urlscan.io logo urlscan.io
SecurityTrails logo

tw.gs Open in urlscan Pro
115.71.238.232  Public Scan

Go To Rescan Add Verdict Report
URL: http://tw.gs/4yWfDy/
Submission: On February 08 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 14 domains to perform 36 HTTP transactions. The main IP is 115.71.238.232, located in Korea, Republic Of and belongs to GNJ-AS-KR DAOU TECHNOLOGY, KR. The main domain is tw.gs.
This is the only time tw.gs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 115.71.238.232 45996 (GNJ-AS-KR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 146.185.16.146 29302 (HSI-EUROPE )
2 2a00:1450:400... 15169 (GOOGLE)
1 69.4.231.30 36351 (SOFTLAYER)
1 67.202.94.94 32748 (STEADFAST)
7 52.58.31.11 16509 (AMAZON-02)
1 54.192.11.174 16509 (AMAZON-02)
1 54.76.24.249 16509 (AMAZON-02)
1 169.47.30.64 36351 (SOFTLAYER)
1 104.16.87.26 13335 (CLOUDFLAR...)
1 208.100.17.187 32748 (STEADFAST)
1 52.45.41.110 14618 (AMAZON-AES)
1 115.71.237.12 45996 (GNJ-AS-KR...)
1 208.100.17.188 32748 (STEADFAST)
1 52.206.215.190 14618 (AMAZON-AES)
1 52.49.5.159 16509 (AMAZON-02)
36 19
1    115.71.238.232 (Korea, Republic Of)

ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR)
tw.gs
5    2a00:1450:400e:804::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
pagead2.googlesyndication.com
1    2a00:1450:400e:804::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
ajax.googleapis.com
1    146.185.16.146 (United Kingdom)

ASN29302 (HSI-EUROPE , GB)
PTR: 92b91092.rdns.100tb.com
widgets.amung.us
2    2a00:1450:400e:805::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google-analytics.com
1    69.4.231.30 (Providence, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: no-rdns.ord02.hostingservicesinc.net
t.dtscout.com
1    67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
7    52.58.31.11 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-31-11.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    54.192.11.174 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-11-174.lhr3.r.cloudfront.net
n-cdn.areyouahuman.com
1    54.76.24.249 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-24-249.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    169.47.30.64 (Netherlands)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 40.1e.2fa9.ip4.static.sl-reverse.com
tags.bluekai.com
1    104.16.87.26 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
cdn.tynt.com
1    208.100.17.187 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip187.208-100-17.static.steadfastdns.net
ic.tynt.com
1    52.45.41.110 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-45-41-110.compute-1.amazonaws.com
n-cdn-origin.areyouahuman.com
1    115.71.237.12 (Korea, Republic Of)

ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR)
web.cdn.imgz.biz
1    208.100.17.188 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip188.208-100-17.static.steadfastdns.net
de.tynt.com
1    52.206.215.190 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-206-215-190.compute-1.amazonaws.com
n-cdn-origin.areyouahuman.com
1    52.49.5.159 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-5-159.eu-west-1.compute.amazonaws.com
s.cpx.to
Domain Requested by
7 ps.eyeota.net tw.gs
5 pagead2.googlesyndication.com tw.gs
pagead2.googlesyndication.com
2 n-cdn-origin.areyouahuman.com n-cdn.areyouahuman.com
2 www.google-analytics.com tw.gs
1 s.cpx.to
1 de.tynt.com cdn.tynt.com
1 ic.tynt.com tw.gs
1 cdn.tynt.com widgets.amung.us
1 tags.bluekai.com tw.gs
de.tynt.com
1 bcp.crwdcntrl.net tw.gs
1 n-cdn.areyouahuman.com t.dtscout.com
n-cdn.areyouahuman.com
1 whos.amung.us widgets.amung.us
1 t.dtscout.com widgets.amung.us
1 widgets.amung.us tw.gs
1 ajax.googleapis.com tw.gs
1 web.cdn.imgz.biz tw.gs
1 tw.gs
0 googleads.g.doubleclick.net Failed pagead2.googlesyndication.com
36 18

This site contains links to these domains. Also see Links.

Domain
desentupidoravilaprudente.com.br
tiny-url.info
Subject Issuer Validity Valid
*.googleusercontent.com
Google Internet Authority G2		 2017-01-25 -
2017-04-19		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G2		 2017-01-25 -
2017-04-19		 3 months crt.sh
*.areyouahuman.com
Starfield Secure Certificate Authority - G2		 2016-05-31 -
2019-06-04		 3 years crt.sh

This page contains 8 frames:

Primary Page: http://tw.gs/4yWfDy/
Frame ID: 28450.1
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20170206/r20170110/zrt_lookup.html
Frame ID: 28450.3
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170206/r20170110/show_ads_impl.js
Frame ID: 28450.2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3080816987632589&output=html&h=60&slotname=7973708058&adk=3377950904&adf=1945161813&w=468&lmt=1486587101&flash=24.0.0&url=http%3A%2F%2Ftw.gs%2F4yWfDy%2F&wgl=1&dt=1486587100940&bpp=12&bdt=959&fdt=14&idt=248&shv=r20170206&cbv=r20170110&saldr=sa&correlator=3379175688571&frm=20&ga_vid=720489405.1486587101&ga_sid=1486587101&ga_hid=411363318&ga_fc=1&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&dff=times%20new%20roman&dfs=16&adx=565&ady=105&biw=1598&bih=1083&eid=4089036%2C575144605%2C41100124&oid=3&rx=0&eae=0&fc=16&brdim=1%2C67%2C1%2C67%2C1600%2C0%2C1598%2C1083%2C1598%2C1083&vis=2&rsz=d%7C%7CeEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=GPbdwyf66Q&p=http%3A//tw.gs&dtd=268
Frame ID: 28450.5
Requests: 1 HTTP requests in this frame

Frame: https://n-cdn.areyouahuman.com/kitten?ak=b3d9aa67a73f75c5d56ebb4bcf69bd032&pk=ZQp6LCe0OO3LeZB6ES1CZrJvMefQTtT9oZjddBS5&AYAH_VERSION=2.0&rthtsync=false&cookiesync=true
Frame ID: 28450.6
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170206/r20170110/show_ads_impl.js
Frame ID: 28450.4
Requests: 1 HTTP requests in this frame

Frame: http://tags.bluekai.com/site/27519?id=CmUMLVibhN1tvMtZHKxQAg%3D%3D&ret=html&random=1486587101625
Frame ID: 28450.8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-undefined&format=undefinedxundefined&output=html&adk=1556384573&adf=1469294164&lmt=1486587101&ea=0&flash=24.0.0&url=http%3A%2F%2Ftw.gs%2F4yWfDy%2F&wgl=1&dt=1486587100958&bpp=15&bdt=977&fdt=512&idt=730&shv=r20170206&cbv=r20170110&saldr=sa&prev_slotnames=7973708058&correlator=3379175688571&frm=20&ga_vid=720489405.1486587101&ga_sid=1486587101&ga_hid=411363318&ga_fc=1&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&dff=times%20new%20roman&dfs=16&adx=8&ady=283&biw=1598&bih=1083&eid=4089036%2C575144605%2C41100124&oid=3&rx=0&eae=2&fc=16&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1083&vis=1&rsz=%7C%7C%7C&abl=CS&ppjl=u&fu=16&bc=1&ifi=2&dtd=749
Frame ID: 28450.9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

36
Requests

19 %
HTTPS

17 %
IPv6

14
Domains

18
Subdomains

19
IPs

6
Countries

295 kB
Transfer

746 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 8
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
Request 11
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1631446308&utmhn=tw.gs&utmcs=UTF-8&utmsr=1600x1200&utmvp=1598x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=Preview...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1631446308&utmhn=tw.gs&utmcs=UTF-8&utmsr=1600x1200&utmvp=1598x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=Previe...
Request 12
  • http://ps.eyeota.net/pixel?pid=ml62m40&t=ajs&uid=1EE70445DD849B58C76C873402F5C7C7
  • http://ps.eyeota.net/pixel/bounce/?pid=ml62m40&t=ajs&uid=1EE70445DD849B58C76C873402F5C7C7
Request 14
  • http://bcp.crwdcntrl.net/map/c=3825/tp=DTSC/tpid=1EE70445DD849B58C76C873402F5C7C7
  • http://bcp.crwdcntrl.net/map/ct=y/c=3825/tp=DTSC/tpid=1EE70445DD849B58C76C873402F5C7C7
Request 15
  • http://tags.bluekai.com/site/27675?id=1EE70445DD849B58C76C873402F5C7C7&ret=html&phint=__bk_t%3DPreview%20-%20http%3A%2F%2Ftw.gs%2F4yWfDy%2F&phint=__bk_k%3Durl%2Cdomain%2Ctwitter%2Cfacebook%2Cbit.ly...
  • http://tags.bluekai.com/site/27675?dt=0&r=1944451144&sig=2016762206&bkca=KJ0aAW2FQp91hEXBFuNiTDdGQD1q07ZlcPaYU/Q/YDoBWUpbrq53ZMxok72b6Gr4qDl2KqrJB1Ino370XfVGoYCkJq/X8V6CCHu7YaiwmnFE1k3w554o3z1ASfTi...
Request 20
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&bid=gdo9o51&newuser=1&google_tc=
  • http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEGVfbvyFgbJkKMdpnqZtMDw&google_cver=1
Request 21
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1
  • http://ps.eyeota.net/match?uid=7968784246743513852&bid=2cr76e1
Request 22
  • http://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1
  • http://ps.eyeota.net/match?uid=63fee6f6-ed22-4529-a2fa-1b2d5de82940&bid=1e2n4ou
Request 23
  • http://rtd.tubemogul.com/upi/pid/lons7jax?puid=15a1f7f0001-37e70000010f7f85&redir=http%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu
  • http://ps.eyeota.net/match?uid=6639119558395752271&bid=0rijhbu
Request 24
  • http://dmp.adform.net/serving/cookie/match/?CC=1&party=1009
  • http://ps.eyeota.net/match?uid=6593232223887589112&bid=9gdtmu1
Request 32
  • http://ib.adnxs.com/getuid?http%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D11254%26adnxs_uid%3D%24UID
  • http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=7968784246743513852
Request 33
  • http://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=http%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1
  • http://ps.eyeota.net/match?bid=9sn4omv&uid=gLkPvSNW1CBzdj5&newuser=1

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tw.gs/4yWfDy/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tw.gs/4yWfDy/
Protocol
HTTP/1.1
Server
115.71.238.232 , Korea, Republic Of, ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software
Apache /
Resource Hash
acffcc25e0c3a3b85f4cc7c4641554cffa2251a1b9c8408a21c5bcffcde36c06

Request headers

Pragma
no-cache
Host
tw.gs
Upgrade-Insecure-Requests
1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:38:50 GMT
Server
Apache
Connection
close
Content-Length
4345
Content-Type
text/html; charset=utf-8
sub_page.css
web.cdn.imgz.biz/web/tw.gs/css/ 		0
0
show_ads.js
pagead2.googlesyndication.com/pagead/ 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
HTTP/1.1
Server
2a00:1450:400e:804::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
4765e0126f61a38f42f972a43b0ef67431f9a716003e325e88f085c69801313a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
pagead2.googlesyndication.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Cache-Control
no-cache
Pragma
no-cache
Accept
*/*
Referer
http://tw.gs/4yWfDy/
Connection
keep-alive
Accept-Encoding
gzip, deflate, sdch
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Expires
Wed, 08 Feb 2017 21:19:32 GMT
Date
Wed, 08 Feb 2017 20:19:32 GMT
X-Content-Type-Options
nosniff
ETag
8890309903127028972
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
public, max-age=3600
Content-Type
text/javascript; charset=ISO-8859-1
X-XSS-Protection
1; mode=block
Timing-Allow-Origin
*
Server
cafe
Age
1928
Content-Disposition
attachment; filename="f.txt"
Content-Length
36248
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
HTTP/1.1
Server
2a00:1450:400e:804::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Encoding
gzip, deflate, sdch
Host
ajax.googleapis.com
Accept
*/*
Cache-Control
no-cache
Pragma
no-cache
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://tw.gs/4yWfDy/
Connection
keep-alive
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
24715
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
1146887
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Timing-Allow-Origin
*
Expires
Fri, 26 Jan 2018 14:16:53 GMT
Date
Thu, 26 Jan 2017 14:16:53 GMT
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
js_code_sub_page.js
web.cdn.imgz.biz/web/tw.gs/js/ 		0
0
small.js
widgets.amung.us/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widgets.amung.us/small.js
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
HTTP/1.1
Server
146.185.16.146 , United Kingdom, ASN29302 (HSI-EUROPE , GB),
Reverse DNS
92b91092.rdns.100tb.com
Software
nginx/1.9.6 /
Resource Hash
f842ce8ba41db6df4166c3fdf5a2a651f2c2a4d9f8cc9ce71e422e3280f7fb0a

Request headers

Pragma
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
widgets.amung.us
Accept-Language
en-US,en;q=0.8
Referer
http://tw.gs/4yWfDy/
Connection
keep-alive
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Fri, 10 Mar 2017 20:51:40 GMT
Date
Wed, 08 Feb 2017 20:51:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Jan 2017 17:59:33 GMT
Transfer-Encoding
chunked
Server
nginx/1.9.6
ETag
W/"588f7f05-1404"
Content-Type
application/x-javascript
ca-pub-3080816987632589.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		169 B
148 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-3080816987632589.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400e:804::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
c8cf19c0ea02786bc86bed212ebd8b30d00799123938b3f15d6d41974ac7968a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.8
cache-control
no-cache
:authority
pagead2.googlesyndication.com
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:path
/pub-config/r20160913/ca-pub-3080816987632589.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
:method
GET
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
*/*
referer
http://tw.gs/4yWfDy/
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

date
Wed, 08 Feb 2017 11:56:25 GMT
alt-svc
quic=":443"; ma=2592000; v="35,34"
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
expires
Wed, 08 Feb 2017 23:56:25 GMT
age
32115
vary
Accept-Encoding
status
200
cache-control
public, max-age=43200
content-encoding
gzip
last-modified
Tue, 07 Feb 2017 18:41:40 GMT
content-type
text/javascript
content-length
139
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20170206/r20170110/ Frame 2845 		0
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20170206/r20170110/ Frame 2845 		175 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20170206/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
HTTP/1.1
Server
2a00:1450:400e:804::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
a9b423a5f55d248d65ec8b1fe1a4af579ceb3dde7c3ba731c414e84e66e190fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
Connection
keep-alive
Cache-Control
no-cache
Host
pagead2.googlesyndication.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://tw.gs/4yWfDy/
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
X-XSS-Protection
1; mode=block
Expires
Wed, 08 Feb 2017 20:51:41 GMT
Date
Wed, 08 Feb 2017 20:51:41 GMT
Content-Encoding
gzip
Server
cafe
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Length
66332
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
ETag
16172460180973020815
Content-Type
text/javascript; charset=UTF-8
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400e:805::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/ga.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept
*/*
:scheme
https
:method
GET
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://tw.gs/4yWfDy/
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

status
200
timing-allow-origin
*
age
3684
vary
Accept-Encoding
content-length
16022
content-encoding
gzip
content-type
text/javascript
date
Wed, 08 Feb 2017 19:50:17 GMT
expires
Wed, 08 Feb 2017 21:50:17 GMT
last-modified
Wed, 28 Sep 2016 20:19:01 GMT
server
Golfe2
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="35,34"
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cookie set /
t.dtscout.com/i/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://t.dtscout.com/i/?l=http%3A%2F%2Ftw.gs%2F4yWfDy%2F&j=
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol
HTTP/1.1
Server
69.4.231.30 Providence, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
no-rdns.ord02.hostingservicesinc.net
Software
/
Resource Hash
b384270d2ff5b944509d1650a2abb52733e9209ade001f4b5763a76d10fafcee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Connection
keep-alive
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
t.dtscout.com
Accept-Language
en-US,en;q=0.8
Referer
http://tw.gs/4yWfDy/
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Transfer-Encoding
chunked
Connection
close
Content-Type
application/javascript application/x-javascript
Cache-Control
no-cache
Set-Cookie
m=1; expires=Thu, 09-Feb-2017 04:51:41 GMT; Max-Age=28800; path=/; domain=dtscout.com b=1; expires=Thu, 09-Feb-2017 20:51:41 GMT; Max-Age=86400; path=/; domain=dtscout.com ey=1; expires=Sat, 11-Feb-2017 20:51:41 GMT; Max-Age=259200; path=/; domain=dtscout.com ah=1; expires=Thu, 09-Feb-2017 20:51:41 GMT; Max-Age=86400; path=/; domain=dtscout.com df=1486587101; expires=Fri, 08-Feb-2019 20:51:41 GMT; Max-Age=63072000; path=/; domain=dtscout.com d=%5B%5D; expires=Mon, 07-Feb-2022 20:51:41 GMT; Max-Age=157680000; path=/; domain=dtscout.com l=RQTnHlibhN00h2zHx8f1Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.dtscout.com; path=/
X-S
1-0
Expires
Wed, 08 Feb 2017 20:51:40 GMT
Date
Wed, 08 Feb 2017 20:51:41 GMT
Cookie set /
whos.amung.us/pingjs/ 		30 B
61 B 		Script
General
Check archive.org
Download Go to
Full URL
http://whos.amung.us/pingjs/?k=kcqqgogngdjy&t=Preview%20-%20http%3Atw.gs4yWfDy&c=s&y=&a=0&d=2.047&v=22&r=4879
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol
HTTP/1.1
Server
67.202.94.94 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
amung.us
Software
/
Resource Hash
dbf27899226923071cb82165ed2b9e3e72070b58ad68aa4e5a0796273ccd0553

Request headers

Pragma
no-cache
Accept-Language
en-US,en;q=0.8
Referer
http://tw.gs/4yWfDy/
Cache-Control
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate, sdch
Host
whos.amung.us
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Transfer-Encoding
chunked
Connection
close
Content-Type
text/javascript
Date
Wed, 08 Feb 2017 20:51:41 GMT
Content-Encoding
gzip
Set-Cookie
uid=CgH9JFibhN1wYRXmfsP8Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.amung.us; path=/
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1631446308&utmhn=tw.gs&utmcs=UTF-8&utmsr=1600x1200&utmvp=1598x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=Preview...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1631446308&utmhn=tw.gs&utmcs=UTF-8&utmsr=1600x1200&utmvp=1598x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=Previe...
 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1631446308&utmhn=tw.gs&utmcs=UTF-8&utmsr=1600x1200&utmvp=1598x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=Preview%20-%20http%3A%2F%2Ftw.gs%2F4yWfDy%2F&utmhid=411363318&utmr=-&utmp=%2F4yWfDy%2F&utmht=1486587101054&utmac=UA-19757328-2&utmcc=__utma%3D67419284.720489405.1486587101.1486587101.1486587101.1%3B%2B__utmz%3D67419284.1486587101.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=709888881&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400e:805::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
:scheme
https
:method
GET
:authority
www.google-analytics.com
referer
http://tw.gs/4yWfDy/
:path
/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1631446308&utmhn=tw.gs&utmcs=UTF-8&utmsr=1600x1200&utmvp=1598x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=Preview%20-%20http%3A%2F%2Ftw.gs%2F4yWfDy%2F&utmhid=411363318&utmr=-&utmp=%2F4yWfDy%2F&utmht=1486587101054&utmac=UA-19757328-2&utmcc=__utma%3D67419284.720489405.1486587101.1486587101.1486587101.1%3B%2B__utmz%3D67419284.1486587101.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=709888881&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2017 20:51:41 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
x-content-type-options
nosniff
status
200
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="35,34"
content-length
35

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1631446308&utmhn=tw.gs&utmcs=UTF-8&utmsr=1600x1200&utmvp=1598x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=Preview%20-%20http%3A%2F%2Ftw.gs%2F4yWfDy%2F&utmhid=411363318&utmr=-&utmp=%2F4yWfDy%2F&utmht=1486587101054&utmac=UA-19757328-2&utmcc=__utma%3D67419284.720489405.1486587101.1486587101.1486587101.1%3B%2B__utmz%3D67419284.1486587101.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=709888881&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
/
ps.eyeota.net/pixel/bounce/
Redirect Chain
  • http://ps.eyeota.net/pixel?pid=ml62m40&t=ajs&uid=1EE70445DD849B58C76C873402F5C7C7
  • http://ps.eyeota.net/pixel/bounce/?pid=ml62m40&t=ajs&uid=1EE70445DD849B58C76C873402F5C7C7
 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ps.eyeota.net/pixel/bounce/?pid=ml62m40&t=ajs&uid=1EE70445DD849B58C76C873402F5C7C7
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
HTTP/1.1
Server
52.58.31.11 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-31-11.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d862d946a280f3faae4d53f5a061d2f9607d6d8e4acbba7fe9ec1bf9341bf25d

Request headers

Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Accept
*/*
Connection
keep-alive
Cookie
mako_uid=15a1f7f0001-37e70000010f7f85
Host
ps.eyeota.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://tw.gs/4yWfDy/
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:51:46 GMT
Content-Length
1025
Content-Type
application/javascript

Redirect headers

Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Location
/pixel/bounce/?pid=ml62m40&t=ajs&uid=1EE70445DD849B58C76C873402F5C7C7
Date
Wed, 08 Feb 2017 20:51:41 GMT
Set-Cookie
mako_uid=15a1f7f0001-37e70000010f7f85; Domain=eyeota.net; Path=/; Expires=Thu, 08 Feb 2018 08:51:41 GMT;
ZQp6LCe0OO3LeZB6ES1CZrJvMefQTtT9oZjddBS5
n-cdn.areyouahuman.com/play/ 		144 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://n-cdn.areyouahuman.com/play/ZQp6LCe0OO3LeZB6ES1CZrJvMefQTtT9oZjddBS5?AYAH_P2=1EE70445DD849B58C76C873402F5C7C7&AYAH_F1=Lotame
Requested by
Host: t.dtscout.com
URL: http://t.dtscout.com/i/?l=http%3A%2F%2Ftw.gs%2F4yWfDy%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.11.174 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-11-174.lhr3.r.cloudfront.net
Software
/ Express
Resource Hash
a40bc1c0448168509c35b70eceb50b3bce5bcc7f20831a77d5fa215506f2a67c

Request headers

Accept-Language
en-US,en;q=0.8
Referer
http://tw.gs/4yWfDy/
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Accept
*/*
Connection
keep-alive
Cache-Control
no-cache
Host
n-cdn.areyouahuman.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Cache-Control
public, max-age=600
Content-Type
text/javascript
X-Amz-Cf-Id
TXghrCvXspqJdrVORz6Ga99H5CcFl2UwswXxHIm5dBnIaaXbBqs_mg==
Content-Encoding
gzip
Vary
Accept-Encoding
Age
546
P3P
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Via
1.1 712d6f339e31c6f84f68567d8f588821.cloudfront.net (CloudFront)
Date
Wed, 08 Feb 2017 20:22:35 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Cookie set tpid=1EE70445DD849B58C76C873402F5C7C7
bcp.crwdcntrl.net/map/ct=y/c=3825/tp=DTSC/
Redirect Chain
  • http://bcp.crwdcntrl.net/map/c=3825/tp=DTSC/tpid=1EE70445DD849B58C76C873402F5C7C7
  • http://bcp.crwdcntrl.net/map/ct=y/c=3825/tp=DTSC/tpid=1EE70445DD849B58C76C873402F5C7C7
 		49 B
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bcp.crwdcntrl.net/map/ct=y/c=3825/tp=DTSC/tpid=1EE70445DD849B58C76C873402F5C7C7
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
HTTP/1.1
Server
54.76.24.249 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-24-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Cookie
_cc_cc=ctst
Connection
keep-alive
Cache-Control
no-cache
Pragma
no-cache
Host
bcp.crwdcntrl.net
Accept-Language
en-US,en;q=0.8
Accept
image/webp,image/*,*/*;q=0.8
Accept-Encoding
gzip, deflate, sdch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://tw.gs/4yWfDy/
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Content-Type
image/gif
Set-Cookie
_cc_aud="ABR4nGNgYGCImN1yhwEOABxlAlQ%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 05-Nov-2017 20:51:40 GMT;Max-Age=23328000 _cc_cc="ACZ4nGNQsDAwtUhMNklNMjM0MEgytzRLNElMNTY0NDC2MDc0SzRmAIKI2S13GBAAAEk%2BCpQ%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 05-Nov-2017 20:51:40 GMT;Max-Age=23328000 _cc_id=8058ac4eb6100b796a4ae311038716a3;Path=/;Domain=crwdcntrl.net;Expires=Sun, 05-Nov-2017 20:51:40 GMT _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 05-Nov-2017 20:51:40 GMT
X-Server
172.25.11.118
Connection
keep-alive
Content-Length
49
Date
Wed, 08 Feb 2017 20:51:41 GMT
Cache-Control
no-cache

Redirect headers

Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
http://bcp.crwdcntrl.net/map/ct=y/c=3825/tp=DTSC/tpid=1EE70445DD849B58C76C873402F5C7C7
X-Server
172.25.11.228
Connection
keep-alive
Set-Cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net
Cache-Control
no-cache
Pragma
no-cache
Date
Wed, 08 Feb 2017 20:51:41 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Cookie set 27675
tags.bluekai.com/site/
Redirect Chain
  • http://tags.bluekai.com/site/27675?id=1EE70445DD849B58C76C873402F5C7C7&ret=html&phint=__bk_t%3DPreview%20-%20http%3A%2F%2Ftw.gs%2F4yWfDy%2F&phint=__bk_k%3Durl%2Cdomain%2Ctwitter%2Cfacebook%2Cbit.ly...
  • http://tags.bluekai.com/site/27675?dt=0&r=1944451144&sig=2016762206&bkca=KJ0aAW2FQp91hEXBFuNiTDdGQD1q07ZlcPaYU/Q/YDoBWUpbrq53ZMxok72b6Gr4qDl2KqrJB1Ino370XfVGoYCkJq/X8V6CCHu7YaiwmnFE1k3w554o3z1ASfTi...
 		62 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tags.bluekai.com/site/27675?dt=0&r=1944451144&sig=2016762206&bkca=KJ0aAW2FQp91hEXBFuNiTDdGQD1q07ZlcPaYU/Q/YDoBWUpbrq53ZMxok72b6Gr4qDl2KqrJB1Ino370XfVGoYCkJq/X8V6CCHu7YaiwmnFE1k3w554o3z1ASfTiwYNLYDXd3WqWJzArYVdoTzSsOdPXdfTlmXsf50nFsklYoxZpLoT9BTL/AKirK+9CE/ES/7BAkGBCk7bEpFj1c0XCC1WOxPM9V6myChPUdjv6YymNqSBQAZjY2/YWF01SK/ec5qWZHwV6EiNhBSx9bXw1BsPoe8gPUZjNOwX73OQHsjlZ4E+ctdNpiNMpz0Uv3rxdlpofwQ==
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
HTTP/1.1
Server
169.47.30.64 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
40.1e.2fa9.ip4.static.sl-reverse.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Connection
keep-alive
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
tags.bluekai.com
Accept-Language
en-US,en;q=0.8
Referer
http://tw.gs/4yWfDy/
Cookie
bkdc=wdc; bku=sty99BtWZNM0Objm
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Type
image/gif
Cneonction
close
Set-Cookie
bku=sty99BtWZNM0Objm; expires=Mon, 07-Aug-2017 20:51:41 GMT; path=/; domain=.bluekai.com
Content-Length
62
Pragma
no-cache
Date
Wed, 08 Feb 2017 20:51:41 GMT
Cache-Control
max-age=0, no-cache, no-store
BK-Server
7f24
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date
Wed, 08 Feb 2017 20:51:41 GMT
Location
http://tags.bluekai.com/site/27675?dt=0&r=1944451144&sig=2016762206&bkca=KJ0aAW2FQp91hEXBFuNiTDdGQD1q07ZlcPaYU/Q/YDoBWUpbrq53ZMxok72b6Gr4qDl2KqrJB1Ino370XfVGoYCkJq/X8V6CCHu7YaiwmnFE1k3w554o3z1ASfTiwYNLYDXd3WqWJzArYVdoTzSsOdPXdfTlmXsf50nFsklYoxZpLoT9BTL/AKirK+9CE/ES/7BAkGBCk7bEpFj1c0XCC1WOxPM9V6myChPUdjv6YymNqSBQAZjY2/YWF01SK/ec5qWZHwV6EiNhBSx9bXw1BsPoe8gPUZjNOwX73OQHsjlZ4E+ctdNpiNMpz0Uv3rxdlpofwQ==
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
nnCoection
close
Set-Cookie
bkdc=wdc; expires=Mon, 07-Aug-2017 20:51:41 GMT; path=/; domain=.bluekai.com bku=sty99BtWZNM0Objm; expires=Mon, 07-Aug-2017 20:51:41 GMT; path=/; domain=.bluekai.com
Content-Type
text/html
Content-Length
0
BK-Server
b97d
ads
googleads.g.doubleclick.net/pagead/ Frame 2845 		0
0
osd.js
pagead2.googlesyndication.com/pagead/ Frame 2845 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20170206/r20170110/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400e:804::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
d2855a3b55aedbd3597491d9baf840b2dcd84c8afab9312d0f75dc42e139ee03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

cache-control
no-cache
:authority
pagead2.googlesyndication.com
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
accept
*/*
:method
GET
:path
/pagead/osd.js
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
referer
http://tw.gs/4yWfDy/
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

x-content-type-options
nosniff
server
cafe
etag
18186426669720995005
cache-control
public, max-age=3600
content-encoding
gzip
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
alt-svc
quic=":443"; ma=2592000; v="35,34"
content-length
28984
x-xss-protection
1; mode=block
content-type
text/javascript; charset=UTF-8
date
Wed, 08 Feb 2017 20:09:22 GMT
age
2539
status
200
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
expires
Wed, 08 Feb 2017 21:09:22 GMT
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers
Cookie set tc.js
cdn.tynt.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.tynt.com/tc.js
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol
HTTP/1.1
Server
104.16.87.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
22968ed5d3590528d0ed24e5ef56c1a3b38065baeafc5561b560800637783e4b

Request headers

Host
cdn.tynt.com
Accept-Language
en-US,en;q=0.8
Referer
http://tw.gs/4yWfDy/
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Connection
keep-alive
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Set-Cookie
__cfduid=d43876d1b2a2c42bcbf95ab6ce56861f31486587101; expires=Thu, 08-Feb-18 20:51:41 GMT; path=/; domain=.tynt.com; HttpOnly
CF-RAY
32e1f606a1c9638b-FRA
Content-Encoding
gzip
CF-Cache-Status
HIT
Server
cloudflare-nginx
Vary
Accept-Encoding
Connection
keep-alive
Last-Modified
Tue, 17 Jan 2017 20:21:58 GMT
ETag
W/"587e7ce6-386b"
Expires
Sat, 11 Feb 2017 20:51:41 GMT
Date
Wed, 08 Feb 2017 20:51:41 GMT
Content-Type
application/javascript
Cache-Control
public, max-age=259200
Transfer-Encoding
chunked
match
ps.eyeota.net/
Redirect Chain
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&bid=gdo9o51&newuser=1&google_tc=
  • http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEGVfbvyFgbJkKMdpnqZtMDw&google_cver=1
 		70 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEGVfbvyFgbJkKMdpnqZtMDw&google_cver=1
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
HTTP/1.1
Server
52.58.31.11 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-31-11.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Encoding
gzip, deflate, sdch
Host
ps.eyeota.net
Accept-Language
en-US,en;q=0.8
Cache-Control
no-cache
Pragma
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://tw.gs/4yWfDy/
Cookie
mako_uid=15a1f7f0001-37e70000010f7f85
Connection
keep-alive
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:51:41 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEGVfbvyFgbJkKMdpnqZtMDw&google_cver=1
Set-Cookie
id=229b134d232f0017||t=1486587101|et=730|cs=002213fd48ee64b981ce74ba70; expires=Fri, 08-Feb-2019 20:51:41 GMT; path=/; domain=.doubleclick.net test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUnyPmzjfUxpsBCNYTw9erNyG8ZzF4a-8Tt8aJ9dO3ijHsfa4hjobA; expires=Fri, 08-Feb-2019 20:51:41 GMT; path=/; domain=.doubleclick.net; HttpOnly
Content-Length
310
Pragma
no-cache
Date
Wed, 08 Feb 2017 20:51:41 GMT
Server
HTTP server (unknown)
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1
  • http://ps.eyeota.net/match?uid=7968784246743513852&bid=2cr76e1
 		70 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ps.eyeota.net/match?uid=7968784246743513852&bid=2cr76e1
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
HTTP/1.1
Server
52.58.31.11 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-31-11.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
http://tw.gs/4yWfDy/
Connection
keep-alive
Cache-Control
no-cache
Host
ps.eyeota.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Cookie
mako_uid=15a1f7f0001-37e70000010f7f85
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://tw.gs/4yWfDy/

Response headers

Date
Wed, 08 Feb 2017 20:51:41 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
http://ps.eyeota.net/match?uid=7968784246743513852&bid=2cr76e1
Access-Control-Allow-Credentials
true
X-XSS-Protection
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Date
Wed, 08 Feb 2017 20:51:43 GMT
Content-Type
text/html; charset=utf-8
X-Proxy-Origin
148.251.45.170; 148.251.45.170; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.13:80
Content-Length
0
Pragma
no-cache
Server
nginx/1.11.5
Access-Control-Allow-Origin
*
Set-Cookie
sess=1; Path=/; Max-Age=86400; Expires=Thu, 09-Feb-2017 20:51:43 GMT; Domain=.adnxs.com; HttpOnly uuid2=7968784246743513852; Path=/; Max-Age=7776000; Expires=Tue, 09-May-2017 20:51:43 GMT; Domain=.adnxs.com; HttpOnly
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • http://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1
  • http://ps.eyeota.net/match?uid=63fee6f6-ed22-4529-a2fa-1b2d5de82940&bid=1e2n4ou
 		70 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ps.eyeota.net/match?uid=63fee6f6-ed22-4529-a2fa-1b2d5de82940&bid=1e2n4ou
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
HTTP/1.1
Server
52.58.31.11 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-31-11.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Encoding
gzip, deflate, sdch
Host
ps.eyeota.net
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://tw.gs/4yWfDy/
Connection
keep-alive
Pragma
no-cache
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Cookie
mako_uid=15a1f7f0001-37e70000010f7f85
Cache-Control
no-cache
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:51:41 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

Server
Microsoft-IIS/8.5
Location
http://ps.eyeota.net/match?uid=63fee6f6-ed22-4529-a2fa-1b2d5de82940&bid=1e2n4ou
Connection
keep-alive
Content-Type
text/html
Content-Length
189
Pragma
no-cache
Date
Wed, 08 Feb 2017 20:51:41 GMT
X-AspNet-Version
4.0.30319
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Set-Cookie
TDID=63fee6f6-ed22-4529-a2fa-1b2d5de82940; domain=.adsrvr.org; expires=Thu, 08-Feb-2018 20:51:42 GMT; path=/ TDCPM=CAESFQoGZXllb3RhEgsI7oHlnsqb6DQQBRgFIAEoAjILCPzTm8vgm+g0EAU4AQ==; domain=.adsrvr.org; expires=Thu, 08-Feb-2018 20:51:42 GMT; path=/
Cache-Control
private,no-cache, must-revalidate
match
ps.eyeota.net/
Redirect Chain
  • http://rtd.tubemogul.com/upi/pid/lons7jax?puid=15a1f7f0001-37e70000010f7f85&redir=http%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu
  • http://ps.eyeota.net/match?uid=6639119558395752271&bid=0rijhbu
 		70 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ps.eyeota.net/match?uid=6639119558395752271&bid=0rijhbu
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
HTTP/1.1
Server
52.58.31.11 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-31-11.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Encoding
gzip, deflate, sdch
Host
ps.eyeota.net
Cookie
mako_uid=15a1f7f0001-37e70000010f7f85
Connection
keep-alive
Pragma
no-cache
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://tw.gs/4yWfDy/
Cache-Control
no-cache
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:51:41 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

Server
Jetty(9.3.8.v20160314)
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
Location
http://ps.eyeota.net/match?uid=6639119558395752271&bid=0rijhbu
Set-Cookie
_tmid=6639119558395752271;Path=/;Domain=.tubemogul.com;Expires=Thu, 08-Feb-2018 20:51:41 GMT
Cache-Control
no-cache
Connection
close
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Date
Wed, 08 Feb 2017 20:51:41 GMT
match
ps.eyeota.net/
Redirect Chain
  • http://dmp.adform.net/serving/cookie/match/?CC=1&party=1009
  • http://ps.eyeota.net/match?uid=6593232223887589112&bid=9gdtmu1
 		70 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ps.eyeota.net/match?uid=6593232223887589112&bid=9gdtmu1
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
HTTP/1.1
Server
52.58.31.11 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-31-11.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Encoding
gzip, deflate, sdch
Host
ps.eyeota.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://tw.gs/4yWfDy/
Cookie
mako_uid=15a1f7f0001-37e70000010f7f85
Cache-Control
no-cache
Pragma
no-cache
Accept-Language
en-US,en;q=0.8
Connection
keep-alive
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:51:46 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

Location
http://ps.eyeota.net/match?uid=6593232223887589112&bid=9gdtmu1
Date
Wed, 08 Feb 2017 20:51:41 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=15
Content-Length
0
Cookie set p
ic.tynt.com/b/ 		35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!kcqqgogngdjy&lm=0&ts=1486587101232&t=Preview%20-%20http%3A%2F%2Ftw.gs%2F4yWfDy%2F
Requested by
Host: tw.gs
URL: http://tw.gs/4yWfDy/
Protocol
HTTP/1.1
Server
208.100.17.187 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip187.208-100-17.static.steadfastdns.net
Software
nginx/1.10.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Host
ic.tynt.com
Accept-Language
en-US,en;q=0.8
Connection
keep-alive
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://tw.gs/4yWfDy/
Cookie
__cfduid=d43876d1b2a2c42bcbf95ab6ce56861f31486587101
Pragma
no-cache
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Last-Modified
Fri, 16 Apr 2010 15:38:20 GMT
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Cache-Control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
Set-Cookie
uid=CmUMLVibhN1tvMtZHKxQAg==; expires=Thu, 08-Feb-18 20:51:41 GMT; domain=tynt.com; path=/
Accept-Ranges
bytes
Content-Length
35
Date
Wed, 08 Feb 2017 20:51:41 GMT
Server
nginx/1.10.1
ETag
"4bc8846c-23"
Connection
close
Content-Type
image/gif
Expires
"Sat, 26 Jul 1997 05:00:00 GMT"
kitten
n-cdn.areyouahuman.com/ Frame 2845 		0
0
events
n-cdn-origin.areyouahuman.com/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://n-cdn-origin.areyouahuman.com/events?cb=b3d9aa67a73f75c5d56ebb4bcf69bd032
Requested by
Host: n-cdn.areyouahuman.com
URL: https://n-cdn.areyouahuman.com/play/ZQp6LCe0OO3LeZB6ES1CZrJvMefQTtT9oZjddBS5?AYAH_P2=1EE70445DD849B58C76C873402F5C7C7&AYAH_F1=Lotame
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.41.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-45-41-110.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
http://tw.gs
Accept-Encoding
gzip, deflate, sdch, br
Connection
keep-alive
Accept
*/*
Cache-Control
no-cache
Referer
http://tw.gs/4yWfDy/
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Host
n-cdn-origin.areyouahuman.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://tw.gs

Response headers

Date
Wed, 08 Feb 2017 20:51:41 GMT
X-Powered-By
Express
P3P
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Access-Control-Allow-Origin
http://tw.gs
Vary
Origin
Access-Control-Allow-Methods
POST, OPTIONS
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-type, Content-encoding
favpng.png
web.cdn.imgz.biz/web/tw.gs/img/ 		510 B
510 B 		Other
General
Check archive.org
Download Go to
Full URL
http://web.cdn.imgz.biz/web/tw.gs/img/favpng.png
Protocol
HTTP/1.1
Server
115.71.237.12 , Korea, Republic Of, ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software
nginx /
Resource Hash
1a2a9246c297ca0fcc09c7e8131cbada97a1d9458ff26bf106176fcafbca707a

Request headers

Pragma
no-cache
Host
web.cdn.imgz.biz
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept-Encoding
gzip, deflate, sdch
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://tw.gs/4yWfDy/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Last-Modified
Sat, 31 May 2014 13:20:39 GMT
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
510
Expires
Thu, 08 Feb 2018 20:51:40 GMT
Date
Wed, 08 Feb 2017 20:51:40 GMT
Server
nginx
Content-Type
image/png
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20170206/r20170110/ Frame 2845 		175 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20170206/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
HTTP/1.1
Server
2a00:1450:400e:804::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
a9b423a5f55d248d65ec8b1fe1a4af579ceb3dde7c3ba731c414e84e66e190fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tw.gs/4yWfDy/
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
pagead2.googlesyndication.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept-Language
en-US,en;q=0.8
Accept
*/*
Connection
keep-alive
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Content-Type
text/javascript; charset=UTF-8
Timing-Allow-Origin
*
Date
Wed, 08 Feb 2017 20:51:41 GMT
Content-Encoding
gzip
ETag
16172460180973020815
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
X-Content-Type-Options
nosniff
Server
cafe
Content-Disposition
attachment; filename="f.txt"
Content-Length
66332
X-XSS-Protection
1; mode=block
Expires
Wed, 08 Feb 2017 20:51:41 GMT
Cookie set v2
de.tynt.com/deb/ 		601 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
http://de.tynt.com/deb/v2?id=w!kcqqgogngdjy&dn=TC&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/tc.js
Protocol
HTTP/1.1
Server
208.100.17.188 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip188.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
ff7d211aaf3b5654ea009365cf93dcef79693156810d31e127e2036357150afe

Request headers

Host
de.tynt.com
Cookie
__cfduid=d43876d1b2a2c42bcbf95ab6ce56861f31486587101; uid=CmUMLVibhN1tvMtZHKxQAg==
Cache-Control
no-cache
Accept
*/*
Referer
http://tw.gs/4yWfDy/
Connection
keep-alive
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Connection
close
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
Set-Cookie
pids=%5B%7B%22p%22%3A%22700df83834%22%2C%22f%22%3A1%2C%22ts%22%3A1486587101625%7D%2C%7B%22p%22%3A%22af48439725%22%2C%22f%22%3A1%2C%22ts%22%3A1486587101625%7D%2C%7B%22p%22%3A%22410719e95b%22%2C%22f%22%3A1%2C%22ts%22%3A1486587101625%7D%5D;Version=1;Max-Age=7776000
Content-Length
601
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Date
Wed, 08 Feb 2017 20:51:41 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Cookie set events
n-cdn-origin.areyouahuman.com/ 		2 B
2 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n-cdn-origin.areyouahuman.com/events?cb=b3d9aa67a73f75c5d56ebb4bcf69bd032
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.215.190 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-206-215-190.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://tw.gs/4yWfDy/
Origin
http://tw.gs
Host
n-cdn-origin.areyouahuman.com
Accept-Language
en-US,en;q=0.8
Content-type
application/json
Connection
keep-alive
Content-Length
554
Pragma
no-cache
Accept-Encoding
gzip, deflate, br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Content-type
application/json
Referer
http://tw.gs/4yWfDy/
Origin
http://tw.gs

Response headers

Date
Wed, 08 Feb 2017 20:51:42 GMT
Connection
keep-alive
P3P
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Access-Control-Allow-Origin
http://tw.gs
Access-Control-Allow-Credentials
true
Set-Cookie
aoc=739a1431-0f7c-4fc7-815c-14343014f684; Max-Age=31536000; Domain=.areyouahuman.com; Path=/; Expires=Thu, 08 Feb 2018 20:51:42 GMT
Content-Type
text/plain
Content-Length
2
X-Powered-By
Express
Vary
Origin
Cookie set ca.png
s.cpx.to/
Redirect Chain
  • http://ib.adnxs.com/getuid?http%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D11254%26adnxs_uid%3D%24UID
  • http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=7968784246743513852
 		95 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=7968784246743513852
Protocol
HTTP/1.1
Server
52.49.5.159 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-49-5-159.eu-west-1.compute.amazonaws.com
Software
spray-can/1.3.1 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Cache-Control
no-cache
Host
s.cpx.to
Accept-Language
en-US,en;q=0.8
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://tw.gs/4yWfDy/
Connection
keep-alive
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:51:41 GMT
Server
spray-can/1.3.1
Content-Type
image/png
Pragma
no-cache
P3P
CP="NOI DEV ADM"
Set-Cookie
cpSess=b014feed7f9b45688d67a127053eb7c5; Expires=Thu, 08 Feb 2018 20:51:41 GMT; Domain=.cpx.to; Path=/; HttpOnly
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95
Expires
Wed, 08 Feb 2017 20:51:41 GMT

Redirect headers

Location
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=7968784246743513852
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Date
Wed, 08 Feb 2017 20:51:43 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, private
Set-Cookie
sess=1; Path=/; Max-Age=86400; Expires=Thu, 09-Feb-2017 20:51:43 GMT; Domain=.adnxs.com; HttpOnly uuid2=7968784246743513852; Path=/; Max-Age=7776000; Expires=Tue, 09-May-2017 20:51:43 GMT; Domain=.adnxs.com; HttpOnly
X-Proxy-Origin
148.251.45.170; 148.251.45.170; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.52:80
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
Server
nginx/1.11.5
Connection
keep-alive
match
ps.eyeota.net/
Redirect Chain
  • http://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=http%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1
  • http://ps.eyeota.net/match?bid=9sn4omv&uid=gLkPvSNW1CBzdj5&newuser=1
 		70 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ps.eyeota.net/match?bid=9sn4omv&uid=gLkPvSNW1CBzdj5&newuser=1
Protocol
HTTP/1.1
Server
52.58.31.11 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-31-11.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Host
ps.eyeota.net
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://tw.gs/4yWfDy/
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Cookie
mako_uid=15a1f7f0001-37e70000010f7f85
Connection
keep-alive
Pragma
no-cache
Referer
http://tw.gs/4yWfDy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Wed, 08 Feb 2017 20:51:41 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

Connection
keep-alive
Date
Wed, 08 Feb 2017 20:51:40 GMT
Server
PixelTracking/v2.0.30-103-g89af284#rel-ec2-master i-0e1b413457e95fccf@eu-central-1a@dxedge-app_eu-central-1_prod_asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
http://ps.eyeota.net/match?bid=9sn4omv&uid=gLkPvSNW1CBzdj5&newuser=1
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Pragma
no-cache
Set-Cookie
wfivefivec=gLkPvSNW1CBzdj5; Domain=.w55c.net; Expires=Thu, 08-Mar-2018 20:51:41 GMT; Path=/
Cache-Control
no-cache, must-revalidate
Content-Length
0
27519
tags.bluekai.com/site/ Frame 2845 		0
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2845 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
web.cdn.imgz.biz
URL
http://web.cdn.imgz.biz/web/tw.gs/css/sub_page.css
Domain
web.cdn.imgz.biz
URL
http://web.cdn.imgz.biz/web/tw.gs/js/js_code_sub_page.js
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/html/r20170206/r20170110/zrt_lookup.html
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3080816987632589&output=html&h=60&slotname=7973708058&adk=3377950904&adf=1945161813&w=468&lmt=1486587101&flash=24.0.0&url=http%3A%2F%2Ftw.gs%2F4yWfDy%2F&wgl=1&dt=1486587100940&bpp=12&bdt=959&fdt=14&idt=248&shv=r20170206&cbv=r20170110&saldr=sa&correlator=3379175688571&frm=20&ga_vid=720489405.1486587101&ga_sid=1486587101&ga_hid=411363318&ga_fc=1&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&dff=times%20new%20roman&dfs=16&adx=565&ady=105&biw=1598&bih=1083&eid=4089036%2C575144605%2C41100124&oid=3&rx=0&eae=0&fc=16&brdim=1%2C67%2C1%2C67%2C1600%2C0%2C1598%2C1083%2C1598%2C1083&vis=2&rsz=d%7C%7CeEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=GPbdwyf66Q&p=http%3A//tw.gs&dtd=268
Domain
n-cdn.areyouahuman.com
URL
https://n-cdn.areyouahuman.com/kitten?ak=b3d9aa67a73f75c5d56ebb4bcf69bd032&pk=ZQp6LCe0OO3LeZB6ES1CZrJvMefQTtT9oZjddBS5&AYAH_VERSION=2.0&rthtsync=false&cookiesync=true
Domain
tags.bluekai.com
URL
http://tags.bluekai.com/site/27519?id=CmUMLVibhN1tvMtZHKxQAg%3D%3D&ret=html&random=1486587101625
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-undefined&format=undefinedxundefined&output=html&adk=1556384573&adf=1469294164&lmt=1486587101&ea=0&flash=24.0.0&url=http%3A%2F%2Ftw.gs%2F4yWfDy%2F&wgl=1&dt=1486587100958&bpp=15&bdt=977&fdt=512&idt=730&shv=r20170206&cbv=r20170110&saldr=sa&prev_slotnames=7973708058&correlator=3379175688571&frm=20&ga_vid=720489405.1486587101&ga_sid=1486587101&ga_hid=411363318&ga_fc=1&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&dff=times%20new%20roman&dfs=16&adx=8&ady=283&biw=1598&bih=1083&eid=4089036%2C575144605%2C41100124&oid=3&rx=0&eae=2&fc=16&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1083&vis=1&rsz=%7C%7C%7C&abl=CS&ppjl=u&fu=16&bc=1&ifi=2&dtd=749

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
.tw.gs/ Name: __utmt
Value: 1
.tw.gs/ Name: __utmc
Value: 67419284
.tw.gs/ Name: __utma
Value: 67419284.720489405.1486587101.1486587101.1486587101.1
.tw.gs/ Name: __utmz
Value: 67419284.1486587101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.tw.gs/ Name: __utmb
Value: 67419284.1.10.1486587101

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bcp.crwdcntrl.net
cdn.tynt.com
de.tynt.com
googleads.g.doubleclick.net
ic.tynt.com
n-cdn-origin.areyouahuman.com
n-cdn.areyouahuman.com
pagead2.googlesyndication.com
ps.eyeota.net
s.cpx.to
t.dtscout.com
tags.bluekai.com
tw.gs
web.cdn.imgz.biz
whos.amung.us
widgets.amung.us
www.google-analytics.com
googleads.g.doubleclick.net
n-cdn.areyouahuman.com
tags.bluekai.com
web.cdn.imgz.biz
104.16.87.26
115.71.237.12
115.71.238.232
146.185.16.146
169.47.30.64
208.100.17.187
208.100.17.188
2a00:1450:400e:804::2002
2a00:1450:400e:804::200a
2a00:1450:400e:805::200e
52.206.215.190
52.45.41.110
52.49.5.159
52.58.31.11
54.192.11.174
54.76.24.249
67.202.94.94
69.4.231.30
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
1a2a9246c297ca0fcc09c7e8131cbada97a1d9458ff26bf106176fcafbca707a
22968ed5d3590528d0ed24e5ef56c1a3b38065baeafc5561b560800637783e4b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
4765e0126f61a38f42f972a43b0ef67431f9a716003e325e88f085c69801313a
4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a40bc1c0448168509c35b70eceb50b3bce5bcc7f20831a77d5fa215506f2a67c
a9b423a5f55d248d65ec8b1fe1a4af579ceb3dde7c3ba731c414e84e66e190fb
acffcc25e0c3a3b85f4cc7c4641554cffa2251a1b9c8408a21c5bcffcde36c06
b384270d2ff5b944509d1650a2abb52733e9209ade001f4b5763a76d10fafcee
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c8cf19c0ea02786bc86bed212ebd8b30d00799123938b3f15d6d41974ac7968a
d2855a3b55aedbd3597491d9baf840b2dcd84c8afab9312d0f75dc42e139ee03
d862d946a280f3faae4d53f5a061d2f9607d6d8e4acbba7fe9ec1bf9341bf25d
dbf27899226923071cb82165ed2b9e3e72070b58ad68aa4e5a0796273ccd0553
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f842ce8ba41db6df4166c3fdf5a2a651f2c2a4d9f8cc9ce71e422e3280f7fb0a
ff7d211aaf3b5654ea009365cf93dcef79693156810d31e127e2036357150afe