access.amexgbt.com
Open in
urlscan Pro
75.2.114.79
Public Scan
Effective URL: https://access.amexgbt.com/app/amexgbtb2b_globalportal_1/exk1hwxyqysufHteO0h8/sso/saml
Submission: On May 14 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on February 23rd 2024. Valid for: a year.
This is the only time access.amexgbt.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 5 | 75.2.114.79 75.2.114.79 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 194.36.55.5 194.36.55.5 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
10 | 108.138.36.104 108.138.36.104 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 194.36.55.251 194.36.55.251 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
1 | 54.230.228.90 54.230.228.90 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 23.36.235.165 23.36.235.165 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 54.230.228.128 54.230.228.128 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 34.223.166.191 34.223.166.191 | 16509 (AMAZON-02) (AMAZON-02) | |
34 | 9 |
ASN16509 (AMAZON-02, US)
PTR: a2e40bf056f673113.awsglobalaccelerator.com
access.amexgbt.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-104.muc50.r.cloudfront.net
ok1static.oktacdn.com |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
auth.digital.amexgbt.com |
ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-90.muc50.r.cloudfront.net
cdn.amplitude.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-36-235-165.deploy.static.akamaitechnologies.com
www.aexp-static.com |
ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-128.muc50.r.cloudfront.net
login.okta.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-166-191.us-west-2.compute.amazonaws.com
api2.amplitude.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
amexgbt.com
2 redirects
access.amexgbt.com — Cisco Umbrella Rank: 290631 cdn.amexgbt.com — Cisco Umbrella Rank: 85303 auth.digital.amexgbt.com — Cisco Umbrella Rank: 475269 |
706 KB |
10 |
oktacdn.com
ok1static.oktacdn.com — Cisco Umbrella Rank: 21483 |
779 KB |
3 |
amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2804 api2.amplitude.com — Cisco Umbrella Rank: 1152 |
18 KB |
2 |
aexp-static.com
www.aexp-static.com — Cisco Umbrella Rank: 12649 |
105 KB |
1 |
okta.com
login.okta.com — Cisco Umbrella Rank: 4048 |
|
34 | 5 |
Domain | Requested by | |
---|---|---|
14 | cdn.amexgbt.com |
access.amexgbt.com
cdn.amexgbt.com |
10 | ok1static.oktacdn.com |
access.amexgbt.com
ok1static.oktacdn.com |
5 | access.amexgbt.com |
2 redirects
access.amexgbt.com
ok1static.oktacdn.com |
2 | api2.amplitude.com |
cdn.amplitude.com
|
2 | www.aexp-static.com |
cdn.amexgbt.com
|
1 | login.okta.com |
ok1static.oktacdn.com
|
1 | cdn.amplitude.com |
access.amexgbt.com
|
1 | auth.digital.amexgbt.com |
access.amexgbt.com
|
34 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
amexglobalbusinesstravel.com |
www.amexglobalbusinesstravel.com |
privacy.amexgbt.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
access.amexgbt.com Sectigo RSA Organization Validation Secure Server CA |
2024-02-23 - 2025-02-22 |
a year | crt.sh |
cdn.amexgbt.com Sectigo ECC Organization Validation Secure Server CA |
2024-04-30 - 2025-04-30 |
a year | crt.sh |
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-15 - 2025-01-02 |
a year | crt.sh |
cdn.amplitude.com Amazon RSA 2048 M02 |
2023-12-14 - 2025-01-12 |
a year | crt.sh |
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2024-03-06 - 2025-03-06 |
a year | crt.sh |
accounts.okta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-19 - 2024-07-24 |
a year | crt.sh |
*.amplitude.com COMODO RSA Domain Validation Secure Server CA |
2024-01-31 - 2025-03-02 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://access.amexgbt.com/app/amexgbtb2b_globalportal_1/exk1hwxyqysufHteO0h8/sso/saml
Frame ID: 57939EB29B06406DF0DC113C419A114C
Requests: 34 HTTP requests in this frame
Frame:
https://login.okta.com/discovery/iframe.html
Frame ID: 00A1868FE699879FA6F36CB5D21BC806
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
American Express GBT - AnmeldenPage URL History Show full URLs
-
https://access.amexgbt.com/
HTTP 302
https://access.amexgbt.com/home/amexgbtb2b_globalportal_1/0oa1hwxyqyt6shNlC0h8/aln1hwy1t9haTEnrj0h8 HTTP 302
https://access.amexgbt.com/app/amexgbtb2b_globalportal_1/exk1hwxyqysufHteO0h8/sso/saml Page URL
Detected technologies
Amex Express Checkout (Payment processors) ExpandDetected patterns
- aexp-static\.com
Amplitude (Analytics) Expand
Detected patterns
- cdn\.amplitude\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Need Help?
Search URL Search Domain Scan URL
Title: Hilfe
Search URL Search Domain Scan URL
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: Weltweite Datenschutzerklärung
Search URL Search Domain Scan URL
Title: Informationen zu GBT oder Impressum
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://access.amexgbt.com/
HTTP 302
https://access.amexgbt.com/home/amexgbtb2b_globalportal_1/0oa1hwxyqyt6shNlC0h8/aln1hwy1t9haTEnrj0h8 HTTP 302
https://access.amexgbt.com/app/amexgbtb2b_globalportal_1/exk1hwxyqysufHteO0h8/sso/saml Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
saml
access.amexgbt.com/app/amexgbtb2b_globalportal_1/exk1hwxyqysufHteO0h8/sso/ Redirect Chain
|
111 KB 43 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style-sheet
access.amexgbt.com/api/internal/brand/theme/ |
556 B 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-mini.min.css
cdn.amexgbt.com/ciap/styles/ |
28 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
okta-sign-in.min.js
ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/js/ |
2 MB 484 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
okta-sign-in.min.css
ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/ |
218 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom-signin.73947dcedbe30f708373f1b3405f6417.css
ok1static.oktacdn.com/assets/loginpage/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
auth.digital.amexgbt.com/cdn/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ciap-i18n.v1.8.js
cdn.amexgbt.com/ciapcdn/js/ |
166 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18next.min.js
cdn.amexgbt.com/ciapcdn/js/ |
51 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-i18next.min.js
cdn.amexgbt.com/ciapcdn/js/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ciap-needhelp.v2.5-1.js
cdn.amexgbt.com/ciapcdn/js/ |
16 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.css
cdn.amexgbt.com/ciapcdn/css/ |
35 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ciap-signin.v0.2.css
cdn.amexgbt.com/ciapcdn/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ciap-signup.v1.3.css
cdn.amexgbt.com/ciapcdn/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gbt_logo_desktop.png
cdn.amexgbt.com/oktab/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fs01uh2kedghQjsz80h8
ok1static.oktacdn.com/fs/bco/1/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics-browser-2.3.8-min.js.gz
cdn.amplitude.com/libs/ |
63 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc.v0.9.json
cdn.amexgbt.com/ciapcdn/js/ |
42 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
ok1static.oktacdn.com/assets/js/mvc/loginpage/ |
204 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero_image_login_flow_1920px.png
cdn.amexgbt.com/oktab/css/default/ |
523 KB 524 KB |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero_image_login_flow_1920px.png
cdn.amexgbt.com/oktab/css/default/ |
523 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.13.0/package/dist/fonts/ |
68 KB 68 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.13.0/package/dist/fonts/ |
36 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_de.json
ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/labels/json/ |
114 KB 115 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
country_de.json
ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/labels/json/ |
5 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe.html
login.okta.com/discovery/ Frame 00A1 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
introspect
access.amexgbt.com/idp/idx/ |
17 KB 20 KB |
Fetch
application/ion+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proximanova-sbold-webfont.41acb8650115f83780fc.woff2
ok1static.oktacdn.com/assets/loginpage/font/assets/ |
20 KB 20 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proximanova-reg-webfont.353416ed0ff540352235.woff2
ok1static.oktacdn.com/assets/loginpage/font/assets/ |
20 KB 20 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fileStoreRecord
ok1static.oktacdn.com/bc/image/ |
10 KB 12 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
230x0w.webp
cdn.amexgbt.com/ciapcdn/images/ |
4 KB 4 KB |
Other
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
230x0w.webp
cdn.amexgbt.com/ciapcdn/images/ |
4 KB 0 |
Other
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
httpapi
api2.amplitude.com/2/ |
93 B 308 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
httpapi
api2.amplitude.com/2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| amplitude string| userAgentString object| regeneratorRuntime function| jQueryCourage object| u2f function| OktaSignIn function| $ function| jQuery object| i18next object| jqueryI18next function| loadNeedHelp function| NiceCountryInput function| initializeNeedHelpDialog object| countriesList object| countriesListTrimmed object| Httpreq function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil function| ok2341 function| ok2342 function| ok2348Reset function| ok2344 function| ok2347 function| ok2348b function| ok2361a function| ok2361b function| ok2361c function| ok2361d function| ok2365 function| ok2367 function| ok2384a function| ok2384b function| ok2396 function| ok2397 function| ok2401 function| ok2465 function| afterRenderAllFixes function| afterErrorAllFixes function| loadI18n function| checkidp2 function| checkidp function| isValidEmail function| sleep function| turnLinksIntoButtons function| _i18nT function| handleI18nOnPage function| resetPassword object| analyticsConnectorInstances object| OktaLogin object| jQBrowser6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
access.amexgbt.com/ | Name: t Value: default |
|
access.amexgbt.com/ | Name: DT Value: DI1xi2eai3AS6y3bcg4mDKodA |
|
.amexgbt.com/ | Name: __cf_bm Value: nTO8UZ2l1DHxMdBkz0q0rlNprAiS8pI6NKm8HrTQML4-1715687557-1.0.1.1-icUoWiFO84pIaT3G79GYKOt82RUvw1s7dkFTB7ZLAk8.TqEmb9MaIBCpjy4j1eCq8mYxiUfwUERw.2beqf92OA |
|
.amexgbt.com/ | Name: _cfuvid Value: tWiYl30DsnWDXL44BcYfVTrFZtpDa8IVsQwTgxIHPqg-1715687557359-0.0.1.1-604800000 |
|
access.amexgbt.com/ | Name: JSESSIONID Value: D9D716CF174CB2EBBDF68E155422E71A |
|
.amexgbt.com/ | Name: AMP_71223b8b2d Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIwMDE2NDY2Zi1iOWMyLTQ1OTMtOGI3MC0zZDg4OGQ2ZTQyZWIlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzE1Njg3NTU3NzA2JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcxNTY4NzU1Nzk2NSUyQyUyMmxhc3RFdmVudElkJTIyJTNBMCU3RA== |
31 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' https://ciapsso.amexgbt.com https://api-cert.digital.amexgbt.com https://meetingsinsights.amexgbt.com |
Strict-Transport-Security | max-age=315360000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
access.amexgbt.com
api2.amplitude.com
auth.digital.amexgbt.com
cdn.amexgbt.com
cdn.amplitude.com
login.okta.com
ok1static.oktacdn.com
www.aexp-static.com
108.138.36.104
194.36.55.251
194.36.55.5
23.36.235.165
34.223.166.191
54.230.228.128
54.230.228.90
75.2.114.79
0e47f4d2af98bfe77921113c8aaf0c53614f88ff14ff819be6612538611ed3d1
1254c863eb868c655d0895196a1096649918be6c4827717422763ff410818023
21d231b90deaed91c9991d277869e23119d96c15e3e57ea2aee34070a47bed83
315131f8d3e3b89f3ad3ca7b2eb24ff6daa05a86e4f0d003729f1c26194ccb88
3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
4d5749ab1cbed9122c78ee0a4eec72c1effb7d3bfd543333078cedb1e4ac6445
5b0bd9edac6e2ba9a939c2b2d5814e28127cd08793d1daea576ce5e32bb83d07
6358e3fbfd956ea94285ead7909ed54e6d9ae1aeef22717f25cbc90d370b77cc
683e8f34d7f4a8a587b1dc6e24bf99385054e4a2ade0c27e1e3a68c77fc75a6a
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
78317d334afc41d1b7cada1b5044a4bacb2bd2691c54566f47bfe54805e36d28
79e149cae4cee318fb0fc5beb4feec6880022de818efdb269f8cf90298d61a00
7fb5dec426eed6cae7a4655eee5f5d00a25badf441bd377ad44c0da9024a5769
9363d369b83f09eeee31188ec120f1ee34185b575bf451b8cc3c3091124dce47
9af30b5e4695010f9be253f861784e638c81274ca0390214629886029ca9b509
9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be
9ee45786a2b29f7781a664f3937e5ba0848a61bb0e2f5e623a6b4e1865b85d53
a83af7b1bb3a2e423c44addc7d83a05441dab1e1cd690fd40d7d3d84060dcdf8
ac32d471e97c539bd80bc872e8f6d1b265ff641fa5ace33597100bf7d7840288
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9
b790ebd5eddeb2a3e54af71ca292e9fab624f4c0ab3991dcbccd0c148eabc305
c70b97c8c26d905d1a61a7ccd21e656c9321bef552a7b45814dbc7ac35334807
c72d18b9c0efac5a6844a75651a7ab5163152cf5e371e4cff8750b447dec9e98
cf124399f4ea90d282e8787eb64b17e155263469afb00228f595b4571a840d54
da794c872b5e738f7f855c6dd39a5f758eb52ad55ea9b62b4c0b2ef5a1bd776a
dce522dfb73638976062ed045f7677d95aff497c9306fd48ca8fe6adfcbfe4a3
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
e8cefc46a1d3bc8e7e66399561998518e710f58053edf88d92cae906a942d30d
f517bd4e64f568641a6aceb688837b6b17859b751becfe56cb23887486b97c3a