87f7cc595aebe151
fb2b6106b7b499ada28430507429b5f41c9d53160e86441b7d16c8504e14935d
fb42121a1dc37df5307eee8f9290780e4cb7598fa293b6a98359ae947d8d93f4
ff6a8f5891d0539c09a4aa8c39694e178a6dd7bbecd13dca654c7d1331566528
ffb94aae9e7de2bd4e56e7d61cb19bd4907c96983aff35c72169342c87cbfc1d