urlscan.io logo urlscan.io
SecurityTrails logo

www.twahotel.com Open in urlscan Pro
2606:4700:20::681a:56c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mclinks.info.twahotel.com/a/9154/click/1919/14945/5f18cf7b58acfe1adcb08cf435f89ac7b1a34568/ee7f8bb3b8feab17fb74b0efcf5f511...
Effective URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Submission: On May 10 via manual
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:20::681a:56c, located in and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.twahotel.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 13th 2019. Valid for: a year.
This is the only time www.twahotel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.190.70.47 15169 (GOOGLE)
1 20 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2606:2800:234... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.110 54113 (FASTLY)
1 162.247.242.20 23467 (NEWRELIC-...)
28 7
1    35.190.70.47 (None, )

ASN15169 (GOOGLE - Google LLC, US)
PTR: 47.70.190.35.bc.googleusercontent.com
mclinks.info.twahotel.com
20    2606:4700:20::681a:56c (None, )

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.twahotel.com
3    2606:2800:234:660:118e:28f:1d8a:2522 (None, )

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
fast.fonts.net
2    2a00:1450:4001:824::2008 (None, )

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a00:1450:4001:808::200e (None, )

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9c (None, )

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    151.101.2.110 (None, )

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.20 (None, )

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
Domain Requested by
20 www.twahotel.com 1 redirects www.twahotel.com
fast.fonts.net
3 fast.fonts.net www.twahotel.com
fast.fonts.net
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 www.googletagmanager.com www.twahotel.com
www.googletagmanager.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.twahotel.com
1 stats.g.doubleclick.net www.twahotel.com
1 mclinks.info.twahotel.com 1 redirects
28 8

This site contains links to these domains. Also see Links.

Domain
gc.synxis.com
shop.twahotel.com
www.sevenrooms.com
resy.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-02-13 -
2020-02-13		 a year crt.sh
s9.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2019-01-16 -
2021-02-03		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Frame ID: 32E9CE9ABA05CABF6BB1614FF647B918
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mclinks.info.twahotel.com/a/9154/click/1919/14945/5f18cf7b58acfe1adcb08cf435f89ac7b1a34568/ee7f8bb3b8f... HTTP 302
    https://www.twahotel.com/?utm_medium=email&utm_source=da&utm_campaign=twa_retail!retail_190510&utm_co... HTTP 301
    https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers expires /19 Nov 1978/i
  • env /^Drupal$/i
Overall confidence: 100%
Detected patterns
  • headers expires /19 Nov 1978/i
  • env /^Drupal$/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^NREUM/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

28
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

7
IPs

1
Countries

2273 kB
Transfer

2875 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mclinks.info.twahotel.com/a/9154/click/1919/14945/5f18cf7b58acfe1adcb08cf435f89ac7b1a34568/ee7f8bb3b8feab17fb74b0efcf5f511e1fc3fcce HTTP 302
    https://www.twahotel.com/?utm_medium=email&utm_source=da&utm_campaign=twa_retail!retail_190510&utm_content=image&utm_source=cendyn&utm_medium=email&utm_campaign=air_wear HTTP 301
    https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1063879215&t=pageview&_s=1&dl=https%3A%2F%2Fwww.twahotel.com%2F%3Futm_medium%3Demail%26utm_source%3Dcendyn%26utm_campaign%3Dair_wear%26utm_content%3Dimage&dp=%2F%3Futm_medium%3Demail%26utm_source%3Dcendyn%26utm_campaign%3Dair_wear%26utm_content%3Dimage&ul=en-us&de=UTF-8&dt=TWA%20Hotel%20at%20JFK&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=oGBACUABB~&jid=414620004&gjid=1093040589&cid=881116085.1557532016&tid=UA-56807821-9&_gid=470449247.1557532016&_r=1&cd1=utm_source%3Dcendyn%26utm_campaign%3Dair_wear%26utm_content%3Dimage&gtm=2on521&z=572427696 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56807821-9&cid=881116085.1557532016&jid=414620004&_gid=470449247.1557532016&gjid=1093040589&_v=j73&z=572427696

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.twahotel.com/
Redirect Chain
  • http://mclinks.info.twahotel.com/a/9154/click/1919/14945/5f18cf7b58acfe1adcb08cf435f89ac7b1a34568/ee7f8bb3b8feab17fb74b0efcf5f511e1fc3fcce
  • https://www.twahotel.com/?utm_medium=email&utm_source=da&utm_campaign=twa_retail!retail_190510&utm_content=image&utm_source=cendyn&utm_medium=email&utm_campaign=air_wear
  • https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
43 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
831fc0db1ff8a303e4aed16b2fa1999927122e3ff41792791744e5233d7eb980
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.twahotel.com
:scheme
https
:path
/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
cookie
__cfduid=d7d2c015008b2ee8231d37b93d68d3ad11557532014
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Fri, 10 May 2019 23:46:55 GMT
content-type
text/html; charset=UTF-8
x-drupal-dynamic-cache
UNCACHEABLE
link
<https://www.twahotel.com/>; rel="canonical", <https://www.twahotel.com/>; rel="shortlink", </>; rel="revision"
x-ua-compatible
IE=edge
content-language
en
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
expires
Sun, 19 Nov 1978 05:00:00 GMT
vary
Cookie, Accept-Encoding
x-generator
Drupal 8 (https://www.drupal.org)
x-drupal-cache
HIT
strict-transport-security
max-age=63072000
last-modified
Fri, 10 May 2019 18:09:13 GMT
x-xss-protection
1; mode=block
cache-control
public, s-maxage=307, max-age=607
cf-cache-status
REVALIDATED
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4d4fcb978f39c2d6-FRA
content-encoding
br

Redirect headers

status
301
date
Fri, 10 May 2019 23:46:55 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d7d2c015008b2ee8231d37b93d68d3ad11557532014; expires=Sat, 09-May-20 23:46:54 GMT; path=/; domain=.twahotel.com; HttpOnly
x-drupal-route-normalizer
1
x-ua-compatible
IE=edge
content-language
en
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-generator
Drupal 8 (https://www.drupal.org)
x-drupal-cache
HIT
strict-transport-security
max-age=63072000
location
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
expires
Fri, 10 May 2019 23:56:55 GMT
x-xss-protection
1; mode=block
cache-control
public, s-maxage=307, max-age=607
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4d4fcb94b99ac2d6-FRA
css_N9nBs8CDr2S1uT6jq6b6PBoHzFotZo55tN3b9Rbk6P4.css
www.twahotel.com/sites/default/files/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.twahotel.com/sites/default/files/css/css_N9nBs8CDr2S1uT6jq6b6PBoHzFotZo55tN3b9Rbk6P4.css?pql3ab
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9584b039810094e26dc496a200210de7a5d92a34825f08c97da155b270077977
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=28561
status
200
last-modified
Thu, 25 Apr 2019 12:19:53 GMT
strict-transport-security
max-age=63072000
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2678400
cf-ray
4d4fcb9a1c2dc2d6-FRA
expires
Mon, 27 May 2019 20:00:19 GMT
css_jw0osh4X91TFY2Ve7oPRjYPSuJabLA1vH0bk7FltEg0.css
www.twahotel.com/sites/default/files/css/ 		130 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.twahotel.com/sites/default/files/css/css_jw0osh4X91TFY2Ve7oPRjYPSuJabLA1vH0bk7FltEg0.css?pql3ab
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22292a118e6745905f6627fd6ee98e2c9a7b62c830d132b907f3bf68662579e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=136033
status
200
last-modified
Thu, 25 Apr 2019 12:19:46 GMT
strict-transport-security
max-age=63072000
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2678400
cf-ray
4d4fcb9a1c31c2d6-FRA
expires
Mon, 27 May 2019 20:00:19 GMT
twa-logo_0.png
www.twahotel.com/sites/default/files/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.twahotel.com/sites/default/files/twa-logo_0.png
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
255ee10feee85a029a437f9eb782160b6762f239f0ab321d5ea371816c4a8694
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=7026
status
200
content-disposition
inline; filename="twa-logo_0.webp"
cf-bgj
imgq:85
vary
Accept
content-length
6656
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 13:05:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1b72-581da4ec00977"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000
content-type
image/webp
cache-control
max-age=2678400, public
accept-ranges
bytes
cf-ray
4d4fcb9a1c32c2d6-FRA
expires
Mon, 10 Jun 2019 21:54:23 GMT
TWA_Retail_Hero_3.jpg
www.twahotel.com/sites/default/files/2019-05/ 		654 KB
655 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.twahotel.com/sites/default/files/2019-05/TWA_Retail_Hero_3.jpg
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b85fa91ae2e5dbb7d3971c39b52491ad1bde0991407192f62e822ba3152b27b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=1563194
status
200
content-disposition
inline; filename="TWA_Retail_Hero_3.webp"
cf-bgj
imgq:85
vary
Accept
content-length
669896
x-xss-protection
1; mode=block
last-modified
Fri, 10 May 2019 14:32:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"17da3a-5888970c3a864"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000
content-type
image/webp
cache-control
max-age=2678400, public
accept-ranges
bytes
cf-ray
4d4fcb9a1c34c2d6-FRA
expires
Mon, 10 Jun 2019 14:34:29 GMT
TWA_Pool_HR_2.jpg
www.twahotel.com/sites/default/files/2019-04/ 		651 KB
652 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.twahotel.com/sites/default/files/2019-04/TWA_Pool_HR_2.jpg
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9cd03a807b6b29bee4063e6a3a56f2c49bfab0ef8e41538d5685739863e715d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=873854
status
200
content-disposition
inline; filename="TWA_Pool_HR_2.webp"
cf-bgj
imgq:85
vary
Accept
content-length
667008
x-xss-protection
1; mode=block
last-modified
Tue, 23 Apr 2019 12:37:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"d557e-58731d97317c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000
content-type
image/webp
cache-control
max-age=2678400, public
accept-ranges
bytes
cf-ray
4d4fcb9a5ca0c2d6-FRA
expires
Sun, 02 Jun 2019 06:18:32 GMT
home-1920x1080.jpg
www.twahotel.com/sites/default/files/2017-11/ 		230 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.twahotel.com/sites/default/files/2017-11/home-1920x1080.jpg
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f054935520239dbd07dd5a242b4a46ed405b750738275f555f80e31343904d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
strict-transport-security
max-age=63072000
content-length
235866
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 13:05:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"3995a-581da4ec3c694"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cf-bgj
imgq:85
cache-control
max-age=2678400, public
accept-ranges
bytes
cf-ray
4d4fcb9a5ca1c2d6-FRA
expires
Mon, 27 May 2019 20:00:19 GMT
TWA_Homepage_Starstream_Ballroom_1920_1080_3.jpg
www.twahotel.com/sites/default/files/2018-10/ 		191 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.twahotel.com/sites/default/files/2018-10/TWA_Homepage_Starstream_Ballroom_1920_1080_3.jpg
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c279d2552cc8c5e54d78330cb3ed2eaf0c997289a7c354b9050ff20933fcb97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=565769
status
200
content-disposition
inline; filename="TWA_Homepage_Starstream_Ballroom_1920_1080_3.webp"
cf-bgj
imgq:85
vary
Accept
content-length
195332
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 13:05:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"8a209-581da4ee15990"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000
content-type
image/webp
cache-control
max-age=2678400, public
accept-ranges
bytes
cf-ray
4d4fcb9a5ca2c2d6-FRA
expires
Sun, 09 Jun 2019 07:35:34 GMT
js_zCD-1QHva1vNFue4jKkcsFBNuv3JG4aA_3fItNThKME.js
www.twahotel.com/sites/default/files/js/ 		321 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.twahotel.com/sites/default/files/js/js_zCD-1QHva1vNFue4jKkcsFBNuv3JG4aA_3fItNThKME.js
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c986ba7a8fabf9b2f188e593be5d6f74f19a844766432fc8816892809d0ac38b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=423889
status
200
strict-transport-security
max-age=63072000
x-xss-protection
1; mode=block
last-modified
Thu, 25 Apr 2019 12:19:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1a3c2-58759d5ddbfa8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cf-bgj
minify
cache-control
max-age=2678400
cf-ray
4d4fcb9a5c9ac2d6-FRA
expires
Mon, 27 May 2019 20:00:19 GMT
fbab9ea0-e25c-4a78-9126-c9589b500881.js
fast.fonts.net/jsapi/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/jsapi/fbab9ea0-e25c-4a78-9126-c9589b500881.js
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 -, , ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40F7) /
Resource Hash
609cebf292ed304c4c54b0e493d356cb18b1a7abe76b8960a6a0976398b794b4

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
content-encoding
gzip
last-modified
Fri, 23 Mar 2018 14:20:24 GMT
server
ECS (fcn/40F7)
access-control-allow-origin
*
etag
"1571077363+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
3658
expires
Fri, 17 May 2019 23:46:55 GMT
js_gV5gD_5uLyFWA1H4p-KHGXNmYLbTcmSqBvBScb5ypR0.js
www.twahotel.com/sites/default/files/js/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.twahotel.com/sites/default/files/js/js_gV5gD_5uLyFWA1H4p-KHGXNmYLbTcmSqBvBScb5ypR0.js
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
68cceb824488dfed71ca47c52e985ede1d02472185b77b70062347d57e3d455c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=98798
status
200
strict-transport-security
max-age=63072000
x-xss-protection
1; mode=block
last-modified
Thu, 25 Apr 2019 12:19:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"63e1-58759d5de2152"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cf-bgj
minify
cache-control
max-age=2678400
cf-ray
4d4fcb9a5c9fc2d6-FRA
expires
Mon, 27 May 2019 20:00:19 GMT
gtm.js
www.googletagmanager.com/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WCSX6BP
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 -, , ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
88e6d93e4465ecdebe89520fc604bbb7871298f5a9df350567d836cb6e830342
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
content-encoding
br
last-modified
Thu, 09 May 2019 21:48:29 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27599
x-xss-protection
0
expires
Fri, 10 May 2019 23:46:55 GMT
lozenge.png
www.twahotel.com/themes/custom/twa_hotel/assets/images/button/ 		748 B
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.twahotel.com/themes/custom/twa_hotel/assets/images/button/lozenge.png
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
132526e191b666cca9f8469893cd19e813143f6a4288b75905062ca8b4235c1e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1723
status
200
content-disposition
inline; filename="lozenge.webp"
cf-bgj
imgq:85
vary
Accept
content-length
748
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 16:56:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"6bb-581dd8bbd1177"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000
content-type
image/webp
cache-control
max-age=2678400, public
accept-ranges
bytes
cf-ray
4d4fcb9a5cb7c2d6-FRA
expires
Mon, 27 May 2019 20:16:06 GMT
expand-button-closed.png
www.twahotel.com/themes/custom/twa_hotel/assets/images/icon/ 		114 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.twahotel.com/themes/custom/twa_hotel/assets/images/icon/expand-button-closed.png
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe35c5cb0155086389190904a75ea9e2bfed98292a8a8ac8d6b87b1ecffeb27d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.twahotel.com/sites/default/files/css/css_jw0osh4X91TFY2Ve7oPRjYPSuJabLA1vH0bk7FltEg0.css?pql3ab
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=212
status
200
content-disposition
inline; filename="expand-button-closed.webp"
cf-bgj
imgq:85
vary
Accept
content-length
114
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 13:03:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"d4-581da489b24e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000
content-type
image/webp
cache-control
max-age=2678400, public
accept-ranges
bytes
cf-ray
4d4fcb9a5cb8c2d6-FRA
expires
Sun, 09 Jun 2019 03:21:52 GMT
book-now.png
www.twahotel.com/themes/custom/twa_hotel/assets/images/button/ 		530 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.twahotel.com/themes/custom/twa_hotel/assets/images/button/book-now.png
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c785a8c409399ede9878f2bd5701986e8aedc1a9e966fc76cb3b5b7e1e6af97d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=2876
status
200
content-disposition
inline; filename="book-now.webp"
cf-bgj
imgq:85
vary
Accept
content-length
530
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 16:56:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"b3c-581dd8bbd1177"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000
content-type
image/webp
cache-control
max-age=2678400, public
accept-ranges
bytes
cf-ray
4d4fcb9a5cbac2d6-FRA
expires
Mon, 27 May 2019 20:16:06 GMT
Neutra2Display-Medium-Lining.woff2
www.twahotel.com/themes/custom/twa_hotel/assets/fonts/neutraface/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.twahotel.com/themes/custom/twa_hotel/assets/fonts/neutraface/Neutra2Display-Medium-Lining.woff2
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d047490ece5b1deb1d2a1c0915513af862fbff264bf631ca800181db7c0a292
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Origin
https://www.twahotel.com

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=63072000
content-length
63956
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 13:03:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"f9d4-581da489aa7e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
4d4fcb9a6cc6c2d6-FRA
expires
Mon, 27 May 2019 20:16:06 GMT
NeutrafaceText-Demi_Alt.woff2
www.twahotel.com/themes/custom/twa_hotel/assets/fonts/neutraface/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.twahotel.com/themes/custom/twa_hotel/assets/fonts/neutraface/NeutrafaceText-Demi_Alt.woff2
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
270c5b097f298a192c47669e0e2c5428355b25ec44867795badc1aa8db8c056a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Origin
https://www.twahotel.com

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=63072000
content-length
71536
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 13:03:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"11770-581da489b20fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
4d4fcb9a6cc7c2d6-FRA
expires
Mon, 27 May 2019 20:16:06 GMT
flight_center_gothic-webfont.woff2
www.twahotel.com/themes/custom/twa_hotel/assets/fonts/flight-center/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.twahotel.com/themes/custom/twa_hotel/assets/fonts/flight-center/flight_center_gothic-webfont.woff2
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
74e9b43b54aab067bdcef9be048ab1fe8e2321aeac50c421936f8798a4b99386
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Origin
https://www.twahotel.com

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=63072000
content-length
19408
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 13:03:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"4bd0-581da489a6d49"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
4d4fcb9a6cc9c2d6-FRA
expires
Mon, 27 May 2019 20:16:06 GMT
Neutra2Display-Bold.woff2
www.twahotel.com/themes/custom/twa_hotel/assets/fonts/neutraface/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.twahotel.com/themes/custom/twa_hotel/assets/fonts/neutraface/Neutra2Display-Bold.woff2
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc68449fcc0dc48118be4602ec241082c7f2afd656941195f02cfab8d3f64f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Origin
https://www.twahotel.com

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=63072000
content-length
73412
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 13:03:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"11ec4-581da489aa3fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
4d4fcb9a6ccac2d6-FRA
expires
Mon, 27 May 2019 20:16:06 GMT
fontawesome-webfont.woff2
www.twahotel.com/themes/custom/twa_hotel/assets/fonts/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.twahotel.com/themes/custom/twa_hotel/assets/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.twahotel.com/sites/default/files/css/css_jw0osh4X91TFY2Ve7oPRjYPSuJabLA1vH0bk7FltEg0.css?pql3ab
Origin
https://www.twahotel.com

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=63072000
content-length
77160
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 13:03:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"12d68-581da489a9071"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
4d4fcb9a6ccbc2d6-FRA
expires
Mon, 27 May 2019 20:16:06 GMT
js
www.googletagmanager.com/gtag/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCSX6BP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 -, , ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
93e4d29d37204b43d441472d3f8df61ad1a93d81d3b1932faa85ebdb145faf1a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:55 GMT
content-encoding
br
last-modified
Thu, 09 May 2019 21:48:29 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24983
x-xss-protection
0
expires
Fri, 10 May 2019 23:46:55 GMT
mt.js
fast.fonts.net/jsapi/core/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/jsapi/core/mt.js
Requested by
Host: fast.fonts.net
URL: https://fast.fonts.net/jsapi/fbab9ea0-e25c-4a78-9126-c9589b500881.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 -, , ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/418B) /
Resource Hash
52f7bff0ccdd80dc36d123955c81195ea7173af8eb7c5be8a863e8e0ecfd5954

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:56 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 06:54:19 GMT
server
ECS (fcn/418B)
access-control-allow-origin
*
etag
"3050505074"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
9413
expires
Fri, 17 May 2019 23:46:56 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e -, , ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
867
date
Fri, 10 May 2019 23:32:29 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Sat, 11 May 2019 01:32:29 GMT
twa-horizontal.png
www.twahotel.com/themes/custom/twa_hotel/assets/images/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.twahotel.com/themes/custom/twa_hotel/assets/images/logos/twa-horizontal.png
Requested by
Host: fast.fonts.net
URL: https://fast.fonts.net/jsapi/core/mt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56c -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b13f162f34431b42913cd31c3315c8c6bf94140be4e5d704fb6844da20eec3f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.twahotel.com/sites/default/files/css/css_jw0osh4X91TFY2Ve7oPRjYPSuJabLA1vH0bk7FltEg0.css?pql3ab
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=5468
status
200
content-disposition
inline; filename="twa-horizontal.webp"
cf-bgj
imgq:85
vary
Accept
content-length
4132
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 13:03:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"155c-581da489b28cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000
content-type
image/webp
cache-control
max-age=2678400, public
accept-ranges
bytes
cf-ray
4d4fcb9cb99cc2d6-FRA
expires
Mon, 27 May 2019 20:00:20 GMT
1.css
fast.fonts.net/t/ 		0
109 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/t/1.css?apiType=js&projectid=fbab9ea0-e25c-4a78-9126-c9589b500881
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 -, , ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AE) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:56 GMT
last-modified
Wed, 21 Feb 2018 12:55:22 GMT
server
ECS (fcn/41AE)
access-control-allow-origin
*
etag
"616070693"
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=0
accept-ranges
bytes
content-length
0
expires
Fri, 10 May 2019 23:46:56 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1063879215&t=pageview&_s=1&dl=https%3A%2F%2Fwww.twahotel.com%2F%3Futm_medium%3Demail%26utm_source%3Dcendyn%26utm_campaign%3Dair_wear%26utm_co...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56807821-9&cid=881116085.1557532016&jid=414620004&_gid=470449247.1557532016&gjid=1093040589&_v=j73&z=572427696
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56807821-9&cid=881116085.1557532016&jid=414620004&_gid=470449247.1557532016&gjid=1093040589&_v=j73&z=572427696
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c -, , ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Fri, 10 May 2019 23:46:56 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 May 2019 23:46:56 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56807821-9&cid=881116085.1557532016&jid=414620004&_gid=470449247.1557532016&gjid=1093040589&_v=j73&z=572427696
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1118.min.js
js-agent.newrelic.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1118.min.js
Requested by
Host: www.twahotel.com
URL: https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.110 -, , ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3622d2041fd2390dd10eb9832096e4b89d1b925565650f004aea76adbd54f5f0

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 23:46:56 GMT
content-encoding
gzip
x-amz-request-id
7429231C32B09054
x-cache
HIT
status
200
content-length
9288
x-amz-id-2
DSE/JvhT4QvObLHgH80fHvU/numSTuSuI9aFyf67fj7IP5z7RCF5g/NxZgTmYA5p5BDIf4eZXEo=
x-served-by
cache-hhn1522-HHN
last-modified
Wed, 02 Jan 2019 18:42:29 GMT
server
AmazonS3
x-timer
S1557532016.212872,VS0,VE0
etag
"bc81ced41f6342ffafc5ff34bc0fc8f7"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1414
a4cbdbcc8c
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/a4cbdbcc8c?a=282275545,281168546,281164529&v=1118.0c07c19&to=MwBWMEAAC0FRV0wMWApKdQdGCApcH0RZAlI7BlUHWgQ%3D&rst=1691&ref=https://www.twahotel.com/&ap=35&be=1163&fe=1662&dc=1560&perf=%7B%22timing%22:%7B%22of%22:1557532014537,%22n%22:0,%22f%22:750,%22dn%22:750,%22dne%22:750,%22c%22:750,%22ce%22:750,%22rq%22:750,%22rp%22:1156,%22rpe%22:1157,%22dl%22:1158,%22di%22:1560,%22ds%22:1560,%22de%22:1566,%22dc%22:1662,%22l%22:1662,%22le%22:1664%7D,%22navigation%22:%7B%7D%7D&at=H0dVRggaGE8%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1118.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 -, , ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://www.twahotel.com/?utm_medium=email&utm_source=cendyn&utm_campaign=air_wear&utm_content=image
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| NREUM object| newrelic function| __nr_require object| dataLayer object| google_tag_manager function| _verb_listen function| _gtm_dlPush object| Util function| _createClass function| _classCallCheck function| Dropdown object| VERB function| domready undefined| $ function| jQuery object| drupalSettings object| Drupal object| MonoTypeWebFonts function| mti_loadScript function| _toConsumableArray function| verbgtag string| GoogleAnalyticsObject function| ga object| mti object| mti_element_cache object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.twahotel.com/ Name: _gat_gtag_UA_56807821_9
Value: 1
.twahotel.com/ Name: _gid
Value: GA1.2.470449247.1557532016
.twahotel.com/ Name: _ga
Value: GA1.2.881116085.1557532016
.twahotel.com/ Name: __cfduid
Value: d7d2c015008b2ee8231d37b93d68d3ad11557532014

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
fast.fonts.net
js-agent.newrelic.com
mclinks.info.twahotel.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.twahotel.com
151.101.2.110
162.247.242.20
2606:2800:234:660:118e:28f:1d8a:2522
2606:4700:20::681a:56c
2a00:1450:4001:808::200e
2a00:1450:4001:824::2008
2a00:1450:400c:c08::9c
35.190.70.47
0c279d2552cc8c5e54d78330cb3ed2eaf0c997289a7c354b9050ff20933fcb97
132526e191b666cca9f8469893cd19e813143f6a4288b75905062ca8b4235c1e
22292a118e6745905f6627fd6ee98e2c9a7b62c830d132b907f3bf68662579e7
255ee10feee85a029a437f9eb782160b6762f239f0ab321d5ea371816c4a8694
270c5b097f298a192c47669e0e2c5428355b25ec44867795badc1aa8db8c056a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bc68449fcc0dc48118be4602ec241082c7f2afd656941195f02cfab8d3f64f7
3622d2041fd2390dd10eb9832096e4b89d1b925565650f004aea76adbd54f5f0
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
52f7bff0ccdd80dc36d123955c81195ea7173af8eb7c5be8a863e8e0ecfd5954
5f054935520239dbd07dd5a242b4a46ed405b750738275f555f80e31343904d0
609cebf292ed304c4c54b0e493d356cb18b1a7abe76b8960a6a0976398b794b4
68cceb824488dfed71ca47c52e985ede1d02472185b77b70062347d57e3d455c
6b13f162f34431b42913cd31c3315c8c6bf94140be4e5d704fb6844da20eec3f
6b85fa91ae2e5dbb7d3971c39b52491ad1bde0991407192f62e822ba3152b27b
74e9b43b54aab067bdcef9be048ab1fe8e2321aeac50c421936f8798a4b99386
7d047490ece5b1deb1d2a1c0915513af862fbff264bf631ca800181db7c0a292
831fc0db1ff8a303e4aed16b2fa1999927122e3ff41792791744e5233d7eb980
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88e6d93e4465ecdebe89520fc604bbb7871298f5a9df350567d836cb6e830342
93e4d29d37204b43d441472d3f8df61ad1a93d81d3b1932faa85ebdb145faf1a
9584b039810094e26dc496a200210de7a5d92a34825f08c97da155b270077977
c785a8c409399ede9878f2bd5701986e8aedc1a9e966fc76cb3b5b7e1e6af97d
c986ba7a8fabf9b2f188e593be5d6f74f19a844766432fc8816892809d0ac38b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f9cd03a807b6b29bee4063e6a3a56f2c49bfab0ef8e41538d5685739863e715d
fe35c5cb0155086389190904a75ea9e2bfed98292a8a8ac8d6b87b1ecffeb27d