www.upexpress.com
Open in
urlscan Pro
76.76.21.21
Public Scan
Submitted URL: http://www.upexpress.com/
Effective URL: https://www.upexpress.com/en
Submission: On August 11 via manual from IN — Scanned from DE
Effective URL: https://www.upexpress.com/en
Submission: On August 11 via manual from IN — Scanned from DE
Summary
This website contacted 13 IPs
in 4 countries
across 14 domains to perform 80 HTTP transactions.
The main IP is 76.76.21.21, located in
Walnut, United States and
belongs to AMAZON-02, US.
The main domain is www.upexpress.com.
TLS certificate: Issued by R3 on June 28th 2023. Valid for: 3 months.
This is the only time www.upexpress.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on June 28th 2023. Valid for: 3 months.
This is the only time www.upexpress.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 3 39 | 76.76.21.21 76.76.21.21 | 16509 (AMAZON-02) (AMAZON-02) | |
| 21 | 2a04:4e42:200... 2a04:4e42:200::604 | 54113 (FASTLY) (FASTLY) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:806::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a02:26f0:710... 2a02:26f0:7100:98e::37f3 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 34.194.66.248 34.194.66.248 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 3 | 2001:4860:480... 2001:4860:4802:38::178 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:830::2002 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a00:1450:400... 2a00:1450:400c:c06::9d | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:80b::2004 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
| 80 | 13 |
2
2a00:1450:4001:806::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
2a02:26f0:7100:98e::37f3
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| api.gotransit.com |
1
34.194.66.248
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-66-248.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-66-248.compute-1.amazonaws.com
| ets.upexpress.com |
2
2a03:2880:f045:10:face:b00c:0:3
(Amsterdam, Netherlands)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
1
2a00:1450:4001:830::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pubads.g.doubleclick.net |
2
2a03:2880:f145:82:face:b00c:0:25de
(Amsterdam, Netherlands)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 40 |
upexpress.com
3 redirects
www.upexpress.com ets.upexpress.com |
906 KB |
| 21 |
metrolinx.com
assets.metrolinx.com — Cisco Umbrella Rank: 975850 |
43 KB |
| 3 |
doubleclick.net
pubads.g.doubleclick.net — Cisco Umbrella Rank: 431 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 |
940 B |
| 3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 54 |
21 KB |
| 2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 107 |
239 B |
| 2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2770 www.google.com — Cisco Umbrella Rank: 3 |
664 B |
| 2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170 |
134 KB |
| 2 |
gotransit.com
api.gotransit.com |
3 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65 |
191 KB |
| 0 |
google.de
Failed
www.google.de Failed |
|
| 0 |
amazonaws.com
Failed
s3.amazonaws.com Failed |
|
| 0 |
ads-twitter.com
Failed
static.ads-twitter.com Failed |
|
| 0 |
adnxs.com
Failed
acdn.adnxs.com Failed |
|
| 0 |
sojern.com
Failed
beacon.sojern.com Failed |
|
| 80 | 14 |
| Domain | Requested by | |
|---|---|---|
| 39 | www.upexpress.com |
3 redirects
www.upexpress.com
|
| 21 | assets.metrolinx.com |
www.upexpress.com
|
| 3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | www.facebook.com |
www.upexpress.com
|
| 2 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
| 2 | connect.facebook.net |
www.upexpress.com
connect.facebook.net |
| 2 | api.gotransit.com |
www.upexpress.com
|
| 2 | www.googletagmanager.com |
www.upexpress.com
www.googletagmanager.com |
| 1 | www.google.com |
www.upexpress.com
|
| 1 | region1.analytics.google.com |
www.googletagmanager.com
|
| 1 | pubads.g.doubleclick.net |
www.upexpress.com
|
| 1 | ets.upexpress.com |
www.upexpress.com
|
| 0 | www.google.de Failed |
www.upexpress.com
|
| 0 | s3.amazonaws.com Failed |
www.upexpress.com
|
| 0 | static.ads-twitter.com Failed |
www.upexpress.com
|
| 0 | acdn.adnxs.com Failed |
www.upexpress.com
|
| 0 | beacon.sojern.com Failed |
www.upexpress.com
|
| 80 | 17 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.upexpress.com R3 |
2023-06-28 - 2023-09-26 |
3 months | crt.sh |
| assets.metrolinx.com GlobalSign Atlas R3 DV TLS CA 2023 Q2 |
2023-06-04 - 2024-07-05 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
| www.gotransit.com Entrust Certification Authority - L1K |
2023-05-24 - 2024-06-24 |
a year | crt.sh |
| ets.upexpress.com Entrust Certification Authority - L1K |
2022-09-20 - 2023-10-20 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-05-20 - 2023-08-18 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.upexpress.com/en
Frame ID: 69EDF3B9E1D47320BE9C1B3A0066FF36
Requests: 81 HTTP requests in this frame
Screenshot
Page Title
UP Express - Miss The Traffic, Not Your FlightPage URL History Show full URLs
-
http://www.upexpress.com/
HTTP 308
https://www.upexpress.com/ HTTP 307
https://www.upexpress.com/en/ HTTP 308
https://www.upexpress.com/en Page URL
Detected technologies
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
21 Outgoing links
These are links going to different origins than the main page.
URL: https://www.metrolinx.com/en/
Search URL Search Domain Scan URL
URL: https://www.gotransit.com/en
Search URL Search Domain Scan URL
URL: https://www.prestocard.ca/en/
Search URL Search Domain Scan URL
URL: https://services.upexpress.com/CustomerSupport/ContactUs
Title: Contact Us
Title: Contact Us
Search URL Search Domain Scan URL
URL: https://services.upexpress.com/CustomerSupport/LostFound
Title: Lost and Found
Title: Lost and Found
Search URL Search Domain Scan URL
URL: https://www.research.net/r/G9QMGCT
Title: Take the Survey
Title: Take the Survey
Search URL Search Domain Scan URL
URL: https://horizons.confirmit.ca/wix/p261546187968.aspx?vv=2
Title: Take the Survey
Title: Take the Survey
Search URL Search Domain Scan URL
URL: https://www.torontopearson.com/en
Title: Check flight status
Title: Check flight status
Search URL Search Domain Scan URL
URL: https://www.metrolinx.com/en/about-us/careers
Title: Careers
Title: Careers
Search URL Search Domain Scan URL
URL: https://themetrolinxshop.com/collections/upexpress
Title: The Metrolinx Shop
Title: The Metrolinx Shop
Search URL Search Domain Scan URL
URL: https://www.ontario.ca/page/government-ontario
Title: Ontario Government
Title: Ontario Government
Search URL Search Domain Scan URL
URL: https://www.facebook.com/UnionPearsonExpressEN
Search URL Search Domain Scan URL
URL: https://www.youtube.com/@UnionPearsonExpress
Search URL Search Domain Scan URL
URL: https://twitter.com/UPExpress
Search URL Search Domain Scan URL
URL: https://www.instagram.com/upexpress/
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/up-express/about/
Search URL Search Domain Scan URL
URL: https://www.tiktok.com/@upexpressofficial?lang=en
Search URL Search Domain Scan URL
URL: https://www.prestocard.ca/en
Search URL Search Domain Scan URL
URL: https://www.triplinx.ca/
Search URL Search Domain Scan URL
URL: https://www.metrolinx.com/en/privacy-policy
Title: Privacy
Title: Privacy
Search URL Search Domain Scan URL
URL: https://staff.metrolinx.com/
Title: Staff Portal
Title: Staff Portal
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.upexpress.com/
HTTP 308
https://www.upexpress.com/ HTTP 307
https://www.upexpress.com/en/ HTTP 308
https://www.upexpress.com/en Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
80 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
en
www.upexpress.com/ Redirect Chain
|
545 KB 51 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UP_Express_31252
assets.metrolinx.com/image/upload/s--iuWsVuE8--/c_limit,f_auto,q_auto,w_1920/v1/Images/UP/original/ |
18 KB 18 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
82b1593857dd344e.css
www.upexpress.com/_next/static/css/ |
99 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ac480bcbcda5d080.css
www.upexpress.com/_next/static/css/ |
11 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2375.6a1cd18416493ab2.js
www.upexpress.com/_next/static/chunks/ |
91 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6255.a89b54b553b47a8a.js
www.upexpress.com/_next/static/chunks/ |
123 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4169.aa417d045c579365.js
www.upexpress.com/_next/static/chunks/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8962.3bc4122b4acb3908.js
www.upexpress.com/_next/static/chunks/ |
106 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9006.4642efaa79d5675d.js
www.upexpress.com/_next/static/chunks/ |
37 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8542.185a8447b3bde5d0.js
www.upexpress.com/_next/static/chunks/ |
116 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
756.e54c650e0ebda9bb.js
www.upexpress.com/_next/static/chunks/ |
65 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3876.525e91630ee66d8d.js
www.upexpress.com/_next/static/chunks/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webpack-e07a52484456ac31.js
www.upexpress.com/_next/static/chunks/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
framework-ec1964d96f7c12dc.js
www.upexpress.com/_next/static/chunks/ |
206 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main-1b4ddcbbae181653.js
www.upexpress.com/_next/static/chunks/ |
91 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_app-ffeac1334876fcc0.js
www.upexpress.com/_next/static/chunks/pages/ |
168 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9053-996911a12faff0dd.js
www.upexpress.com/_next/static/chunks/ |
171 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9409-ef7a546e0fc8d319.js
www.upexpress.com/_next/static/chunks/ |
221 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6081-d891eb94b2d575c3.js
www.upexpress.com/_next/static/chunks/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5322-826136efe6421b3a.js
www.upexpress.com/_next/static/chunks/ |
58 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
%5B%5B...slug%5D%5D-d52447d0275b0c72.js
www.upexpress.com/_next/static/chunks/pages/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_buildManifest.js
www.upexpress.com/_next/static/sA6-VA3jc5YZI3ERbjE_7/ |
736 B 937 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_ssgManifest.js
www.upexpress.com/_next/static/sA6-VA3jc5YZI3ERbjE_7/ |
145 B 314 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Type_Standard_Brand_MX_State_White_zq36sm.svg
assets.metrolinx.com/image/upload/v1650294787/brand%20assets/Metrolinx/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Type_Standard_Brand_GO_State_White_qiiihc.svg
assets.metrolinx.com/image/upload/v1650294787/brand%20assets/GO/ |
653 B 572 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Type_Standard_Brand_PRESTO_State_White_iwsddn.svg
assets.metrolinx.com/image/upload/v1650294789/brand%20assets/PRESTO/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Type_Standard_Brand_UP_State_White_ysh3yt.svg
assets.metrolinx.com/image/upload/v1650055150/brand%20assets/UP%20Express/ |
11 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
arrow_back.svg
www.upexpress.com/icons/ |
196 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
arrow_forward.svg
www.upexpress.com/icons/ |
197 B 350 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
presto-card-24.svg
assets.metrolinx.com/image/upload/v1682609397/icons/all%20icons/UP/ |
2 KB 949 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bullhorn-24.svg
assets.metrolinx.com/image/upload/v1682609483/icons/all%20icons/UP/ |
567 B 564 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
feedback-24.svg
assets.metrolinx.com/image/upload/v1682609511/icons/all%20icons/UP/ |
436 B 728 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
airplane-24.svg
assets.metrolinx.com/image/upload/v1682609441/icons/all%20icons/UP/ |
643 B 497 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UP-Land-Acknowledgement-Icon.svg
assets.metrolinx.com/image/upload/v1686575051/icons/all%20icons/UP/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Type_Standard_Brand_UP_State_White_q4gcvc.svg
assets.metrolinx.com/image/upload/v1650294789/brand%20assets/UP%20Express/ |
11 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Social_FB_n5qh7r_wy9hws.svg
assets.metrolinx.com/image/upload/v1650043956/icons/social%20sharing%20icons/ |
514 B 427 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Social_YouTube_gvew0r_e8t0bi.svg
assets.metrolinx.com/image/upload/v1650043987/icons/social%20sharing%20icons/ |
1 KB 842 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Social_Twitter_e84xlg_i9qni0.svg
assets.metrolinx.com/image/upload/v1650043984/icons/social%20sharing%20icons/ |
1 KB 874 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Social_Instagram_axqmnm_dqcm0v.svg
assets.metrolinx.com/image/upload/v1650043980/icons/social%20sharing%20icons/ |
974 B 780 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Social_LinkedIn_jwkejk.svg
assets.metrolinx.com/image/upload/v1650373538/icons/social%20sharing%20icons/ |
896 B 610 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Social-_Size_48_type_Social_Tiktok.svg
assets.metrolinx.com/image/upload/v1676315649/icons/all%20icons/ |
695 B 564 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Brands.svg
assets.metrolinx.com/image/upload/v1679428945/brand%20assets/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Avenir%20Next%20LT%20Pro%20Demi.6c8f457b.otf
www.upexpress.com/_next/static/media/ |
72 KB 40 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Avenir%20Next%20LT%20Pro.5636a8ba.otf
www.upexpress.com/_next/static/media/ |
65 KB 39 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Avenir%20Next%20LT%20Pro%20Bold.2fe5f64f.otf
www.upexpress.com/_next/static/media/ |
68 KB 41 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
344 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
general
api.gotransit.com/external/upe/sup/serviceupdates/en/ |
97 B 545 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cart_items
ets.upexpress.com/ |
20 KB 7 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
all
api.gotransit.com/external/upe/sup/serviceupdates/en/ |
2 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
origins
www.upexpress.com/api/v1/tickets/ |
601 B 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
session
www.upexpress.com/api/auth/ |
2 B 378 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
session
www.upexpress.com/api/auth/ |
2 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
coin-16.svg
assets.metrolinx.com/image/upload/v1682609498/icons/all%20icons/UP/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
platform-16.svg
assets.metrolinx.com/image/upload/v1682609393/icons/all%20icons/UP/ |
990 B 624 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
history-16.svg
assets.metrolinx.com/image/upload/v1682609369/icons/all%20icons/UP/ |
894 B 644 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fr.json
www.upexpress.com/_next/data/sA6-VA3jc5YZI3ERbjE_7/ |
451 KB 65 KB |
Fetch
text/x-component |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en.json
www.upexpress.com/_next/data/sA6-VA3jc5YZI3ERbjE_7/ |
435 KB 59 KB |
Fetch
text/x-component |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
service-alerts.json
www.upexpress.com/_next/data/sA6-VA3jc5YZI3ERbjE_7/en/ |
102 KB 18 KB |
Fetch
text/x-component |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
buy-tickets.json
www.upexpress.com/_next/data/sA6-VA3jc5YZI3ERbjE_7/en/ |
89 KB 16 KB |
Fetch
text/x-component |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
up-express-fares.json
www.upexpress.com/_next/data/sA6-VA3jc5YZI3ERbjE_7/en/ways-to-pay/ |
170 KB 33 KB |
Fetch
text/x-component |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
subscription-page.json
www.upexpress.com/_next/data/sA6-VA3jc5YZI3ERbjE_7/en/about-up/ |
87 KB 16 KB |
Fetch
text/x-component |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
321388
beacon.sojern.com/pixel/p/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
pixie.js
acdn.adnxs.com/dmp/up/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
267 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
uwt.js
static.ads-twitter.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
172 KB 47 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activity;xsp=5161107;ord=2526949020784326
pubads.g.doubleclick.net/ |
42 B 542 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
flb.js
s3.amazonaws.com/ki.js/65684/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.analytics.google.com/g/ |
0 256 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 247 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
ga-audiences
www.google.de/ads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 211 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1006561313375155
connect.facebook.net/signals/config/ |
306 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 151 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
ga-audiences
www.google.de/ads/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 54 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- beacon.sojern.com
- URL
- https://beacon.sojern.com/pixel/p/321388?f_v=v6_js&p_v=1&vid=tra&cid=
- Domain
- acdn.adnxs.com
- URL
- https://acdn.adnxs.com/dmp/up/pixie.js
- Domain
- static.ads-twitter.com
- URL
- https://static.ads-twitter.com/uwt.js
- Domain
- s3.amazonaws.com
- URL
- https://s3.amazonaws.com/ki.js/65684/flb.js
- Domain
- www.google.de
- URL
- https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XQH8BRWVBQ&cid=500336480.1691765605>m=45je3890&aip=1&z=883057721
- Domain
- www.google.de
- URL
- https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-40226028-1&cid=500336480.1691765605&jid=2074419117&_u=YADAAEAAAAAAACAFK~&z=318103815
Verdicts & Comments Add Verdict or Comment
33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| gtag object| dataLayer function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| regeneratorRuntime function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| appSettings object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| _kiq string| key function| pixie function| twq function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .upexpress.com/ | Name: _gcl_au Value: 1.1.782135467.1691765605 |
|
| www.upexpress.com/ | Name: __Secure-next-auth.callback-url Value: https%3A%2F%2Fwww.upexpress.com |
|
| www.upexpress.com/ | Name: __Host-next-auth.csrf-token Value: 514d9f09ef8945306ccd55f8dac8e7c0d359494c772b9363267f69183bdc5b30%7Ceb2de3658c90646c2726386528c6f4b008042fce498694b6ac0a3af89691d1a6 |
|
| .upexpress.com/ | Name: _ga Value: GA1.2.500336480.1691765605 |
|
| .upexpress.com/ | Name: _gid Value: GA1.2.367930653.1691765605 |
|
| .upexpress.com/ | Name: _gat_UA-40226028-1 Value: 1 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .upexpress.com/ | Name: _fbp Value: fb.1.1691765605003.1077542284 |
|
| .upexpress.com/ | Name: _ga_XQH8BRWVBQ Value: GS1.1.1691765604.1.0.1691765605.59.0.0 |
|
| ets.upexpress.com/ | Name: AWSALB Value: kU4xgCDTKNzjMAtNPM8Zmov/+yPJkZ2lLLlZRYctP3rOCXUFc4eEErzVNX2bi+h1LcI+x3lA0yVwIYdYoz4WC4tsg3UsJF6M7npdPku80/c6AOwJCUlhpjaLiUea |
|
| ets.upexpress.com/ | Name: AWSALBCORS Value: kU4xgCDTKNzjMAtNPM8Zmov/+yPJkZ2lLLlZRYctP3rOCXUFc4eEErzVNX2bi+h1LcI+x3lA0yVwIYdYoz4WC4tsg3UsJF6M7npdPku80/c6AOwJCUlhpjaLiUea |
|
| ets.upexpress.com/ | Name: co_bytemark_upexpress_SESSION Value: "0b1ffad77b8150682e8346c8ec120361a24a2dc1-offer_key=a41a2d4b-68cd-4804-bc4d-53acda5340f9&cart_key=0b922400-769f-412b-8880-19709f3eb5df&___TS=1691776405137&language=en¤cy=CAD" |
|
| ets.upexpress.com/ | Name: PLAY_LANG Value: en |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com tagmanager.google.com ajax.googleapis.com www.youtube.com www.instagram.com platform.instagram.com connect.facebook.net platform.twitter.com maps.googleapis.com; style-src 'self' 'unsafe-inline' fonts.cdnfonts.com fonts.googleapis.com tagmanager.google.com www.gstatic.com; font-src 'self' fonts.cdnfonts.com *.fonts.gstatic.com fonts.gstatic.com data:; connect-src 'self' res.cloudinary.com vitals.vercel-insights.com graph.facebook.com assets.metrolinx.com https://api.gotransit.com ae72qusyyn-dsn.algolia.net ae72qusyyn-3.algolianet.com ae72qusyyn-2.algolianet.com ae72qusyyn-1.algolianet.com maps.googleapis.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google-analytics.com *.google.com ets.upexpress.com; img-src 'self' res.cloudinary.com cloudinary.com assets.metrolinx.com i.ytimg.com maps.gstatic.com maps.googleapis.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.googleads.g.doubleclick.net *.google.com ssl.gstatic.com www.gstatic.com *.facebook.com data:; media-src 'self' blob: res.cloudinary.com assets.metrolinx.com; frame-src www.youtube.com www.google.com www.instagram.com www.linkedin.com www.facebook.com platform.twitter.com outlook.office365.com *.g.doubleclick.net maps.metrolinx.com ets.upexpress.com |
| Strict-Transport-Security | max-age=63072000 |
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acdn.adnxs.com
api.gotransit.com
assets.metrolinx.com
beacon.sojern.com
connect.facebook.net
ets.upexpress.com
pubads.g.doubleclick.net
region1.analytics.google.com
s3.amazonaws.com
static.ads-twitter.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.upexpress.com
acdn.adnxs.com
beacon.sojern.com
s3.amazonaws.com
static.ads-twitter.com
www.google.de
2001:4860:4802:34::36
2001:4860:4802:38::178
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9d
2a02:26f0:7100:98e::37f3
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a04:4e42:200::604
34.194.66.248
76.76.21.21
0cee3719ccec20492edcfd768310bff126503dee2c3144a0b573b97e60ce7577
0eb1ebffa0166f88df861db38d4c18d68ee889590f6013371390a102387a2cd7
1064ea7f51e1d3f390d3b9c3105eabc4332e23bcac67983019b6836d3f8d9751
10ee0f4a14199bb93272ef86d2218baefe39d4a8c2a4570793c991e22f79c34a
17c228b8023ba5bb17cdd25837cf6fe636682b4e0bc750237672aacd0ac03257
1b35300a2a0d53f458f42d6ab474c3e0b3370dd57558b5d1bbb4ee65727e0cf3
21d7fc503db5e58915ced447c70c1743ae04ba01b5114c67bef1ea89d082653a
2c2dfc66d769436d05e1d680a1aadaf42e316bd47bfb4ddd30185455de45aff8
2d9f73d0219289aafa0976b2975bd2e491f0a553287dad1635066e39b8588797
2ed05ee887d2c5f7c9236ccf466d2bb67b5dfdd47a8a9fab7dc770eb7ce76b94
399804249bceaefea6da1dbd858d9a9f995f3fcd819349d4dfb6d4baae0f46f9
39e5ae7bb31c0d25d3793424bb33f73545ac7c919eceba7f92044c7bc6915788
3a6c5a8437caf640aae12ab99c2c0dc5e90001e28e8370bc1e21d00b403c9f62
40192f70b2a1a9f1da66cc01b3ddc48045b7b21f8d3fd176c6ad2750edda46d4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
50259282c2992e772c0b709cae46ad29f67043006ae13e65421d5671419b49dc
54bd3d531b663000c6d063444edd63b01ad45b1ca1e03468119b5b2f4de01034
593704835556d5984f2fdaf4cdf9c49d2851654199eae8be2d1a98850c62aee5
5f68bd97ff2734e42e71fe422cc6644c60b97d4dbdf7f076ea059f183a5a281e
5ff71d38657a5ca7024063284389ad283f3c4f6abe73cf2e712d8d0d7e3ab0b3
6159b40c191fcd3458c46fa80c67a0f1883458757e2310ae419d0431fa23d4ca
617ad9b242d34d27972dbc4c7e08873636adb6f30ed9365b94886095229edabe
62b10344cb56509b67e13c4cc9fbbc450c6605f2085e562efb01efe56a2803ee
6d9610bccfd5db53891d16a2a3bfb207954676e7fe157ffa9c1cfa16add09d3b
70d1ee5dc12b3eddf7e49df64741e6a0065dfc8572a179cb04782517577c1744
77489dd0af8ce1b858411fdd466009aed95436a4e5530160c37cb56ebd3e0af7
7ab9f0e30abe36e7f5f4b2d3089ca6e10f14953dee1803cbc5e77d129972cd6a
7bcc9c3a6d946edff21cb5be0fb2996c22e29ff67ce92aba927f952997727485
7e2f6a70e3c5268c6f3c3fa11dcc572e164d815498fd504d701d54471da99dbe
814ee8e54c672ff841e2ca1d688f9429cb36c076cfae34ee6ca3cfffec4f7147
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a827a3ab4677893c0e24067d7a9ff17f4e2d1b69c956d3fd8dc36e6e983a9c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
885c478d2f0ce0af25e8b6d5c163c8bc6d097e04d9553a445056890cbe4af51e
8f4467e51f5411447b2c41db97749096a7c406f42a07f4a7d5f071d3d4284e68
8fad9ba75da8497e434778117e442ecc51e865e0c5ecd8681e7f16f439053dba
913de3dff80f7aea44b74a8e2a1caa7500e9625bd71a3246889b668be9d70665
94d08baa868bf1c538ad382a5d3778dbd42160c2575b730d1c5f228a5d579888
96ab666e26cf98bb50ea28999bbfe402ea9c47388eaca1897a59f1e9b40f4ff4
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
ae288fbcb123705940a1061fc8bc0ec0ce407e66b287507f52ea866e7dca884a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b32ecbeae3fe801985932aca4be7e2846853c91bb95fb864cbc78c79f6865627
b32f36e1252344fb841cee5252408e12cc0cbeb298f903173253222436472919
ba252bd3298fe10bd1d81b209017796e298030dbd0d860c9bd94f828f9dd4724
c2e8830b1a72f70d28c11c297640e88fd313304427d2fc47a8d887a07af3275f
c431a85539929ac41cfd9889b94877d713472d54805232252a1181bae42cf4e3
c7f1c5955461df7e8dd9485bb1d7e3d39ff8e4d6d1fe80b2a182ee8f1c4376c7
ca0a3b21fbdff82be624e4d6b2c5e06a112d0b03282a0e70d84018fd3a5543dd
ced4689a20076403eed1f2123fa18bee30c3ae932df4ac94374e0a13a7457f36
d156813bb7c5b9572ae73df588fabad734d4d7e86397e6260310d6efe00cdf63
d4de4ea6d03451ef23d11496cd2b258d5faf1b04ea5b23c10129ecdd87a4c254
d81ef3a47bdd2a985d94c308a7bdd39a737334b9dfeac754f06ea971d4cf198a
dc43aaa67f4d5ca5288f455635f7f37ed061bb86f6408bd242d3ff7caa662d01
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df0d5c4109b39e5953d9f45b33401423d8cdd42f349b6ddd39296f5c97912b3a
e12981821fdd353a4bab69c6ede4578063f25ed3e12282cf56276cc5291a7072
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d3e7ca38f5b278fe1b962e940fae89f721787ab47bfa5cc9c75a7782317beb
e572f47b132aa87d1d498e934c45424521cc2193ad799d1ff5549a0682d4b22e
e74ddf11ef511b9d82278a3c9b7f7fd4e7b6850d5e6c9dd81673fd7669d1091f
e8928b7bfb827699d8bffda0dc449ff53451355237ebad12a4f782b32bb7a717
ea998a20440b35571a3830cb13d356cd3f3c4def928e1dfce4515e2e4f02a435
eee3b98db8baaf5fdab44d2785ca8b7147619686647b6bdd2284bc448c994460
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0db4bc481c99ca16e49d18f76c087691562840d70050cf810365eafe0f9e4b6
f123be358dd4ca3b420edb9ced0f39a5bba207050da6c654be87f2e6d587eb09
f6c0bc1b90c6af2d83f412b5738000a2e9ffcc29b7fc42f7e4b8602a64dcfa7f