chwplan.com Open in urlscan Pro
146.20.84.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://chwplan.com/a/a8/index.php
Effective URL:
https://chwplan.com/a/a8/index.php
Submission: On September 25 via manual (September 25th 2018, 11:01:55 pm UTC) from US

Summary HTTP 62 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 21 domains to perform 62 HTTP transactions. The main IP is 146.20.84.216, located in San Antonio, United States and belongs to RACKSPACE - Rackspace Hosting, US. The main domain is chwplan.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on April 24th 2018. Valid for: 2 years.

This is the only time chwplan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	146.20.84.216 146.20.84.216	27357 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:e980:25::28 2a02:e980:25::28	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
1 2	54.225.138.195 54.225.138.195	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	54.230.95.59 54.230.95.59	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	143.204.93.157 143.204.93.157	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:400f:809::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	52.85.185.184 52.85.185.184	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	108.177.126.156 108.177.126.156	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	54.229.35.49 54.229.35.49	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.85.188.37 52.85.188.37	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	178.250.0.82 178.250.0.82	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.79 74.119.119.79	19750 (AS-CRITEO) (AS-CRITEO - Criteo Corp.)
2	54.84.143.179 54.84.143.179	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	54.225.172.14 54.225.172.14	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	74.119.119.84 74.119.119.84	19750 (AS-CRITEO) (AS-CRITEO - Criteo Corp.)
1	52.45.198.43 52.45.198.43	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
6	143.204.98.192 143.204.98.192	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.216.21.237 52.216.21.237	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	107.22.10.76 107.22.10.76	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
4	143.204.98.179 143.204.98.179	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	52.216.165.181 52.216.165.181	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
62	31

9 146.20.84.216 (San Antonio, United States) 1 redirects

ASN27357 (RACKSPACE - Rackspace Hosting, US)

chwplan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.chwplan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:e980:25::28 (Israel)

ASN19551 (INCAPSULA - Incapsula Inc, US)

www.chwplans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.225.138.195 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-225-138-195.compute-1.amazonaws.com

rdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.95.59 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-59.fra2.r.cloudfront.net

cdn.datasteam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.157 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-93-157.fra50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:809::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.79.197.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.185.184 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-185-184.fra2.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.126.156 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.35.49 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-35-49.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.188.37 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-188-37.fra2.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.82 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: sslwidget.criteo.com

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.79 (Palo Alto, United States)

ASN19750 (AS-CRITEO - Criteo Corp., US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.143.179 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-84-143-179.compute-1.amazonaws.com

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sca1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.225.172.14 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-225-172-14.compute-1.amazonaws.com

vagnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.84 (Palo Alto, United States)

ASN19750 (AS-CRITEO - Criteo Corp., US)

dis.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.198.43 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-45-198-43.compute-1.amazonaws.com

api.datasteam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.98.192 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-192.fra50.r.cloudfront.net

d1wnfwven39x82.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.21.237 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.22.10.76 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-22-10-76.compute-1.amazonaws.com

prf.vagnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.179 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-179.fra50.r.cloudfront.net

d1wnfwven39x82.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.216.165.181 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	cloudfront.net d1eoo1tco6rr5e.cloudfront.net d1wnfwven39x82.cloudfront.net	31 KB
9	chwplan.com 1 redirects chwplan.com www.chwplan.com	275 KB
5	amazonaws.com s3.amazonaws.com	166 KB
5	vagnt.com vagnt.com prf.vagnt.com	2 KB
4	google-analytics.com www.google-analytics.com ssl.google-analytics.com	33 KB
3	criteo.com 1 redirects sslwidget.criteo.com widget.us.criteo.com dis.us.criteo.com	2 KB
3	listrakbi.com cdn.listrakbi.com s1.listrakbi.com sca1.listrakbi.com	21 KB
3	doubleclick.net googleads.g.doubleclick.net bid.g.doubleclick.net	2 KB
3	adsrvr.org 1 redirects js.adsrvr.org insight.adsrvr.org	4 KB
2	bing.com bat.bing.com	7 KB
2	facebook.net connect.facebook.net	22 KB
2	google.de www.google.de	218 B
2	google.com www.google.com	236 B
2	googleadservices.com www.googleadservices.com	16 KB
2	datasteam.io cdn.datasteam.io api.datasteam.io	24 KB
2	rdcdn.com 1 redirects rdcdn.com	715 B
2	googletagmanager.com www.googletagmanager.com	55 KB
1	facebook.com www.facebook.com	295 B
1	criteo.net static.criteo.net	8 KB
1	chwplans.com www.chwplans.com	42 KB
0	agkn.com Failed aa.agkn.com Failed
62	21

	Domain	Requested by
10	d1wnfwven39x82.cloudfront.net	vagnt.com d1wnfwven39x82.cloudfront.net
6	chwplan.com	1 redirects chwplan.com
5	s3.amazonaws.com	d1wnfwven39x82.cloudfront.net
3	vagnt.com	chwplan.com d1wnfwven39x82.cloudfront.net
3	www.chwplan.com	chwplan.com
2	prf.vagnt.com	d1wnfwven39x82.cloudfront.net
2	insight.adsrvr.org	1 redirects js.adsrvr.org
2	bat.bing.com	chwplan.com
2	connect.facebook.net	chwplan.com connect.facebook.net
2	www.google.de	chwplan.com
2	www.google.com	chwplan.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	ssl.google-analytics.com	chwplan.com
2	www.google-analytics.com	www.googletagmanager.com chwplan.com
2	www.googleadservices.com	chwplan.com www.googletagmanager.com
2	rdcdn.com	1 redirects chwplan.com
2	www.googletagmanager.com	chwplan.com
1	api.datasteam.io	cdn.datasteam.io
1	dis.us.criteo.com	static.criteo.net
1	sca1.listrakbi.com	chwplan.com
1	www.facebook.com	chwplan.com
1	s1.listrakbi.com	cdn.listrakbi.com
1	widget.us.criteo.com	chwplan.com
1	sslwidget.criteo.com	1 redirects
1	d1eoo1tco6rr5e.cloudfront.net	chwplan.com
1	bid.g.doubleclick.net	www.googleadservices.com
1	cdn.listrakbi.com	chwplan.com
1	js.adsrvr.org	chwplan.com
1	static.criteo.net	chwplan.com
1	cdn.datasteam.io	chwplan.com
1	www.chwplans.com	chwplan.com
0	aa.agkn.com Failed
62	32

This site contains links to these domains. Also see Links.

Domain
www.choicehomewarranty.com

Subject Issuer	Validity	Valid
*.chwplan.com RapidSSL RSA CA 2018	`2018-04-24` - `2020-05-15`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-09-11` - `2018-12-04`	3 months	crt.sh
incapsula.com GlobalSign CloudSSL CA - SHA256 - G3	`2018-03-09` - `2019-02-07`	a year	crt.sh
rdcdn.com Amazon	`2018-05-08` - `2019-06-08`	a year	crt.sh
cdn.datasteam.io Amazon	`2018-02-14` - `2019-03-14`	a year	crt.sh
*.criteo.net DigiCert SHA2 Secure Server CA	`2017-11-21` - `2018-11-26`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2017-02-15` - `2019-04-19`	2 years	crt.sh
www.googleadservices.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-09-11` - `2018-12-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 5	`2017-07-20` - `2019-07-10`	2 years	crt.sh
*.listrakbi.com Amazon	`2018-02-22` - `2019-03-22`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2017-11-22` - `2018-11-21`	a year	crt.sh
*.us.criteo.com DigiCert SHA2 Secure Server CA	`2017-11-21` - `2018-11-26`	a year	crt.sh
vagnt.com Thawte RSA CA 2018	`2018-06-08` - `2018-10-26`	5 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-08-02` - `2019-10-25`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://chwplan.com/a/a8/index.php
Frame ID: 6DA54D35663DDA1207928C9FCC5947B2
Requests: 60 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 5CB8213050C2F2512DD11CA91D3ED3B9
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/zl9kfqh1/pd2ov1h2/iframe
Frame ID: 7C4FF73C40BAB9F53EC3AB47E65F8F94
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=zl9kfqh1&ref=https%3A%2F%2Fchwplan.com%2Fa%2Fa8%2Findex.php%3F&upid=7h0r1mr&osi=639c26af03a5446c3a3acd09b20132f9&osv=1.1&upv=1.1.3
Frame ID: 2012740089C83511772921BDCB841F30
Requests: 1 HTTP requests in this frame

Frame: https://dis.us.criteo.com/dis/dis.aspx?p=49176&cb=97281591477&ref=&sc_r=1600x1200&sc_d=24
Frame ID: C7AFF5900C6FE61909CE33767535757B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://chwplan.com/a/a8/index.php HTTP 301
https://chwplan.com/a/a8/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^criteo/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

62
Requests

98 %
HTTPS

29 %
IPv6

21
Domains

32
Subdomains

31
IPs

4
Countries

711 kB
Transfer

1408 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.choicehomewarranty.com/user_agreement_.php
Title: Click Here

Search URL Search Domain Scan URL

URL: https://www.choicehomewarranty.com/privacy_policy_.php
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://chwplan.com/a/a8/index.php HTTP 301
https://chwplan.com/a/a8/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://rdcdn.com/rt?aid=1223&e=1&img=1 HTTP 302
https://rdcdn.com/images/blank.gif

Request Chain 28

https://insight.adsrvr.org/tags/zl9kfqh1/pd2ov1h2/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/zl9kfqh1/pd2ov1h2/iframe

Request Chain 29

https://sslwidget.criteo.com/event?a=49176&v=4.8.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=8eaae0b4-86db-4a05-a072-76bfabf24539&tld=chwplan.com&dtycbr=89475 HTTP 302
https://widget.us.criteo.com/event?a=49176&v=4.8.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=8eaae0b4-86db-4a05-a072-76bfabf24539&tld=chwplan.com&dtycbr=89475

Request Chain 40

https://adadvisor.net/adscores/g.jsonp?sid=9202274878&userid=B7CC46-9BCD8AF7-6E68-4C2E-8CE9-CEAF94EE1C29 HTTP 302
https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=B7CC46-9BCD8AF7-6E68-4C2E-8CE9-CEAF94EE1C29&&bounced=1

62 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set index.php Show response
chwplan.com/a/a8/
Redirect Chain

http://chwplan.com/a/a8/index.php?
https://chwplan.com/a/a8/index.php?

15 KB
5 KB

567ms
148ms

Document
text/html

146.20.84.216
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: 56e06f4c23f951f4694a6a483c91498110147ad691fba37f849b180244b7cd6a

Request headers

Host: chwplan.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Cookie: ServerID=1024
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Set-Cookie: ServerID=1025; path=/
Date: Tue, 25 Sep 2018 23:01:42 GMT
Server: Apache
Cache-Control: max-age=604800
Expires: Tue, 02 Oct 2018 23:01:42 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5275
Keep-Alive: timeout=15, max=120
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Set-Cookie: ServerID=1024; path=/
Date: Tue, 25 Sep 2018 23:01:42 GMT
Server: Apache
Location: https://chwplan.com/a/a8/index.php?
Cache-Control: max-age=604800
Expires: Tue, 02 Oct 2018 23:01:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 203
Keep-Alive: timeout=15, max=120
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
S 200 js Show response
www.googletagmanager.com/gtag/ 77 KB
28 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:812::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6898183-1

Requested by

Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:812::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

8eb44a97978fe59831d545e1e73e88bf61a16ab121443644a528a1ca2b5b27a0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 25 Sep 2018 23:01:42 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28172
x-xss-protection: 1; mode=block
expires: Tue, 25 Sep 2018 23:01:42 GMT

GET
S 200 js Show response
www.googletagmanager.com/gtag/ 77 KB
28 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:812::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1038983633

Requested by

Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:812::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

303792755b365d1fb1d34ac65d4d6ef5773861a44a8418f0cc1ee294a88b855b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 25 Sep 2018 23:01:42 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28173
x-xss-protection: 1; mode=block
expires: Tue, 25 Sep 2018 23:01:42 GMT

GET
H/1.1 200
OK Cookie set style.css
chwplan.com/a/a8/css/ 612 B
797 B 100ms
99ms Stylesheet
text/css 146.20.84.216
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://chwplan.com/a/a8/css/style.css
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: 08e366416a9f024d76698e42a77cdc9e3c050d7fbc323a07bf12fa130e8f11dd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: chwplan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://chwplan.com/a/a8/index.php?
Cookie: ServerID=1025
Connection: keep-alive
Cache-Control: no-cache
Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 25 Sep 2018 23:01:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "4418b2-264-568e178501dc0"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Set-Cookie: ServerID=1025; path=/
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=119
Content-Length: 357
Expires: Tue, 02 Oct 2018 23:01:42 GMT

GET
S 200 jquery.js Show response
www.chwplans.com/ 146 KB
42 KB 61ms
14ms Script
text/javascript 2a02:e980:25::28
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chwplans.com/jquery.js
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:e980:25::28 , Israel, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 6c82c413c824d6e39062aa3e29825179ae6cfc4f48bc6a14deb3fe6d4b7be415

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 25 Sep 2018 23:01:42 GMT
content-encoding: gzip
last-modified: Mon, 02 Apr 2018 18:08:01 GMT
x-cdn: Incapsula
etag: "3c1397-4508e-568e1786ea240"
content-type: text/javascript
status: 200
x-iinfo: 12-3170200-0 0CNN RT(1537916502063 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=518815, public
content-length: 42101
expires: Mon, 01 Oct 2018 23:08:37 GMT

GET
H/1.1 200
OK Cookie set BUTTON.png
chwplan.com/a/a8/img/ 4 KB
4 KB 102ms
100ms Image
image/png 146.20.84.216
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwplan.com/a/a8/img/BUTTON.png
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: 8fea23df1aaf7f782769f93d1348bca269bbabc9c61335eed561c644b5d0dfa7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: chwplan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://chwplan.com/a/a8/index.php?
Cookie: ServerID=1025
Connection: keep-alive
Cache-Control: no-cache
Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 25 Sep 2018 23:01:43 GMT
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "460326-e00-568e178501dc0"
Content-Type: image/png
Set-Cookie: ServerID=1025; path=/
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=118
Content-Length: 3584
Expires: Tue, 02 Oct 2018 23:01:43 GMT

GET
H/1.1 200
OK Cookie set Logo-Small.jpg
chwplan.com/a/a8/img/ 8 KB
8 KB 557ms
149ms Image
image/jpeg 146.20.84.216
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwplan.com/a/a8/img/Logo-Small.jpg
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: 85f7dd16945a1bfa1f09b78120688009b25b0c572792eead8cfc389e59627940

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: chwplan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://chwplan.com/a/a8/index.php?
Cookie: ServerID=1025
Connection: keep-alive
Cache-Control: no-cache
Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 25 Sep 2018 23:01:43 GMT
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "460327-1f32-568e178501dc0"
Content-Type: image/jpeg
Set-Cookie: ServerID=1025; path=/
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=120
Content-Length: 7986
Expires: Tue, 02 Oct 2018 23:01:43 GMT

GET
H/1.1 200
OK Cookie set jquery.min.js Show response
www.chwplan.com/jsinc/ 105 KB
37 KB 577ms
149ms Script
text/javascript 146.20.84.216
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chwplan.com/jsinc/jquery.min.js
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: fb05e40bf1ca9682c6736a1bfeff728cb405aa918ac36f2596539efc8a5a7a0a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.chwplan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://chwplan.com/a/a8/index.php?
Connection: keep-alive
Cache-Control: no-cache
Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 25 Sep 2018 23:01:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 18:08:00 GMT
Server: Apache
ETag: "3e153b-1a3bc-568e1785f6000"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Set-Cookie: ServerID=1025; path=/
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=120
Content-Length: 37083
Expires: Tue, 02 Oct 2018 23:01:43 GMT

GET
H/1.1 200
OK Cookie set jquery.validate.min.js Show response
www.chwplan.com/jsinc/ 22 KB
7 KB 583ms
149ms Script
text/javascript 146.20.84.216
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chwplan.com/jsinc/jquery.validate.min.js
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: ec206f320603391154a71449dc03d962f3265aa99b160f2b6f1f5619d9a1cfe5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.chwplan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://chwplan.com/a/a8/index.php?
Connection: keep-alive
Cache-Control: no-cache
Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 25 Sep 2018 23:01:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 18:08:00 GMT
Server: Apache
ETag: "3e153d-560e-568e1785f6000"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Set-Cookie: ServerID=1027; path=/
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=120
Content-Length: 7022
Expires: Tue, 02 Oct 2018 23:01:43 GMT

GET
H/1.1 200
OK Cookie set masked.min.js Show response
www.chwplan.com/jsinc/ 62 KB
19 KB 521ms
142ms Script
text/javascript 146.20.84.216
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chwplan.com/jsinc/masked.min.js
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: ee5e6f24e63a934667e065cf35fa4cdb9a1ec3391da17621c3994fdb63bb82ea

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.chwplan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://chwplan.com/a/a8/index.php?
Connection: keep-alive
Cache-Control: no-cache
Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 25 Sep 2018 23:01:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 18:08:00 GMT
Server: Apache
ETag: "3e1541-f85d-568e1785f6000"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Set-Cookie: ServerID=1025; path=/
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=120
Content-Length: 19485
Expires: Tue, 02 Oct 2018 23:01:43 GMT

GET
H/1.1

200
OK

blank.gif
rdcdn.com/images/
Redirect Chain

https://rdcdn.com/rt?aid=1223&e=1&img=1
https://rdcdn.com/images/blank.gif

42 B
354 B

98ms
98ms

Image
image/gif

54.225.138.195
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdcdn.com/images/blank.gif
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.138.195 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-225-138-195.compute-1.amazonaws.com
Software: Microsoft-IIS/8.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 25 Sep 2018 23:01:43 GMT
Last-Modified: Tue, 10 Jul 2018 15:22:25 GMT
Server: Microsoft-IIS/8.0
ETag: "89fb51ce6118d41:0"
P3P: CP="NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 42

Redirect headers

Date: Tue, 25 Sep 2018 23:01:43 GMT
X-AspNetMvc-Version: 4.0
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
P3P: CP="NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Location: https://rdcdn.com/images/blank.gif
Cache-Control: private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 151

GET
S 200 D24328ECFA2D48.js Show response
cdn.datasteam.io/js/ 69 KB
23 KB 463ms
401ms Script
application/x-javascript 54.230.95.59
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datasteam.io/js/D24328ECFA2D48.js
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.59 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bfb6f7daf791381c2693ae6e9eaa0271cc182afc65aae94f6bf180fa73fb94b

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Sep 2018 12:21:25 GMT
content-encoding: gzip
last-modified: Thu, 13 Sep 2018 16:45:13 GMT
server: AmazonS3
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-id: CYVhuoJkbDJQGSWAvUqBFkkfiTM-cbM8xQin9j_zS98cYUdq8VErfw==
via: 1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)

GET
H/1.1 200
OK ld.js Show response
static.criteo.net/js/ld/ 19 KB
8 KB 64ms
16ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9a2f715d69f39bb7e264e1d928e5e0ead15704d266a1e4a069b3117ff7bad234

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 25 Sep 2018 23:01:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Sep 2007 08:50:25 GMT
Server: nginx
ETag: W/"5b9676af-4a6e"
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Wed, 26 Sep 2018 23:01:43 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 10 KB
4 KB 38ms
7ms Script
application/x-javascript 143.204.93.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.93.157 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-93-157.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd338a175e4e81e2f44e03cd956e03b7a7619301ab1178b19e1311eacc414463

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 25 Jul 2018 16:53:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Jul 2018 16:06:43 GMT
Server: AmazonS3
Age: 21942
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: iJeahejrpRiCp3Bndhzfp6s-jOTF_EGb8Amc3UYnmZIlw6LPxr6sjg==

GET
S 200 conversion.js Show response
www.googleadservices.com/pagead/ 22 KB
8 KB 15ms
14ms Script
text/javascript 172.217.21.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

cafe /

Resource Hash

5405f630e75c11cd1381d0e3241ff0623a788de74f351ea848896c4bfd4e0b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 25 Sep 2018 23:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 8486
x-xss-protection: 1; mode=block
server: cafe
etag: 4170421555302457439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Sep 2018 23:01:43 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 39 KB
16 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6898183-1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Sep 2018 23:12:19 GMT
server: Golfe2
age: 4957
date: Tue, 25 Sep 2018 21:39:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 16173
expires: Tue, 25 Sep 2018 23:39:06 GMT

GET
S 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 21 KB
8 KB 16ms
15ms Script
text/javascript 172.217.21.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6898183-1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

cafe /

Resource Hash

b1924d2537a692c816bb6fe029a6e585257a9f9906ed6f1610f0393ba1829fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 25 Sep 2018 23:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 8195
x-xss-protection: 1; mode=block
server: cafe
etag: 13632106061124939940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Sep 2018 23:01:43 GMT

GET
H/1.1 200
OK Cookie set background.jpg
chwplan.com/a/a8/img/ 192 KB
192 KB 331ms
100ms Image
image/jpeg 146.20.84.216
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwplan.com/a/a8/img/background.jpg
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache /
Resource Hash: 639ff6ecc02ad47e1abbe54dc8727407f71bf5f250903bb60582e0bcd0efe6a9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: chwplan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://chwplan.com/a/a8/css/style.css
Cookie: ServerID=1025
Connection: keep-alive
Cache-Control: no-cache
Referer: https://chwplan.com/a/a8/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 25 Sep 2018 23:01:43 GMT
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "460329-30009-568e178501dc0"
Content-Type: image/jpeg
Set-Cookie: ServerID=1025; path=/
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=117
Content-Length: 196617
Expires: Tue, 02 Oct 2018 23:01:43 GMT

GET
S 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:810::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:810::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Sep 2018 23:12:19 GMT
server: Golfe2
age: 929
date: Tue, 25 Sep 2018 22:46:14 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17168
expires: Wed, 26 Sep 2018 00:46:14 GMT

GET
S 200 collect
www.google-analytics.com/r/ 35 B
110 B 14ms
13ms Image
image/gif 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j69&a=196486257&t=pageview&_s=1&dl=https%3A%2F%2Fchwplan.com%2Fa%2Fa8%2Findex.php&ul=en-us&de=UTF-8&dt=Choice%20Home%20Warranty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1162961148&gjid=1244858917&cid=2063501691.1537916503&tid=UA-6898183-1&_gid=1310433216.1537916503&_r=1&gtm=u9h&z=1686399207

Requested by

Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Sep 2018 23:01:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/ 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/?random=1537916503229&cv=9&fst=1537916503229&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=u9h&sendb=1&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa8%2Findex.php%3F&tiba=Choice%20Home%20Warranty&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

69c9452915bf657e65c1a6631ed2f605255c605635fc2a8988b355ceeb00f179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Sep 2018 23:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 972
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
199 B 13ms
13ms Image
image/gif 2a00:1450:4001:810::2008
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=556762122&utmhn=chwplan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Choice%20Home%20Warranty&utmhid=196486257&utmr=-&utmp=%2Fa%2Fa8%2Findex.php&utmht=1537916503240&utmac=UA-6898183-1&utmcc=__utma%3D136185571.2063501691.1537916503.1537916503.1537916503.1%3B%2B__utmz%3D136185571.1537916503.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1553648515&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:810::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Sep 2018 23:01:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.google.com/pagead/1p-user-list/1038983633/ 42 B
118 B 52ms
52ms Image
image/gif 2a00:1450:400f:809::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1038983633/?random=1537916503229&cv=9&fst=1537916400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=u9h&sendb=1&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa8%2Findex.php%3F&tiba=Choice%20Home%20Warranty&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=3328231088&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400f:809::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Sep 2018 23:01:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.google.de/pagead/1p-user-list/1038983633/ 42 B
109 B 21ms
21ms Image
image/gif 2a00:1450:4001:812::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1038983633/?random=1537916503229&cv=9&fst=1537916400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=u9h&sendb=1&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa8%2Findex.php%3F&tiba=Choice%20Home%20Warranty&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=3328231088&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Sep 2018 23:01:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 fbevents.js Show response
connect.facebook.net/en_US/ 45 KB
15 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

5e4fb5563218c9d2c6548a50764e052853fe611f3bd3e9e6b353c079a16b618f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 14117
x-xss-protection: 0
pragma: public
x-fb-debug: ufl5pvUYYbGCI3n2AHmiilnN8rGm4rwvN5vzbaowcin14XFOmu0+6znrvjcjsYSNw226mCd/Cpc2FswJz0oJDQ==
x-frame-options: DENY
date: Tue, 25 Sep 2018 23:01:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 bat.js Show response
bat.bing.com/ 22 KB
7 KB 58ms
30ms Script
application/javascript 204.79.197.200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: 3a9b1aaf047d7ab5119bb338a86bee9788c4e79392d4abb12408d62bec6e86fb

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 25 Sep 2018 23:01:43 GMT
content-encoding: gzip
last-modified: Thu, 26 Jul 2018 13:15:21 GMT
x-msedge-ref: Ref A: D4ECCE87E3EF4348964A88B2DD88E92B Ref B: FRAEDGE0419 Ref C: 2018-09-25T23:01:43Z
status: 200
etag: "80ba7eb4e224d41:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7020

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 61 KB
20 KB 62ms
16ms Script
text/javascript 52.85.185.184
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.185.184 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-185-184.fra2.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6f2194419f3221f6eddb9cb96913239c124ff9a0fde9ef2f3f93e8ead4a50cf0

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 22 Aug 2018 12:59:10 GMT
Content-Encoding: gzip
X-AspNet-Version: 4.0.30319
Age: 31
X-Powered-By: ASP.NET
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 19301
Last-Modified: Tue, 14 Aug 2018 15:55:25 GMT
Server: Microsoft-IIS/8.5
X-ltk: 8/22/2018 8:59:11 AM
ETag: "UxFKCdA6uz0/WqzHi8HDrg=="
Vary: Accept-encoding
Content-Type: text/javascript
Via: 1.1 5954578e851092964f39f2f5f0596950.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600, no-cache="set-cookie"
Accept-Ranges: bytes
X-Amz-Cf-Id: xBy-EEswQHy6lYir5-9-oZmegXCRbqlBb7GrG9kk41tnoLuk7nHKnw==
Expires: Wed, 22 Aug 2018 13:59:11 GMT

GET
S 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/ 2 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/?random=1537916503901&cv=9&fst=1537916503901&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa8%2Findex.php%3F&tiba=Choice%20Home%20Warranty&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

da3a8ee6b0a3a2a4bb422a861c26c4cd967da682d04c9bb33aae0616af70a4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Sep 2018 23:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 945
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
bid.g.doubleclick.net/xbbe/ Frame 5CB8 0
0 50ms
19ms Document
text/html 108.177.126.156
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

108.177.126.156 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: bid.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=KAE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://chwplan.com/a/a8/index.php?
accept-encoding: gzip, deflate
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chwplan.com/a/a8/index.php?

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 25 Sep 2018 23:01:43 GMT
server: cafe
content-length: 0
x-xss-protection: 1; mode=block
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUnfmM2P5Dm7qpSz4tp_gbTCODV3QiOaY4DDBCYGv9I2SNusdr7xyYS4tW3I; expires=Thu, 24-Sep-2020 23:01:43 GMT; path=/; domain=.doubleclick.net; HttpOnly
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
expires: Tue, 25 Sep 2018 23:01:43 GMT
cache-control: private

GET
H/1.1

200
OK

iframe
d1eoo1tco6rr5e.cloudfront.net/zl9kfqh1/pd2ov1h2/ Frame 7C4F
Redirect Chain

https://insight.adsrvr.org/tags/zl9kfqh1/pd2ov1h2/iframe
https://d1eoo1tco6rr5e.cloudfront.net/zl9kfqh1/pd2ov1h2/iframe

0
0

24ms
7ms

Document
text/html

52.85.188.37
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/zl9kfqh1/pd2ov1h2/iframe
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.188.37 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-188-37.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: d1eoo1tco6rr5e.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://chwplan.com/a/a8/index.php?
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chwplan.com/a/a8/index.php?

Response headers

Content-Type: text/html
Content-Length: 135
Connection: keep-alive
Date: Wed, 06 Dec 2017 07:12:03 GMT
Last-Modified: Wed, 30 Oct 2013 19:09:20 GMT
ETag: "4132126ad99223740c7569ea79a38c21"
Accept-Ranges: bytes
Server: AmazonS3
Age: 6070
X-Cache: Hit from cloudfront
Via: 1.1 143574384d395dec5e078f9c0bab3391.cloudfront.net (CloudFront)
X-Amz-Cf-Id: NmzV8XMcH9fFRDMuzbjdUlNqjT48RnZsMSwdKpn-xZjdMdemcdaC3g==

Redirect headers

status: 303
date: Tue, 25 Sep 2018 23:01:43 GMT
content-type: text/html; charset=UTF-8
content-length: 185
location: https://d1eoo1tco6rr5e.cloudfront.net/zl9kfqh1/pd2ov1h2/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H/1.1

200
OK

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=49176&v=4.8.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=8eaae0b4-86db-4a05-a072-76bfabf24539&tld=chwplan.com&dtycbr=89475
https://widget.us.criteo.com/event?a=49176&v=4.8.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=8eaae0b4-86db-4a05-a072-76bfabf24539&tld=chwplan.com&dtycbr=89475

995 B
1 KB

463ms
139ms

Script
application/x-javascript

74.119.119.79
Criteo Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=49176&v=4.8.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=8eaae0b4-86db-4a05-a072-76bfabf24539&tld=chwplan.com&dtycbr=89475
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 74.119.119.79 Palo Alto, United States, ASN19750 (AS-CRITEO - Criteo Corp., US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bb2335a018a13833cdfff11b15bb4418de8d86b3545f8fb49a2b8c605824dca8

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Sep 2018 23:01:43 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Timing-Allow-Origin: *
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: NON DSP COR CURa PSA PSD OUR BUS NAV STA
Cache-Control: private
Content-Type: application/x-javascript
Content-Length: 729
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 25 Sep 2018 23:01:43 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: text/html
Location: https://widget.us.criteo.com/event?a=49176&v=4.8.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&lwid=8eaae0b4-86db-4a05-a072-76bfabf24539&tld=chwplan.com&dtycbr=89475
Cache-Control: private
Timing-Allow-Origin: *
Content-Length: 0
Expires: 0

GET
S 200 1374492936214348 Show response
connect.facebook.net/signals/config/ 20 KB
7 KB 33ms
31ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1374492936214348?v=2.8.30&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

0a30b00ee07b9ecc741b4e9e67b48e4e785ab7f1aa8382c70b0c99208ce74080

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: rKh1hkuJEbxa+0znQAKKsoQWBXn2cwrYqMXThicg3vB1XN7ImcYzpNRN9OonIHRREztxjhMadDmn69wplkIqXQ==
x-frame-options: DENY
date: Tue, 25 Sep 2018 23:01:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 /
www.google.com/pagead/1p-user-list/1038983633/ 42 B
118 B 52ms
51ms Image
image/gif 2a00:1450:400f:809::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1038983633/?random=1537916503901&cv=9&fst=1537916400000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa8%2Findex.php%3F&tiba=Choice%20Home%20Warranty&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=4265915260&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400f:809::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Sep 2018 23:01:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.google.de/pagead/1p-user-list/1038983633/ 42 B
109 B 22ms
21ms Image
image/gif 2a00:1450:4001:812::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1038983633/?random=1537916503901&cv=9&fst=1537916400000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa8%2Findex.php%3F&tiba=Choice%20Home%20Warranty&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=4265915260&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Sep 2018 23:01:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 204 0
bat.bing.com/action/ 0
148 B 31ms
30ms Image
text/plain 204.79.197.200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5223598&Ver=2&mid=883edd20-3611-c219-aa30-c56b105e3eea&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Choice%20Home%20Warranty&p=https%3A%2F%2Fchwplan.com%2Fa%2Fa8%2Findex.php%3F&r=&lt=1828&evt=pageLoad&msclkid=N&rn=223180
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 25 Sep 2018 23:01:43 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: F5C3CCB16AAE4242AF011D6E22582F30 Ref B: FRAEDGE0419 Ref C: 2018-09-25T23:01:43Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getIds Show response
s1.listrakbi.com/3QgckfkNYGiq/session/ 175 B
1 KB 463ms
101ms Script
application/x-javascript 54.84.143.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/3QgckfkNYGiq/session/getIds?callback=ltkCallback9977&gsid=&_sid=&_tid=564543&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.143.179 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-84-143-179.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b990f2dbd34cecb1b3a8519b9072775aa8bc1782fc63cab96342b02a83610862

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Sep 2018 23:01:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control: no-cache, no-cache="set-cookie"
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 175
Expires: -1

GET
S 200 /
www.facebook.com/tr/ 44 B
295 B 18ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1374492936214348&ev=PageView&dl=https%3A%2F%2Fchwplan.com%2Fa%2Fa8%2Findex.php%3F&rl=&if=false&ts=1537916503984&sw=1600&sh=1200&v=2.8.30&r=stable&ec=0&o=28&it=1537916503942&coo=false
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 25 Sep 2018 23:01:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 25 Sep 2018 23:01:43 GMT

GET
H/1.1 200
OK update
sca1.listrakbi.com/3QgckfkNYGiq/cart/ 44 B
610 B 421ms
101ms Image
image/gif 54.84.143.179
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sca1.listrakbi.com/3QgckfkNYGiq/cart/update?gsid=27e27b2b-2444-4fe9-b58b-ce1c1032cb7e&_sid=7bce1a89-1e2d-42f6-a44e-33e838b19d42&_tid=564543&_uid=62AE1222-2D3E-4EAB-A4FA-E2550B03B14A&s_0=warranty-quote&q_0=1&p_0=1.00&n_0=Warranty%20Quote
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.143.179 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-84-143-179.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 25 Sep 2018 23:01:44 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control: no-cache, no-cache="set-cookie"
Connection: keep-alive
Content-Type: image/gif
Content-Length: 44

GET
H/1.1 200
OK / Show response
vagnt.com/sd/ 275 B
574 B 518ms
107ms Script
text/plain 54.225.172.14
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vagnt.com/sd/?siteid=1550
Requested by: Host: chwplan.com
URL: https://chwplan.com/a/a8/index.php?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.172.14 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-225-172-14.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9962df56ce3d8582fd3c8a4d4b3ab77d862676bc284884054240b05a5f5d2fd6

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 25 Sep 2018 23:01:49 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, max-age=0
Connection: keep-alive
Content-Length: 275

GET
H2 200 up
insight.adsrvr.org/track/ Frame 2012 0
0 30ms
25ms Document
text/html 54.229.35.49
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=zl9kfqh1&ref=https%3A%2F%2Fchwplan.com%2Fa%2Fa8%2Findex.php%3F&upid=7h0r1mr&osi=639c26af03a5446c3a3acd09b20132f9&osv=1.1&upv=1.1.3
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.35.49 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-35-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=zl9kfqh1&ref=https%3A%2F%2Fchwplan.com%2Fa%2Fa8%2Findex.php%3F&upid=7h0r1mr&osi=639c26af03a5446c3a3acd09b20132f9&osv=1.1&upv=1.1.3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://chwplan.com/a/a8/index.php?
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chwplan.com/a/a8/index.php?

Response headers

status: 200
date: Tue, 25 Sep 2018 23:01:44 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK dis.aspx
dis.us.criteo.com/dis/ Frame C7AF 0
0 450ms
118ms Document
text/html 74.119.119.84
Criteo Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.us.criteo.com/dis/dis.aspx?p=49176&cb=97281591477&ref=&sc_r=1600x1200&sc_d=24
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 74.119.119.84 Palo Alto, United States, ASN19750 (AS-CRITEO - Criteo Corp., US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Host: dis.us.criteo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://chwplan.com/a/a8/index.php?
Accept-Encoding: gzip, deflate
Cookie: uid=85ec2234-bf91-4bfb-bc09-f410caacabc9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chwplan.com/a/a8/index.php?

Response headers

Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html
Content-Encoding: gzip
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
P3P: CP='CUR ADM OUR NOR STA NID'
Timing-Allow-Origin: *
X-Powered-By: ASP.NET
Date: Tue, 25 Sep 2018 23:01:45 GMT
Content-Length: 147

GET

g.jsonp
aa.agkn.com/adscores/
Redirect Chain

https://adadvisor.net/adscores/g.jsonp?sid=9202274878&userid=B7CC46-9BCD8AF7-6E68-4C2E-8CE9-CEAF94EE1C29
https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=B7CC46-9BCD8AF7-6E68-4C2E-8CE9-CEAF94EE1C29&&bounced=1

0
0

GET
H/1.1 200
OK 4328ECFA2D48 Show response
api.datasteam.io/v1/C/RawData/ 208 B
1 KB 403ms
97ms Script
application/x-javascript 52.45.198.43
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.datasteam.io/v1/C/RawData/4328ECFA2D48?v=9bcd8af7-6e68-4c2e-8ce9-ceaf94ee1c29&m=b8a97890-5b90-40c3-a47b-9ca5835df4d8&se=6049e9d0-7368-4657-a13c-9d384c5344cb&d=eyJ2IjoiOWJjZDhhZjctNmU2OC00YzJlLThjZTktY2VhZjk0ZWUxYzI5IiwibSI6ImI4YTk3ODkwLTViOTAtNDBjMy1hNDdiLTljYTU4MzVkZjRkOCIsImNzaSI6MzI0Nzc0NzkxMywic2UiOiI2MDQ5ZTlkMC03MzY4LTQ2NTctYTEzYy05ZDM4NGM1MzQ0Y2IiLCJuIjoxLCJwIjoiNmNiOTY4ZDEtOTIxZC00ODA5LWE2YjItMWFiYjYzNjY2MmFiIiwidSI6Imh0dHBzOi8vY2h3cGxhbi5jb20vYS9hOC9pbmRleC5waHA%2FIiwicG4iOiIvYS9hOC9pbmRleC5waHAiLCJ0IjoiQ2hvaWNlIEhvbWUgV2FycmFudHkiLCJjIjoiaHR0cHM6Ly9jaHdwbGFuLmNvbS9hL2E4L2luZGV4LnBocD8iLCJwciI6IkI3Q0M0NiIsInMiOjEsInZzIjoxLCJsIjoiUGFnZUxvYWQifQ%3D%3D&callback=cb48775b6a55d8e
Requested by: Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D24328ECFA2D48.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.198.43 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-45-198-43.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 85efb589056b36c50eb794b0a08b4b0645665661ac6d2e59546235064a2a021d

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 25 Sep 2018 23:01:43 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private
Connection: keep-alive
Content-Length: 298

GET
H/1.1 200
OK common.js Show response
d1wnfwven39x82.cloudfront.net/Scripts/ 13 KB
4 KB 50ms
6ms Script
application/javascript 143.204.98.192
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.0769091545006757
Requested by: Host: vagnt.com
URL: https://vagnt.com/sd/?siteid=1550
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.192 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-192.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 467f1cb419337380be980435f87d47ef7e54db3439735007a7dc5a0f29597a3a

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 31 Aug 2018 17:54:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Apr 2017 15:05:57 GMT
Server: AmazonS3
Age: 21488
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: null
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Amz-Cf-Id: qTMEjz3QBbXFamIB4ezPt1BlrhxD_VnoHzMKU7dToUvCYC36kDZVoA==

GET
H/1.1 200
OK 1550.js Show response
s3.amazonaws.com/chat.tsa/SiteSettings/ 1 KB
2 KB 402ms
107ms XHR
application/x-javascript 52.216.21.237
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/chat.tsa/SiteSettings/1550.js?rnd=0.6444104197955844
Requested by: Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.0769091545006757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.21.237 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3e21de5b03ac5e4068d896ba5c26554eed75a92babb676e8a4be5a33ae663894

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chwplan.com/a/a8/index.php?
Origin: https://chwplan.com

Response headers

Date: Tue, 25 Sep 2018 23:01:46 GMT
Last-Modified: Tue, 25 Sep 2018 07:06:12 GMT
Server: AmazonS3
x-amz-request-id: DAD36C9A86D175F1
ETag: "95bb295d842f071685da27689d806cc4"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
x-amz-version-id: null
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 1468
x-amz-id-2: Y1mp9DiquqmcXKEWA7PlBjysA8U1GnaJJ7J9a8t/1mzwO6+tsbF8FFCVWDgCCWtrScPm0P87efU=

OPTIONS
H/1.1 200
OK SitePerformance Show response
prf.vagnt.com/ 0
308 B 415ms
97ms XHR
text/plain 107.22.10.76
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://prf.vagnt.com/SitePerformance
Requested by: Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.0769091545006757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 107.22.10.76 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-107-22-10-76.compute-1.amazonaws.com
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://chwplan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Tue, 25 Sep 2018 23:01:45 GMT
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Headers: Content-Type, Accept
Content-Length: 0

GET
H/1.1 200
OK 2485.html Show response
s3.amazonaws.com/chat.tsa/Templates/ 102 KB
103 KB 109ms
108ms XHR
text/html 52.216.21.237
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/chat.tsa/Templates/2485.html?rnd=0.4423078740238957
Requested by: Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.0769091545006757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.21.237 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 585bb86f22e2bcc630611889e64567469fc60eedff980e25e6790720e72ead7f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://chwplan.com/a/a8/index.php?
Origin: https://chwplan.com

Response headers

Date: Tue, 25 Sep 2018 23:01:46 GMT
Last-Modified: Wed, 23 Nov 2016 15:43:18 GMT
Server: AmazonS3
x-amz-request-id: 714B77488EA435FB
ETag: "b5bfaa241d06f6c6c7a77c9a2c27bd4f"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
x-amz-version-id: null
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 104942
x-amz-id-2: oKWaxo9lFKzlwG3oqhf2GlsqYshZ8YaUSJBtY3ZQwofitaRXitwfYBxQNG1oD/7XqgDxsEfp13g=

GET
H/1.1 200
OK chatWindow.js Show response
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 17 KB
4 KB 370ms
369ms Script
application/javascript 143.204.98.192
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/chatWindow.js?rnd=0.7891052814473325
Requested by: Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.0769091545006757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.192 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-192.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13f2c49f1493c07c007460e06aeeadb0a7c87ff4d2d6135fecf0c444fb8ec18b

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 31 Aug 2018 19:42:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Jul 2018 13:56:59 GMT
Server: AmazonS3
Vary: Accept-Encoding
X-Cache: RefreshHit from cloudfront
x-amz-version-id: null
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Amz-Cf-Id: FzdQQPhTwRdgNAj6T5MDNhkLiaKpV3n1948_v7tdzOnZR99QSwmXJA==

GET
H/1.1 200
OK chat.js Show response
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 24 KB
7 KB 376ms
362ms Script
application/javascript 143.204.98.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/chat.js?rnd=0.9619172048326226
Requested by: Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.0769091545006757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.179 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fce75658febc8ea85270531789e279b124f581f44374241a9bec5bcfb431858

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 31 Aug 2018 19:42:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Mar 2018 11:25:13 GMT
Server: AmazonS3
Vary: Accept-Encoding
X-Cache: RefreshHit from cloudfront
x-amz-version-id: null
Via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Amz-Cf-Id: hilagK5dKnc2CkSu0HAnUSoxWiJIVMyWS-D9I2S0WXT631f3g-Y2lQ==

GET
H/1.1 200
OK cssFix.js Show response
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 905 B
1 KB 19ms
6ms Script
application/javascript 143.204.98.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/cssFix.js?rnd=0.6959089685406352
Requested by: Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.0769091545006757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.179 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf53413df26feb4603f0dfc4ef8cf04c83e3d92306025255cde6945f5209a06c

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 31 Aug 2018 19:42:04 GMT
Via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Apr 2017 15:04:48 GMT
Server: AmazonS3
Age: 18055
ETag: "6cebb7812fa6f9ec25e691fbe76cdfca"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 905
X-Amz-Cf-Id: TbMqEC1fVnUUdJdTSqSxY6a7h_upZSegOETZVbtSU_agZLgOAzt_kQ==

GET
H/1.1 200
OK chatForm.js Show response
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 8 KB
3 KB 381ms
368ms Script
application/javascript 143.204.98.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/chatForm.js?rnd=0.11915989179866737
Requested by: Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.0769091545006757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.179 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1cbe211a9a816a4d68f23aaa536667e90844c08fd68af944aed40e8a5f7b96f

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 25 Sep 2018 22:10:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Sep 2018 11:11:43 GMT
Server: AmazonS3
Vary: Accept-Encoding
X-Cache: RefreshHit from cloudfront
x-amz-version-id: null
Via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Amz-Cf-Id: Md-FZXoWB95SZjjQybqU0eO6ltrFtEGhq-dRoSll8twT3EJZojP4dg==

GET
H/1.1 200
OK messages.js Show response
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 5 KB
6 KB 19ms
6ms Script
binary/octet-stream 143.204.98.192
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/messages.js?rnd=0.8478650494858997
Requested by: Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.0769091545006757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.192 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-192.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d87e16a3d15ad946f44aeb696da2bbb405c2f20f60e783dba59e1bda86af5323

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 31 Aug 2018 17:54:39 GMT
Via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
Last-Modified: Wed, 19 Apr 2017 10:04:43 GMT
Server: AmazonS3
Age: 85229
ETag: "563930b4aaa5d8e88b51cc51eb3b00fd"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Content-Length: 5392
X-Amz-Cf-Id: kr1HYJj8f8gVfWWN9yf9X9VjcG3h9zZ_CwibisF1MmgbLCyCkX-ogg==

GET
H/1.1 200
OK predictiveLaunch.js Show response
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 143.204.98.192
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/predictiveLaunch.js?rnd=0.4425343663546746
Requested by: Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.0769091545006757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.192 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-192.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cf0798f17765f370a864a3b672cc969c2fb38810e64ce262d40459b5ca417a7

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 31 Aug 2018 19:42:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2016 13:17:27 GMT
Server: AmazonS3
Age: 61291
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: null
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
X-Amz-Cf-Id: ulFMvv7SjnchY1xTryykjFyp6VFXV9RLazEt4fCm1jAlOQNj9XKYzQ==

GET
H/1.1 200
OK back.js Show response
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 2 KB
1 KB 6ms
6ms Script
application/x-javascript 143.204.98.192
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/back.js?rnd=0.4623910344548101
Requested by: Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.0769091545006757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.192 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-192.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46915b78e8042edf5ed5d09577a1ae0d62e4063f6a0d25ec953eb23363c978be

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 31 Aug 2018 19:42:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2016 13:17:29 GMT
Server: AmazonS3
Age: 61291
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: null
Via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
X-Amz-Cf-Id: jEbstRN6RQGILTlwmnjvOy2HgP2FYPcFw_Y_NsJ2o1HNZ2yW1ydu-A==

GET
H/1.1 200
OK sound.js Show response
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 2 KB
1 KB 7ms
6ms Script
application/x-javascript 143.204.98.192
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/sound.js?rnd=0.11483071414805601
Requested by: Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.0769091545006757
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.192 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-192.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8a2637df75d0915a637369294b573d79fb8b6f43cc9571222421a1cb7a2bed7

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 31 Aug 2018 19:42:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Jul 2016 10:15:54 GMT
Server: AmazonS3
Age: 85229
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: null
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
X-Amz-Cf-Id: zLWAK72rfh_vf1whLayh6c9K83dxg9PKNWTEGYwzfxOSHTonFgRs2Q==

POST
H/1.1 204
No Content SitePerformance Show response
prf.vagnt.com/ 0
231 B 98ms
98ms XHR
text/plain 107.22.10.76
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://prf.vagnt.com/SitePerformance
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 107.22.10.76 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-107-22-10-76.compute-1.amazonaws.com
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://chwplan.com/a/a8/index.php?
Origin: https://chwplan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Tue, 25 Sep 2018 23:01:45 GMT
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Expires: -1

GET
H/1.1 200
OK reset.css
d1wnfwven39x82.cloudfront.net/ 9 KB
3 KB 6ms
6ms Stylesheet
text/css 143.204.98.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wnfwven39x82.cloudfront.net/reset.css?rnd=0.4027864629419975
Requested by: Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/cssFix.js?rnd=0.6959089685406352
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.179 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-179.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03a6106e4bc9f8d4a3f1607830f777e780ab4644bc4df86c9394b5bbc0f41886

Request headers

Referer: https://chwplan.com/a/a8/index.php?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 31 Aug 2018 17:43:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2016 16:53:55 GMT
Server: AmazonS3
Age: 21487
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: null
Via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/css
X-Amz-Cf-Id: xFIOo6js5JL9Ie0tRk83cee1I1oDD9mKOGBmg_2lDb5ixuZNAso_qw==

GET
H/1.1 206
Partial Content ChatLaunch.mp3
s3.amazonaws.com/chat.tsa/Sounds/ 23 KB
24 KB 406ms
109ms Media
audio/mpeg 52.216.165.181
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/chat.tsa/Sounds/ChatLaunch.mp3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.165.181 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aae1695ddc586c17ce282027b177678a490e6cea85744105227546f3ce36a29d

Request headers

Referer: https://chwplan.com/a/a8/index.php?
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range: bytes=0-
chrome-proxy: frfr

Response headers

Date: Tue, 25 Sep 2018 23:01:47 GMT
Last-Modified: Mon, 27 Jun 2016 13:40:23 GMT
Server: AmazonS3
x-amz-request-id: 96460D6B6D568728
ETag: "c1a8fd251f0c91a81d270b2fe716cab5"
Content-Type: audio/mpeg
Content-Range: bytes 0-23712/23713
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 23713
x-amz-id-2: HIHWNaVo9kvdMZca7VmLeqKpW1blpgyqorrHZhJ8lkmSTuIwCQdY0TbRgHerOySRd3NBPGQJs5E=

GET
H/1.1 206
Partial Content MessageSend.mp3
s3.amazonaws.com/chat.tsa/Sounds/ 10 KB
10 KB 413ms
117ms Media
audio/mpeg 52.216.165.181
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/chat.tsa/Sounds/MessageSend.mp3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.165.181 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84f09b200d2070df37bc956d32f06d3af244cd8c015011372cc3d15a57721e56

Request headers

Referer: https://chwplan.com/a/a8/index.php?
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range: bytes=0-
chrome-proxy: frfr

Response headers

Date: Tue, 25 Sep 2018 23:01:47 GMT
Last-Modified: Mon, 27 Jun 2016 13:58:28 GMT
Server: AmazonS3
x-amz-request-id: A46A05D4D3C6B46A
ETag: "29d062f40725895ffeac106e04e3bbf0"
Content-Type: audio/mpeg
Content-Range: bytes 0-9930/9931
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 9931
x-amz-id-2: mtvRIqSZtwGiZ+ePAtSk0+Hv8DL64X13BlsAcxo5xJwPbn7DjGIwLM8CQ/mpUEIgSdGuzRLk9T4=

GET
H/1.1 206
Partial Content MessageReceive.mp3
s3.amazonaws.com/chat.tsa/Sounds/ 26 KB
27 KB 420ms
116ms Media
audio/mpeg 52.216.165.181
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/chat.tsa/Sounds/MessageReceive.mp3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.165.181 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9261845027162e376ab28b6c9d10ae601a8433de42e543db3705fb99dd5ebff9

Request headers

Referer: https://chwplan.com/a/a8/index.php?
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range: bytes=0-
chrome-proxy: frfr

Response headers

Date: Tue, 25 Sep 2018 23:01:47 GMT
Last-Modified: Mon, 27 Jun 2016 14:06:41 GMT
Server: AmazonS3
x-amz-request-id: A5AAC9AE31BC0894
ETag: "f6bbdd93b0ce0e432a9524bd2884287e"
Content-Type: audio/mpeg
Content-Range: bytes 0-27105/27106
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 27106
x-amz-id-2: EHVdo/hC20j8wOkb2u1mKwQerc0cT9v2eGh9ilS58w9IEy12fEI66uHxbqpmEs0QnwqPbJIBFSA=

GET
DATA 200
OK truncated
/ 58 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 726c4fd4bcb60da28d4d74e03aefe58c3e653786b40558acae3dd5bc070f168c

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7002a977c52e82b01e35ed5653c32962d7219a4fffe22d79212ce6570cdb1d1b

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

OPTIONS
H/1.1 200
OK / Show response
vagnt.com/api/Chat/ 0
332 B 408ms
103ms XHR
text/plain 54.225.172.14
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vagnt.com/api/Chat/?rnd=0.3748749280687236
Requested by: Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/chat.js?rnd=0.9619172048326226
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.172.14 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-225-172-14.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://chwplan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Tue, 25 Sep 2018 23:01:52 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept
Content-Length: 0

POST
H/1.1 200
OK / Show response
vagnt.com/api/Chat/ 480 B
795 B 104ms
104ms XHR
application/json 54.225.172.14
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vagnt.com/api/Chat/?rnd=0.3748749280687236
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.172.14 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-225-172-14.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4a5310be09010bf42d948a9780b848c6872472899def8297f5b95878925e5411

Request headers

Accept: application/json
Referer: https://chwplan.com/a/a8/index.php?
Origin: https://chwplan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Tue, 25 Sep 2018 23:01:50 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 480
Expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aa.agkn.com
URL: https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=B7CC46-9BCD8AF7-6E68-4C2E-8CE9-CEAF94EE1C29&&bounced=1

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 12:43:08	Name: IDE Value: AHWqTUnfmM2P5Dm7qpSz4tp_gbTCODV3QiOaY4DDBCYGv9I2SNusdr7xyYS4tW3I
.chwplan.com/	1970-01-19 03:57:32	Name: STSID564543 Value: 7bce1a89-1e2d-42f6-a44e-33e838b19d42
.chwplan.com/	1970-01-22 10:52:15	Name: GSID3QgckfkNYGiq Value: 27e27b2b-2444-4fe9-b58b-ce1c1032cb7e
.chwplan.com/	1969-12-31 23:59:59	Name: MGX_PX Value: 6049e9d0-7368-4657-a13c-9d384c5344cb
.chwplan.com/	1970-01-19 03:57:32	Name: MGX_U Value: b8a97890-5b90-40c3-a47b-9ca5835df4d8
.chwplan.com/	1970-01-18 19:11:58	Name: __utmb Value: 136185571.1.10.1537916503
.chwplan.com/	1970-01-19 04:41:20	Name: cto_lwid Value: 8eaae0b4-86db-4a05-a072-76bfabf24539
chwplan.com/	1969-12-31 23:59:59	Name: ServerID Value: 1025
.chwplan.com/	1970-01-18 19:11:57	Name: __utmt Value: 1
.chwplan.com/	1970-01-18 23:34:44	Name: __utmz Value: 136185571.1537916503.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.chwplan.com/	1970-01-19 03:57:32	Name: MGX_CID Value: 4a1b44e1-b890-406c-908f-1168d1ec5109
.chwplan.com/	1969-12-31 23:59:59	Name: __utmc Value: 136185571
.chwplan.com/	1970-01-18 19:11:56	Name: _gat_gtag_UA_6898183_1 Value: 1
.chwplan.com/	1970-01-19 12:43:08	Name: __utma Value: 136185571.2063501691.1537916503.1537916503.1537916503.1
.chwplan.com/	1970-01-18 19:13:22	Name: _gid Value: GA1.2.1310433216.1537916503
.chwplan.com/	1970-01-19 03:57:32	Name: MGX_P Value: 9bcd8af7-6e68-4c2e-8ce9-ceaf94ee1c29
.chwplan.com/	1970-01-19 12:43:08	Name: _ga Value: GA1.2.2063501691.1537916503

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
api.datasteam.io
bat.bing.com
bid.g.doubleclick.net
cdn.datasteam.io
cdn.listrakbi.com
chwplan.com
connect.facebook.net
d1eoo1tco6rr5e.cloudfront.net
d1wnfwven39x82.cloudfront.net
dis.us.criteo.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
prf.vagnt.com
rdcdn.com
s1.listrakbi.com
s3.amazonaws.com
sca1.listrakbi.com
ssl.google-analytics.com
sslwidget.criteo.com
static.criteo.net
vagnt.com
widget.us.criteo.com
www.chwplan.com
www.chwplans.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
aa.agkn.com
107.22.10.76
108.177.126.156
143.204.93.157
143.204.98.179
143.204.98.192
146.20.84.216
172.217.21.226
178.250.0.130
178.250.0.82
204.79.197.200
2a00:1450:4001:810::2008
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a00:1450:4001:81f::2002
2a00:1450:400f:809::2004
2a02:e980:25::28
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.216.165.181
52.216.21.237
52.45.198.43
52.85.185.184
52.85.188.37
54.225.138.195
54.225.172.14
54.229.35.49
54.230.95.59
54.84.143.179
74.119.119.79
74.119.119.84
03a6106e4bc9f8d4a3f1607830f777e780ab4644bc4df86c9394b5bbc0f41886
08e366416a9f024d76698e42a77cdc9e3c050d7fbc323a07bf12fa130e8f11dd
0a30b00ee07b9ecc741b4e9e67b48e4e785ab7f1aa8382c70b0c99208ce74080
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13f2c49f1493c07c007460e06aeeadb0a7c87ff4d2d6135fecf0c444fb8ec18b
1cf0798f17765f370a864a3b672cc969c2fb38810e64ce262d40459b5ca417a7
2fce75658febc8ea85270531789e279b124f581f44374241a9bec5bcfb431858
303792755b365d1fb1d34ac65d4d6ef5773861a44a8418f0cc1ee294a88b855b
3a9b1aaf047d7ab5119bb338a86bee9788c4e79392d4abb12408d62bec6e86fb
3bfb6f7daf791381c2693ae6e9eaa0271cc182afc65aae94f6bf180fa73fb94b
3e21de5b03ac5e4068d896ba5c26554eed75a92babb676e8a4be5a33ae663894
467f1cb419337380be980435f87d47ef7e54db3439735007a7dc5a0f29597a3a
46915b78e8042edf5ed5d09577a1ae0d62e4063f6a0d25ec953eb23363c978be
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a5310be09010bf42d948a9780b848c6872472899def8297f5b95878925e5411
5405f630e75c11cd1381d0e3241ff0623a788de74f351ea848896c4bfd4e0b67
56e06f4c23f951f4694a6a483c91498110147ad691fba37f849b180244b7cd6a
585bb86f22e2bcc630611889e64567469fc60eedff980e25e6790720e72ead7f
5e4fb5563218c9d2c6548a50764e052853fe611f3bd3e9e6b353c079a16b618f
639ff6ecc02ad47e1abbe54dc8727407f71bf5f250903bb60582e0bcd0efe6a9
69c9452915bf657e65c1a6631ed2f605255c605635fc2a8988b355ceeb00f179
6c82c413c824d6e39062aa3e29825179ae6cfc4f48bc6a14deb3fe6d4b7be415
6f2194419f3221f6eddb9cb96913239c124ff9a0fde9ef2f3f93e8ead4a50cf0
7002a977c52e82b01e35ed5653c32962d7219a4fffe22d79212ce6570cdb1d1b
726c4fd4bcb60da28d4d74e03aefe58c3e653786b40558acae3dd5bc070f168c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f09b200d2070df37bc956d32f06d3af244cd8c015011372cc3d15a57721e56
85efb589056b36c50eb794b0a08b4b0645665661ac6d2e59546235064a2a021d
85f7dd16945a1bfa1f09b78120688009b25b0c572792eead8cfc389e59627940
8eb44a97978fe59831d545e1e73e88bf61a16ab121443644a528a1ca2b5b27a0
8fea23df1aaf7f782769f93d1348bca269bbabc9c61335eed561c644b5d0dfa7
9261845027162e376ab28b6c9d10ae601a8433de42e543db3705fb99dd5ebff9
9962df56ce3d8582fd3c8a4d4b3ab77d862676bc284884054240b05a5f5d2fd6
9a2f715d69f39bb7e264e1d928e5e0ead15704d266a1e4a069b3117ff7bad234
aae1695ddc586c17ce282027b177678a490e6cea85744105227546f3ce36a29d
b1924d2537a692c816bb6fe029a6e585257a9f9906ed6f1610f0393ba1829fcc
b990f2dbd34cecb1b3a8519b9072775aa8bc1782fc63cab96342b02a83610862
bb2335a018a13833cdfff11b15bb4418de8d86b3545f8fb49a2b8c605824dca8
c8a2637df75d0915a637369294b573d79fb8b6f43cc9571222421a1cb7a2bed7
cf53413df26feb4603f0dfc4ef8cf04c83e3d92306025255cde6945f5209a06c
d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a
d1cbe211a9a816a4d68f23aaa536667e90844c08fd68af944aed40e8a5f7b96f
d87e16a3d15ad946f44aeb696da2bbb405c2f20f60e783dba59e1bda86af5323
da3a8ee6b0a3a2a4bb422a861c26c4cd967da682d04c9bb33aae0616af70a4a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec206f320603391154a71449dc03d962f3265aa99b160f2b6f1f5619d9a1cfe5
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
ee5e6f24e63a934667e065cf35fa4cdb9a1ec3391da17621c3994fdb63bb82ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb05e40bf1ca9682c6736a1bfeff728cb405aa918ac36f2596539efc8a5a7a0a
fd338a175e4e81e2f44e03cd956e03b7a7619301ab1178b19e1311eacc414463

chwplan.com Open in urlscan Pro 146.20.84.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

29 %IPv6

21 Domains

32 Subdomains

31 IPs

4 Countries

711 kBTransfer

1408 kBSize

17 Cookies

2 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

chwplan.com Open in urlscan Pro
146.20.84.216 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

29 %
IPv6

21
Domains

32
Subdomains

31
IPs

4
Countries

711 kB
Transfer

1408 kB
Size

17
Cookies

62 HTTP transactions
2 data transactions