urlscan.io logo urlscan.io
SecurityTrails logo

twoplustwo.com Open in urlscan Pro
69.172.200.53  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://twoplustwo.com/
Effective URL: https://twoplustwo.com/
Submission: On October 02 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 39 HTTP transactions. The main IP is 69.172.200.53, located in Canada and belongs to DOSARREST, US. The main domain is twoplustwo.com.
TLS certificate: Issued by R3 on October 1st 2023. Valid for: 3 months.
This is the only time twoplustwo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 69.172.200.53 19324 (DOSARREST)
1 142.251.16.156 15169 (GOOGLE)
1 142.251.111.139 15169 (GOOGLE)
1 3.216.243.137 14618 (AMAZON-AES)
1 18.160.46.100 16509 (AMAZON-02)
1 172.253.63.149 15169 (GOOGLE)
1 23.199.49.127 16625 (AKAMAI-AS)
1 18.160.46.40 16509 (AMAZON-02)
1 13.225.63.52 16509 (AMAZON-02)
2 142.251.163.154 15169 (GOOGLE)
3 108.139.46.198 16509 (AMAZON-02)
2 3.213.42.96 14618 (AMAZON-AES)
1 54.225.9.83 14618 (AMAZON-AES)
2 172.64.144.166 13335 (CLOUDFLAR...)
39 15
20    69.172.200.53 (Canada)

ASN19324 (DOSARREST, US)
twoplustwo.com
1    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
www.googletagservices.com
1    142.251.111.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f139.1e100.net
www.google-analytics.com
1    3.216.243.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-243-137.compute-1.amazonaws.com
powerad.ai
1    18.160.46.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-100.iad55.r.cloudfront.net
ecdn.firstimpression.io
1    172.253.63.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f149.1e100.net
ad.doubleclick.net
1    23.199.49.127 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-49-127.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    18.160.46.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-40.iad55.r.cloudfront.net
cdn.firstimpression.io
1    13.225.63.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-52.ewr53.r.cloudfront.net
d2na2p72vtqyok.cloudfront.net
2    142.251.163.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
securepubads.g.doubleclick.net
3    108.139.46.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-46-198.jfk50.r.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
2    3.213.42.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-42-96.compute-1.amazonaws.com
event.insticator.com
1    54.225.9.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-9-83.compute-1.amazonaws.com
geoip.insticator.com
2    172.64.144.166 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
Apex Domain
Subdomains		 Transfer
20 twoplustwo.com
twoplustwo.com
191 KB
4 cloudfront.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
153 KB
3 insticator.com
event.insticator.com — Cisco Umbrella Rank: 30608
geoip.insticator.com — Cisco Umbrella Rank: 40677
416 B
3 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 180
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
159 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2059
114 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 40182
cdn.firstimpression.io — Cisco Umbrella Rank: 38184
94 KB
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2157
1 KB
1 powerad.ai
powerad.ai — Cisco Umbrella Rank: 28031
47 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
17 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
29 KB
0 districtm.ca Failed
cdn.districtm.ca Failed
39 11
Domain Requested by
20 twoplustwo.com 1 redirects twoplustwo.com
3 d3lcz8vpax4lo2.cloudfront.net d2na2p72vtqyok.cloudfront.net
2 cdn.confiant-integrations.net d3lcz8vpax4lo2.cloudfront.net
cdn.confiant-integrations.net
2 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 securepubads.g.doubleclick.net www.googletagservices.com
d2na2p72vtqyok.cloudfront.net
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 d2na2p72vtqyok.cloudfront.net twoplustwo.com
1 cdn.firstimpression.io ecdn.firstimpression.io
1 widgets.outbrain.com twoplustwo.com
1 ad.doubleclick.net twoplustwo.com
1 ecdn.firstimpression.io twoplustwo.com
1 powerad.ai twoplustwo.com
1 www.google-analytics.com twoplustwo.com
1 www.googletagservices.com twoplustwo.com
0 cdn.districtm.ca Failed twoplustwo.com
39 15

This site contains no links.

Subject Issuer Validity Valid
twoplustwo.com
R3		 2023-10-01 -
2023-12-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
powerad.ai
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2023-08-28 -
2024-08-28		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-09-20 -
2023-12-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://twoplustwo.com/
Frame ID: 506D62DB998F4784737C6DB45B4CD56A
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://twoplustwo.com/ HTTP 301
    https://twoplustwo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Page Statistics

39
Requests

95 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

805 kB
Transfer

2422 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://twoplustwo.com/ HTTP 301
    https://twoplustwo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
twoplustwo.com/
Redirect Chain
  • http://twoplustwo.com/
  • https://twoplustwo.com/
24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 / PHP/7.1.33
Resource Hash
0daf4207f83d5791b4f1427e8f9589010fe807383f02d1976f3c9c5d81847945

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 Oct 2023 20:15:38 GMT
Keep-Alive
timeout=20
Server
nginx/1.20.2
Transfer-Encoding
chunked
X-DIS-Request-ID
2800bccbe3d72cc0762a626c574ce9ec
X-Powered-By
PHP/7.1.33

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 Oct 2023 20:15:38 GMT
Keep-Alive
timeout=20
Location
https://twoplustwo.com/
Server
nginx/1.20.2
Transfer-Encoding
chunked
X-DIS-Request-ID
ef517a6fd32d5c2e4212cbb560a38278
merge.v4.5.129773.js
cdn.districtm.ca/merge/ 		0
0
reset.css
twoplustwo.com/styles/ 		857 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twoplustwo.com/styles/reset.css
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
f47d7ce86a09d35b3f80c1ca3aa7cceaef9599a708d9449842209d535a25e69b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:38 GMT
Last-Modified
Mon, 01 Apr 2013 17:06:27 GMT
Server
nginx/1.20.2
ETag
"359-4d94fa42e8ac0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
857
X-DIS-Request-ID
441e23d10df2b7015b8522d0ae5062d2
tpti-layout.css
twoplustwo.com/styles/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twoplustwo.com/styles/tpti-layout.css
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
6eba94e3e390aff56e5326c566f2ded0b885f066a52224800f951f226020e743

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Aug 2015 20:28:28 GMT
Server
nginx/1.20.2
ETag
W/"2f38-51d9bc2bf3300"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
Keep-Alive
timeout=20
X-DIS-Request-ID
101b69b085a694b23c5f8b9b3cc9b36c
SpryMenuBar.js
twoplustwo.com/SpryAssets/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twoplustwo.com/SpryAssets/SpryMenuBar.js
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
63b2adfbd78e7db85682310f8471d7ade06f7525e720102b95f269296d572f5f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Apr 2013 17:06:40 GMT
Server
nginx/1.20.2
ETag
W/"5300-4d94fa4f4e800"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
Keep-Alive
timeout=20
X-DIS-Request-ID
0c6dd7f90e9332ecb0229c71907c3fc4
SpryMenuBarVertical.css
twoplustwo.com/SpryAssets/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twoplustwo.com/SpryAssets/SpryMenuBarVertical.css
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
1248afeaeb2895e02df1396e38b6a3ee479c7744b222eef98c4cba78e3839e81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Apr 2013 17:06:41 GMT
Server
nginx/1.20.2
ETag
W/"149c-4d94fa5042a40"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
Keep-Alive
timeout=20
X-DIS-Request-ID
4daeb71add371aa3a965848bc5dfc8c5
swfobject_modified.js
twoplustwo.com/Scripts/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twoplustwo.com/Scripts/swfobject_modified.js
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
c10a5edd40ac49a8ab7c1c485da5b7c29eda00772e7ed4849d094d56201ef2e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Sep 2009 01:41:56 GMT
Server
nginx/1.20.2
ETag
W/"54c0-474ad84fa4100"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
Keep-Alive
timeout=20
X-DIS-Request-ID
adda47cb977ca488cc3a5c6629a5dc34
cookieconsent.min.css
twoplustwo.com/cookieconsent/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twoplustwo.com/cookieconsent/cookieconsent.min.css
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 May 2018 17:35:36 GMT
Server
nginx/1.20.2
ETag
W/"f62-56cbabab9aa00"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
Keep-Alive
timeout=20
X-DIS-Request-ID
41829ce9af31defb759f605f9cd5ff6a
cookieconsent.min.js
twoplustwo.com/cookieconsent/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twoplustwo.com/cookieconsent/cookieconsent.min.js
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 May 2018 17:35:39 GMT
Server
nginx/1.20.2
ETag
W/"4d5a-56cbabae770c0"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
Keep-Alive
timeout=20
X-DIS-Request-ID
dc194488cb9c20b7d578d757bdd6c839
gpt.js
www.googletagservices.com/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
bd8d15defa7b5b8458526df1ce5f8b5994d2b95083c9b7bb2053298533924d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 20:15:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29332
x-xss-protection
0
server
cafe
etag
693 / 19632 / m202309260101 / config-hash: 11315866393028345432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 20:15:39 GMT
logo_cards.gif
twoplustwo.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twoplustwo.com/images/logo_cards.gif
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
9922b1fbcad370fee5176910dd02a7c94c0ff44a4240e496b2db1b233f01489d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:39 GMT
Last-Modified
Tue, 29 Sep 2009 01:39:38 GMT
Server
nginx/1.20.2
ETag
"b95-474ad7cc08a80"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
2965
X-DIS-Request-ID
e737da0f1867efc6f77e789027e85940
logo_twoplustwo.jpg
twoplustwo.com//images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twoplustwo.com//images/logo_twoplustwo.jpg
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
b3738d81ef45935bf7464bde40de455748b2943c949e8a6743f769f61aaebce3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:39 GMT
Last-Modified
Tue, 29 Sep 2009 01:39:44 GMT
Server
nginx/1.20.2
ETag
"8b99-474ad7d1c1800"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
35737
X-DIS-Request-ID
bee3a0313230ab3c12552a998dcdb62e
hp-special-banner.gif
twoplustwo.com/images/bonus-images/bonuscovers/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twoplustwo.com/images/bonus-images/bonuscovers/hp-special-banner.gif
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
c3e1f8eeb66b82f4edf5d627bc9e15f2df8593731b247046c7f537772665f884

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:39 GMT
Last-Modified
Thu, 11 Feb 2016 20:55:59 GMT
Server
nginx/1.20.2
ETag
"27c4-52b84c710d5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
10180
X-DIS-Request-ID
d1e66ddd5ac25094dbdaee925deaa693
NAP.jpg
twoplustwo.com/images/bonus-images/bonuscovers/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twoplustwo.com/images/bonus-images/bonuscovers/NAP.jpg
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
272105768de28165eb99952f23906c32b5da66ccee3d17ab5aea112d86d200b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:39 GMT
Last-Modified
Wed, 31 May 2017 22:34:28 GMT
Server
nginx/1.20.2
ETag
"68ae-550d985e42500"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
26798
X-DIS-Request-ID
af6a38421e549385460caa04a6c73dd9
PAM.jpg
twoplustwo.com/images/bonus-images/bonuscovers/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twoplustwo.com/images/bonus-images/bonuscovers/PAM.jpg
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
eb263a8208383f59ef78578ad5f7289af58e9caa5dc5cc18d7754caaf91765bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:39 GMT
Last-Modified
Mon, 20 Mar 2017 19:13:51 GMT
Server
nginx/1.20.2
ETag
"81e2-54b2e53db19c0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
33250
X-DIS-Request-ID
6790f6e9ad8a18d46481036d80a83da6
RPP.jpg
twoplustwo.com/images/bonus-images/bonuscovers/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twoplustwo.com/images/bonus-images/bonuscovers/RPP.jpg
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
83a5319525e9ca41d0170b122459797b38ba9e2f384330a630783dc7bfc30705

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:39 GMT
Last-Modified
Sun, 27 Dec 2015 23:42:15 GMT
Server
nginx/1.20.2
ETag
"2405-527e9bcfb43c0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
9221
X-DIS-Request-ID
f639c1449f0a4933e7aec789ab953ecb
MTP.jpg
twoplustwo.com/images/bonus-images/bonuscovers/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twoplustwo.com/images/bonus-images/bonuscovers/MTP.jpg
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
869284812069a2499d3350f16f9891d5a8e120a419a9c030d69773cfc72caec4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:39 GMT
Last-Modified
Thu, 05 Jun 2014 23:28:29 GMT
Server
nginx/1.20.2
ETag
"4606-4fb1f1a33c140"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
17926
X-DIS-Request-ID
4e28e7ab38193775d6df0a606a4bea08
AH.jpg
twoplustwo.com/images/bonus-images/bonuscovers/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twoplustwo.com/images/bonus-images/bonuscovers/AH.jpg
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
dd403ad9eb2c1e7d84fe6b90856a4ab145b4f39f879dbb86fd5a275cb2911226

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:39 GMT
Last-Modified
Thu, 27 Feb 2014 00:55:20 GMT
Server
nginx/1.20.2
ETag
"356d-4f358c6832e00"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
13677
X-DIS-Request-ID
883921ddaac7f314211de3ed68a6ddd9
left_top.jpg
twoplustwo.com/images/ 		782 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twoplustwo.com/images/left_top.jpg
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
16a38a23506d9fb2a86ce06d7bfe5a75d02885d6ac73f129a087bcfc7d32c7c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:39 GMT
Last-Modified
Tue, 29 Sep 2009 01:39:38 GMT
Server
nginx/1.20.2
ETag
"30e-474ad7cc08a80"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
782
X-DIS-Request-ID
3571e8b72298e879c3f271b424f9f3c7
left_bottom.jpg
twoplustwo.com/images/ 		774 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twoplustwo.com/images/left_bottom.jpg
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
6b834e484614fbe5f37146c7a351a8eff84ec752e7c9cd54fe05cce63b1d5aab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:40 GMT
Last-Modified
Tue, 29 Sep 2009 01:39:36 GMT
Server
nginx/1.20.2
ETag
"306-474ad7ca20600"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
774
X-DIS-Request-ID
1498bef219838557bac383f8ba2725e1
ga.js
www.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 02 Oct 2023 18:46:27 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5352
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Mon, 02 Oct 2023 20:46:27 GMT
script.js
powerad.ai/ 		210 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/script.js
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.243.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-243-137.compute-1.amazonaws.com
Software
/ Express
Resource Hash
600d2982c523190fd1fcb960f0f1f08e25a2975949a1c44ab951fd20936ec0a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 20:15:40 GMT
content-encoding
gzip
last-modified
Mon, 02 Oct 2023 13:32:33 GMT
x-powered-by
Express
etag
W/"3474e-18af0972a02"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
tpti-print.css
twoplustwo.com/styles/ 		296 B
614 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twoplustwo.com/styles/tpti-print.css
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.200.53 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
7d2a61bdb88d56fc6163001942f6b608e9a2f587a92c4ee7297fb6324323105a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:40 GMT
Last-Modified
Tue, 06 Oct 2009 20:12:38 GMT
Server
nginx/1.20.2
ETag
"128-47549da0a1980"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
296
X-DIS-Request-ID
beae0c3c9039ef72c876047d4d34bf3c
fi_client.js
ecdn.firstimpression.io/ 		349 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-100.iad55.r.cloudfront.net
Software
Apache/2.4.54 (Debian) / PHP/8.2.0
Resource Hash
861f8d7377e659311e25ed0246040613e0527dca392db50cccf526f43cc38195
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:12:05 GMT
Content-Encoding
br
Via
1.1 f338f1f5c997eee01a37834445ee4740.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD55-P2
Age
215
X-Powered-By
PHP/8.2.0
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-XSS-Protection
0
Last-Modified
Mon,02 Oct 2023 20:12:05 UTC
Server
Apache/2.4.54 (Debian)
ETag
W/"f477819c77bd674f3966f0ef135dc86f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
X-Amz-Cf-Id
3azUXIn7k-NA9vbEdhwQLesiCuf_8wD2JRuqD8YCPM3ZWDwvdckL5Q==
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f149.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 17:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10361
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Oct 2023 17:22:59 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.49.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-49-127.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Wed, 01 Nov 2023 20:15:40 GMT
date
Mon, 02 Oct 2023 20:15:40 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
spc_fi.php
cdn.firstimpression.io/delivery/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=5960&url=%2F&charset=UTF-8&ch=13&ref=twoplustwo.com&viewerId=null&referer=&_firid=553839
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-40.iad55.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
58b77fb76cb2102e89303a2aa1fdb0a055df50a3777607c31cb12af3398d0e37

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://twoplustwo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 20:15:40 GMT
Content-Encoding
gzip
Via
1.1 860065ea331017b0ace9fee85adf8e5c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD55-P2
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Content-Length
1052
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://twoplustwo.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
QJWT-AxR24UpBkb7DLXUh-LjFeQlN3WNrma1AUaVwF8kujaW0ouBKQ==
Expires
0
94fdec47-5607-49e1-bd38-0ce68c4722c1.js
d2na2p72vtqyok.cloudfront.net/client-embed/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/client-embed/94fdec47-5607-49e1-bd38-0ce68c4722c1.js
Requested by
Host: twoplustwo.com
URL: https://twoplustwo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-52.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05139897d1f0cfad9f5ee13872fe5528861737c71f334b57e7124771c66738f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
YiFMIFWhH5XydK27QA3XIevPCN0XUCSi
Content-Encoding
br
Via
1.1 3496707421faf86f68ae341aa8b7d1b8.cloudfront.net (CloudFront)
Date
Mon, 02 Oct 2023 20:16:03 GMT
X-Amz-Cf-Pop
EWR53-C1
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 27 Sep 2023 21:31:45 GMT
Server
AmazonS3
ETag
W/"66cb9de226767650a983cbb5116e8126"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Vary
Accept-Encoding
X-Amz-Cf-Id
qDyYlFR4D_-mRinqfZqfxzTO-2ACUC0PWPZ24n7Y0btJPH7GcZZTRw==
merge.v4.5.129773.js
cdn.districtm.ca/merge/ 		0
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/ 		410 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 09:28:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
38865
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132541
x-xss-protection
0
server
cafe
etag
15229329507080665565
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 01 Oct 2024 09:28:18 GMT
d3d89522-320c-4e62-b133-81662bf676bc.js
d3lcz8vpax4lo2.cloudfront.net/files/instibid/94fdec47-5607-49e1-bd38-0ce68c4722c1/ 		372 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/94fdec47-5607-49e1-bd38-0ce68c4722c1/d3d89522-320c-4e62-b133-81662bf676bc.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/94fdec47-5607-49e1-bd38-0ce68c4722c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.46.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-46-198.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bfecf1449bd9e4d797163a77d139ea6e93bc7564071bef7f3b730d6dae36942

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 18:02:25 GMT
x-amz-version-id
UVt4ZTshFbTMGcEVUZRSgtOJSZOTKOHU
content-encoding
br
via
1.1 5b4b6c6517b988a4ff2c794e5583ee02.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
8019
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 27 Sep 2023 22:06:25 GMT
server
AmazonS3
etag
W/"491c1ba0af768abb84373a26f0e28e0d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
KypFI3QqVFt6nGuChMyt-8J1jcGwmTRLysIzdlnKcP7R1p5Ejn4cNA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/94fdec47-5607-49e1-bd38-0ce68c4722c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
20a755de913b5d1eda8c59270b2c29a551d530797c1bf0a2de24abc9bc3f0335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 20:16:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29492
x-xss-protection
0
server
cafe
etag
152 / 19632 / 31078459 / config-hash: 11315866393028345432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 20:16:03 GMT
d3d89522-320c-4e62-b133-81662bf676bc-hb.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/94fdec47-5607-49e1-bd38-0ce68c4722c1/ 		135 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/94fdec47-5607-49e1-bd38-0ce68c4722c1/d3d89522-320c-4e62-b133-81662bf676bc-hb.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/94fdec47-5607-49e1-bd38-0ce68c4722c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.46.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-46-198.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d456e2368f8a5ae234d240184bf63173e5edcf2b083cee718768926721afcf3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 20:16:04 GMT
x-amz-version-id
v5ol.IR4YslG3DolgTNe5ruWSt2DWq5f
content-encoding
br
via
1.1 5b4b6c6517b988a4ff2c794e5583ee02.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 27 Sep 2023 21:31:45 GMT
server
AmazonS3
etag
W/"be73109ba76b6bf2b50835441469fc74"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
TBIM8bj1SFvxoEozCWeMAiDXLO2N_XLpjgfT0jqU4OT89qvS4SiAeQ==
d3d89522-320c-4e62-b133-81662bf676bc-dmp.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/94fdec47-5607-49e1-bd38-0ce68c4722c1/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/94fdec47-5607-49e1-bd38-0ce68c4722c1/d3d89522-320c-4e62-b133-81662bf676bc-dmp.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/94fdec47-5607-49e1-bd38-0ce68c4722c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.46.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-46-198.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f283e036b60d0167337c19e1c63d267aa9f21ca4680663c4eb957bd3d72b18a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 20:16:04 GMT
x-amz-version-id
8u_ZgvKlCO6ucaM.3L5etmM3SN5pbDB2
content-encoding
br
via
1.1 5b4b6c6517b988a4ff2c794e5583ee02.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 27 Sep 2023 21:31:45 GMT
server
AmazonS3
etag
W/"5fdeb2931c5e6f8c7fc9fcd3fa8449d1"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
JRN1_bmrOLdkYnGq9EGBULkFSN-avN5rcxmu01_mfSK6e37Ab9gOxQ==
event
event.insticator.com/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.42.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-42-96.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twoplustwo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://twoplustwo.com
access-control-max-age
3600
content-length
0
date
Mon, 02 Oct 2023 20:16:03 GMT
vary
Origin
event
event.insticator.com/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/94fdec47-5607-49e1-bd38-0ce68c4722c1/d3d89522-320c-4e62-b133-81662bf676bc-dmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.42.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-42-96.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://twoplustwo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://twoplustwo.com
date
Mon, 02 Oct 2023 20:16:03 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
/
geoip.insticator.com/json/ 		231 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/94fdec47-5607-49e1-bd38-0ce68c4722c1/d3d89522-320c-4e62-b133-81662bf676bc-hb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.9.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-9-83.compute-1.amazonaws.com
Software
/
Resource Hash
db78c6dab4c06d298632e0baa2020e333e61909119e79d14d187a177ab541ab1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
https://twoplustwo.com
date
Mon, 02 Oct 2023 20:16:03 GMT
access-control-allow-credentials
true
x-database-date
Mon, 02 Oct 2023 13:26:23 GMT
content-length
231
vary
Origin
content-type
application/json
config.js
cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		140 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/94fdec47-5607-49e1-bd38-0ce68c4722c1/d3d89522-320c-4e62-b133-81662bf676bc-hb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7070eb48e8ba8e5bb22a2cd6dc713ce0cb00ae3e461d2b33fac4eecde51e4e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 20:16:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Oct 2023 15:21:14 GMT
server
cloudflare
x-amz-request-id
EKWY6N9AA3EP16E5
age
51
etag
W/"52232f2ff6f2d6cdf7cd44cd9ec7954c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
80ff9ef47915715a-YUL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
RwzaNu8jUclgKbwGsN7M+Zf+yp4zMqZ0BMepOft2NwgzrjTHfr1g4RKPvCgcwap+HanFSZ15XnU=
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202309261100/ 		267 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202309261100/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
356b587371621f9b029bec5b020533020877170a18b2843aef33fb29f89c8638

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://twoplustwo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 20:16:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 15:03:35 GMT
server
cloudflare
x-amz-request-id
QBQCPQ1EM7WFRYHN
age
529758
etag
W/"f6bc3952c3f639b40176607e20bfe270"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
80ff9ef4e9b9715a-YUL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
YHzIwqrRQmOOWWgAxrlyyHRL3vjp37Eun+lGCnBcZTuEgHty1wP4j8YtKc740STne+VQkOMKbMM=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.districtm.ca
URL
https://cdn.districtm.ca/merge/merge.v4.5.129773.js
Domain
cdn.districtm.ca
URL
https://cdn.districtm.ca/merge/merge.v4.5.129773.js

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| apd_options undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector boolean| fifabAlready function| fi_fab object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| Insticator object| Spry object| swfobject object| cookieconsent object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| $jscomp function| $jscomp$lookupPolyfilledValue boolean| headerTagInjected number| insticator_tg boolean| abpStatus object| federatedObj object| instBid object| instBidChunk object| _pbjsGlobals undefined| google_measure_js_timing object| InsticatorApp string| insticatorHeaderCodeVersion boolean| isPageviewSent object| insticatorCommentingUnitSettings object| settings object| confiant

8 Cookies

Domain/Path Name / Value
cdn.firstimpression.io/ Name: OAID
Value: b2ee49c92c4f1a4d717e19f3c4bb62a4
.twoplustwo.com/ Name: InstiSession
Value: eyJpZCI6IjcxMjI3MzA2LWI5YjQtNDBkMy1iMTk5LWQ5OGI4Nzk0ZTlmYSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
twoplustwo.com/ Name: instiPubProvided
Value: 4e04eb46-bea5-4795-a090-0b779f916fa6
twoplustwo.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.twoplustwo.com/ Name: _pubcid
Value: 4df54d44-04bf-411e-b0a5-26ffc2e0041b
twoplustwo.com/ Name: plsVisitorGeo
Value: CA
twoplustwo.com/ Name: plsVisitorIp
Value: 185.199.101.177
twoplustwo.com/ Name: plsGeoObj
Value: {"ip":"185.199.101.177","country":"CA","region":"QC","city":"Montreal","zip":"H3H","location":"45.5075,-73.5887"}

1 Console Messages

Source Level URL
Text
network error URL: https://cdn.districtm.ca/merge/merge.v4.5.129773.js
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn.confiant-integrations.net
cdn.districtm.ca
cdn.firstimpression.io
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
ecdn.firstimpression.io
event.insticator.com
geoip.insticator.com
powerad.ai
securepubads.g.doubleclick.net
twoplustwo.com
widgets.outbrain.com
www.google-analytics.com
www.googletagservices.com
cdn.districtm.ca
108.139.46.198
13.225.63.52
142.251.111.139
142.251.16.156
142.251.163.154
172.253.63.149
172.64.144.166
18.160.46.100
18.160.46.40
23.199.49.127
3.213.42.96
3.216.243.137
54.225.9.83
69.172.200.53
05139897d1f0cfad9f5ee13872fe5528861737c71f334b57e7124771c66738f7
0d456e2368f8a5ae234d240184bf63173e5edcf2b083cee718768926721afcf3
0daf4207f83d5791b4f1427e8f9589010fe807383f02d1976f3c9c5d81847945
1248afeaeb2895e02df1396e38b6a3ee479c7744b222eef98c4cba78e3839e81
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16a38a23506d9fb2a86ce06d7bfe5a75d02885d6ac73f129a087bcfc7d32c7c8
20a755de913b5d1eda8c59270b2c29a551d530797c1bf0a2de24abc9bc3f0335
272105768de28165eb99952f23906c32b5da66ccee3d17ab5aea112d86d200b7
356b587371621f9b029bec5b020533020877170a18b2843aef33fb29f89c8638
3bfecf1449bd9e4d797163a77d139ea6e93bc7564071bef7f3b730d6dae36942
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d
58b77fb76cb2102e89303a2aa1fdb0a055df50a3777607c31cb12af3398d0e37
600d2982c523190fd1fcb960f0f1f08e25a2975949a1c44ab951fd20936ec0a3
63b2adfbd78e7db85682310f8471d7ade06f7525e720102b95f269296d572f5f
6b834e484614fbe5f37146c7a351a8eff84ec752e7c9cd54fe05cce63b1d5aab
6eba94e3e390aff56e5326c566f2ded0b885f066a52224800f951f226020e743
7d2a61bdb88d56fc6163001942f6b608e9a2f587a92c4ee7297fb6324323105a
83a5319525e9ca41d0170b122459797b38ba9e2f384330a630783dc7bfc30705
861f8d7377e659311e25ed0246040613e0527dca392db50cccf526f43cc38195
869284812069a2499d3350f16f9891d5a8e120a419a9c030d69773cfc72caec4
9922b1fbcad370fee5176910dd02a7c94c0ff44a4240e496b2db1b233f01489d
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b3738d81ef45935bf7464bde40de455748b2943c949e8a6743f769f61aaebce3
bd8d15defa7b5b8458526df1ce5f8b5994d2b95083c9b7bb2053298533924d78
c10a5edd40ac49a8ab7c1c485da5b7c29eda00772e7ed4849d094d56201ef2e4
c3e1f8eeb66b82f4edf5d627bc9e15f2df8593731b247046c7f537772665f884
d7070eb48e8ba8e5bb22a2cd6dc713ce0cb00ae3e461d2b33fac4eecde51e4e5
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db78c6dab4c06d298632e0baa2020e333e61909119e79d14d187a177ab541ab1
dd403ad9eb2c1e7d84fe6b90856a4ab145b4f39f879dbb86fd5a275cb2911226
eb263a8208383f59ef78578ad5f7289af58e9caa5dc5cc18d7754caaf91765bc
f283e036b60d0167337c19e1c63d267aa9f21ca4680663c4eb957bd3d72b18a5
f47d7ce86a09d35b3f80c1ca3aa7cceaef9599a708d9449842209d535a25e69b