www.fetcharate.com Open in urlscan Pro
2600:1f14:74a:1a02:31ee:80e7:901f:4dea Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://paid.outbrain.com/network/redir?p=trDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67...
Effective URL:
https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyw...
Submission: On January 16 via manual (January 16th 2019, 4:08:18 pm UTC) from US

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 16 domains to perform 35 HTTP transactions. The main IP is 2600:1f14:74a:1a02:31ee:80e7:901f:4dea, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.fetcharate.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 25th 2018. Valid for: a year.

This is the only time www.fetcharate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	151.101.2.2 151.101.2.2	54113 (FASTLY) (FASTLY - Fastly)
3	2600:1f14:74a... 2600:1f14:74a:1a02:31ee:80e7:901f:4dea	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2600:9000:20b... 2600:9000:20bb:7800:1:2a25:bcc0:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY - Fastly)
1	2600:9000:20b... 2600:9000:20bb:1e00:1:2a25:bcc0:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1288:7c:... 2a00:1288:7c:800::4000	43428 (YAHOO-ULS) (YAHOO-ULS)
1	23.211.2.209 23.211.2.209	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 4	172.217.22.70 172.217.22.70	15169 (GOOGLE) (GOOGLE - Google LLC)
2	188.125.66.33 188.125.66.33	34010 (YAHOO-IRD) (YAHOO-IRD)
1	64.74.236.19 64.74.236.19	22075 (AS-OUTBRAIN) (AS-OUTBRAIN - Outbrain)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
35	19

5 151.101.2.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

paid.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f14:74a:1a02:31ee:80e7:901f:4dea (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

www.fetcharate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20bb:7800:1:2a25:bcc0:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d24lmrlk349cdv.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (European Union)

ASN54113 (FASTLY - Fastly, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20bb:1e00:1:2a25:bcc0:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d24lmrlk349cdv.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:7c:800::4000 (United Kingdom)

ASN43428 (YAHOO-ULS, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.211.2.209 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-211-2-209.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.22.70 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f70.1e100.net

6784673.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.125.66.33 (Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.19 (United States)

ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US)
PTR: chi.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	doubleclick.net 2 redirects 6784673.fls.doubleclick.net googleads.g.doubleclick.net	3 KB
5	cloudfront.net d24lmrlk349cdv.cloudfront.net	230 KB
4	facebook.com staticxx.facebook.com www.facebook.com
4	outbrain.com paid.outbrain.com amplify.outbrain.com tr.outbrain.com amplifypixel.outbrain.com	4 KB
3	taboola.com cdn.taboola.com trc.taboola.com	8 KB
3	fetcharate.com www.fetcharate.com	27 KB
2	yahoo.com sp.analytics.yahoo.com	545 B
2	gstatic.com fonts.gstatic.com	40 KB
2	googletagmanager.com www.googletagmanager.com	58 KB
1	google.de www.google.de	109 B
1	google.com www.google.com	112 B
1	googleadservices.com www.googleadservices.com	9 KB
1	yimg.com s.yimg.com	4 KB
1	facebook.net connect.facebook.net	57 KB
1	ravenjs.com cdn.ravenjs.com	14 KB
1	googleapis.com ajax.googleapis.com	33 KB
35	16

	Domain	Requested by
5	d24lmrlk349cdv.cloudfront.net	www.fetcharate.com
4	6784673.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	www.facebook.com	connect.facebook.net
3	www.fetcharate.com	paid.outbrain.com www.fetcharate.com
2	trc.taboola.com	cdn.ravenjs.com
2	sp.analytics.yahoo.com	s.yimg.com
2	fonts.gstatic.com	www.fetcharate.com
2	www.googletagmanager.com	www.fetcharate.com www.googletagmanager.com
1	www.google.de	www.fetcharate.com
1	www.google.com	www.fetcharate.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	amplifypixel.outbrain.com	www.fetcharate.com
1	tr.outbrain.com	www.fetcharate.com
1	staticxx.facebook.com	connect.facebook.net
1	amplify.outbrain.com	paid.outbrain.com
1	cdn.taboola.com	paid.outbrain.com
1	s.yimg.com	paid.outbrain.com
1	connect.facebook.net	www.fetcharate.com
1	cdn.ravenjs.com	www.fetcharate.com
1	ajax.googleapis.com	www.fetcharate.com
1	paid.outbrain.com
35	22

This site contains no links.

Subject Issuer	Validity	Valid
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-12-03` - `2019-09-07`	9 months	crt.sh
www.fetcharate.com DigiCert SHA2 Secure Server CA	`2018-01-25` - `2019-03-26`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
osff.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-01-13` - `2019-02-24`	a month	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-01-08` - `2019-02-14`	a month	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-03-14`	a year	crt.sh
*.doubleclick.net Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-11-21` - `2019-05-20`	6 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
Frame ID: BB87F7467C62C164E07F186193606B2E
Requests: 29 HTTP requests in this frame

Frame: https://6784673.fls.doubleclick.net/activityi;dc_pre=CPCH49zX8t8CFcOwewod4ncCQA;src=6784673;type=invmedia;cat=globa0;ord=9961170301172;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN
Frame ID: CF708DE2491834AC2B9908BBC31DAE65
Requests: 1 HTTP requests in this frame

Frame: https://6784673.fls.doubleclick.net/activityi;dc_pre=CKSM49zX8t8CFYK43godx7sBuA;src=6784673;type=invmedia;cat=rt_pa0;ord=4242240554971;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN
Frame ID: 745DFE502B16328FC8F080275FBA826A
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
Frame ID: 267F01D62855A02661F53BDBE1F57B82
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df25a0bc006da114%26domain%3Dwww.fetcharate.com%26origin%3Dhttps%253A%252F%252Fwww.fetcharate.com%252Ff290af24ebeb458%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false&size=small
Frame ID: D9527D9AB7C6A1766ABF714786722E26
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df3483d277f1c64%26domain%3Dwww.fetcharate.com%26origin%3Dhttps%253A%252F%252Fwww.fetcharate.com%252Ff290af24ebeb458%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false&size=small
Frame ID: 894E26A08733A4668C0E132CC50366D0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df385e14401a4%26domain%3Dwww.fetcharate.com%26origin%3Dhttps%253A%252F%252Fwww.fetcharate.com%252Ff290af24ebeb458%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FFetcharate-155314494668736%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=false
Frame ID: 3DD827258831B102BD16A12CD0ADDB7A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://paid.outbrain.com/network/redir?p=trDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFz... Page URL
https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you... Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /.*Varnish/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
env /^google_tag_manager$/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
env /^Modernizr$/i

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^YAHOO$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

35
Requests

100 %
HTTPS

68 %
IPv6

16
Domains

22
Subdomains

19
IPs

4
Countries

487 kB
Transfer

951 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://paid.outbrain.com/network/redir?p=trDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67iDt0AAgzcS3txMBGiKbQvXGCWqljWnikbKr5gN-b93_2k_wG35m20225RCJwECoUCmLCgb6EnoaQ7ewxEut6r4L3kwh4vLvdpdohHv7IKn2iML-npjq9L3k3XjcB7p8JLpM1zu2un3FM2pPxxioAdqcrtTYJJkVY1o7Ph_hZ2-Hdou_Fz-hn-bjMqEm7kjgBy5UbxnRV8_P04zm8F1OXJJyBIzMMsIiAs9SMy-yRTNGTJME76qx88Yb5y0Zo9bSwPbFaaEsFp5aoNv0rxNuFcy3uwKOIOfa1P72J-trrqXCXGuxM8M98q23OTuIyY-p9e0B_CkssCxwz4_6yhNpgF6SflaNtKDD2MoBM68nHpVzVmlt-I0q3WjZfAdIQW1Tdv6TDfWShgPK9izRTnOQXrE4n3uxn_a501OK1pwlUYim6XVIV1BQT4WUhb4pLEb8xPhpaHlOuRbcTb29pDRQxl69GrdKVxLVy234uKbgHpWwzsjS_3lT7zTAuw3a9HNJDeR82_m9epgLvNErZoqRtxyn9wag91ihZb16K8DGLsFVMVTFEZolfnOXRLdd4zFa3Qx_yCBqA8Bq6VBApwvg1PPb0yX-GnDoYoAuaW82ShugtorkHQCRcVOKJ7Q0KYnWfEClZj6EDY5NZsM3tJTPW0Rn6W6gaq5QdCJtLFCbI0r-STPd-ExwFU9ZHbjJj_0CA1sue8ycM-T3O6EEN6zzB-y7OfFnCOO7f60i8DE4lBAtv9rOmX_PIzKTJ4ytFTvikw4Dx2W05olWrJJGPLQ_o65dJBGBhMo8mOovWiyN29-lK2rHyaMyhBdey6Ahho5UI86S7w7m3nxr-03FxQRiz-RtIfOLoLv7-N-VNb23Upi_xYNUy4_a8XQt8E8xPAcRNeYlBTRJ-lBvPGwumoimpkA-9r-bXhEqwShC9o1cOhqUX0RnBHWx161Zsm9nWNIXXP79PfZNpgHKxoQJEtEr17xVBaqhq6CMk8uA5fGfTepvp-DylEqAeIkVf3v11i6fKqKQ5Jw&c=a0c399bb&v=3 Page URL
https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://6784673.fls.doubleclick.net/activityi;src=6784673;type=invmedia;cat=globa0;ord=9961170301172;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN HTTP 302
https://6784673.fls.doubleclick.net/activityi;dc_pre=CPCH49zX8t8CFcOwewod4ncCQA;src=6784673;type=invmedia;cat=globa0;ord=9961170301172;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN

Request Chain 19

https://6784673.fls.doubleclick.net/activityi;src=6784673;type=invmedia;cat=rt_pa0;ord=4242240554971;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN HTTP 302
https://6784673.fls.doubleclick.net/activityi;dc_pre=CKSM49zX8t8CFYK43godx7sBuA;src=6784673;type=invmedia;cat=rt_pa0;ord=4242240554971;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 redir Show response
paid.outbrain.com/network/ 924 B
1 KB 137ms
92ms Document
text/html 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://paid.outbrain.com/network/redir?p=trDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67iDt0AAgzcS3txMBGiKbQvXGCWqljWnikbKr5gN-b93_2k_wG35m20225RCJwECoUCmLCgb6EnoaQ7ewxEut6r4L3kwh4vLvdpdohHv7IKn2iML-npjq9L3k3XjcB7p8JLpM1zu2un3FM2pPxxioAdqcrtTYJJkVY1o7Ph_hZ2-Hdou_Fz-hn-bjMqEm7kjgBy5UbxnRV8_P04zm8F1OXJJyBIzMMsIiAs9SMy-yRTNGTJME76qx88Yb5y0Zo9bSwPbFaaEsFp5aoNv0rxNuFcy3uwKOIOfa1P72J-trrqXCXGuxM8M98q23OTuIyY-p9e0B_CkssCxwz4_6yhNpgF6SflaNtKDD2MoBM68nHpVzVmlt-I0q3WjZfAdIQW1Tdv6TDfWShgPK9izRTnOQXrE4n3uxn_a501OK1pwlUYim6XVIV1BQT4WUhb4pLEb8xPhpaHlOuRbcTb29pDRQxl69GrdKVxLVy234uKbgHpWwzsjS_3lT7zTAuw3a9HNJDeR82_m9epgLvNErZoqRtxyn9wag91ihZb16K8DGLsFVMVTFEZolfnOXRLdd4zFa3Qx_yCBqA8Bq6VBApwvg1PPb0yX-GnDoYoAuaW82ShugtorkHQCRcVOKJ7Q0KYnWfEClZj6EDY5NZsM3tJTPW0Rn6W6gaq5QdCJtLFCbI0r-STPd-ExwFU9ZHbjJj_0CA1sue8ycM-T3O6EEN6zzB-y7OfFnCOO7f60i8DE4lBAtv9rOmX_PIzKTJ4ytFTvikw4Dx2W05olWrJJGPLQ_o65dJBGBhMo8mOovWiyN29-lK2rHyaMyhBdey6Ahho5UI86S7w7m3nxr-03FxQRiz-RtIfOLoLv7-N-VNb23Upi_xYNUy4_a8XQt8E8xPAcRNeYlBTRJ-lBvPGwumoimpkA-9r-bXhEqwShC9o1cOhqUX0RnBHWx161Zsm9nWNIXXP79PfZNpgHKxoQJEtEr17xVBaqhq6CMk8uA5fGfTepvp-DylEqAeIkVf3v11i6fKqKQ5Jw&c=a0c399bb&v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

95e2e7e8e93a56abca0304f7767116561983cb8a0fe91f437e663bd0c1d6026e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

:method: GET
:authority: paid.outbrain.com
:scheme: https
:path: /network/redir?p=trDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67iDt0AAgzcS3txMBGiKbQvXGCWqljWnikbKr5gN-b93_2k_wG35m20225RCJwECoUCmLCgb6EnoaQ7ewxEut6r4L3kwh4vLvdpdohHv7IKn2iML-npjq9L3k3XjcB7p8JLpM1zu2un3FM2pPxxioAdqcrtTYJJkVY1o7Ph_hZ2-Hdou_Fz-hn-bjMqEm7kjgBy5UbxnRV8_P04zm8F1OXJJyBIzMMsIiAs9SMy-yRTNGTJME76qx88Yb5y0Zo9bSwPbFaaEsFp5aoNv0rxNuFcy3uwKOIOfa1P72J-trrqXCXGuxM8M98q23OTuIyY-p9e0B_CkssCxwz4_6yhNpgF6SflaNtKDD2MoBM68nHpVzVmlt-I0q3WjZfAdIQW1Tdv6TDfWShgPK9izRTnOQXrE4n3uxn_a501OK1pwlUYim6XVIV1BQT4WUhb4pLEb8xPhpaHlOuRbcTb29pDRQxl69GrdKVxLVy234uKbgHpWwzsjS_3lT7zTAuw3a9HNJDeR82_m9epgLvNErZoqRtxyn9wag91ihZb16K8DGLsFVMVTFEZolfnOXRLdd4zFa3Qx_yCBqA8Bq6VBApwvg1PPb0yX-GnDoYoAuaW82ShugtorkHQCRcVOKJ7Q0KYnWfEClZj6EDY5NZsM3tJTPW0Rn6W6gaq5QdCJtLFCbI0r-STPd-ExwFU9ZHbjJj_0CA1sue8ycM-T3O6EEN6zzB-y7OfFnCOO7f60i8DE4lBAtv9rOmX_PIzKTJ4ytFTvikw4Dx2W05olWrJJGPLQ_o65dJBGBhMo8mOovWiyN29-lK2rHyaMyhBdey6Ahho5UI86S7w7m3nxr-03FxQRiz-RtIfOLoLv7-N-VNb23Upi_xYNUy4_a8XQt8E8xPAcRNeYlBTRJ-lBvPGwumoimpkA-9r-bXhEqwShC9o1cOhqUX0RnBHWx161Zsm9nWNIXXP79PfZNpgHKxoQJEtEr17xVBaqhq6CMk8uA5fGfTepvp-DylEqAeIkVf3v11i6fKqKQ5Jw&c=a0c399bb&v=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=UTF-8
set-cookie: obuid=86cf1f8c-bf08-4a08-93db-ea6e9b775dfa;Path=/;Domain=outbrain.com;Expires=Tue, 16-Apr-2019 16:08:02 GMT ref-2014087987=8028982765da7872f8c1fe6bf6e602be|2134158358||1|103078697|504|5396235|185|3;Path=/;Domain=outbrain.com;Expires=Wed, 16-Jan-2019 16:09:02 GMT auid=ecH1J_uXs9V9TCqe2urFRPEpf04O1zjS_KDrNwkKTcPVxrND-HHtgd6Ym-An2NaH;Path=/;Domain=outbrain.com;Expires=Tue, 16-Apr-2019 16:08:02 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains;
accept-ranges: bytes bytes
via: 1.1 varnish 1.1 varnish
backend-ip: 104.156.90.23
date: Wed, 16 Jan 2019 16:08:02 GMT
x-served-by: cache-jfk8123-JFK, cache-hhn1527-HHN
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1547654883.755777,VS0,VE84
vary: Accept-Encoding, User-Agent
traffic-path: NYDC1, JFK, HHN, Europe1

GET
H2 200 Primary Request / Show response
www.fetcharate.com/pa/ 11 KB
5 KB 603ms
197ms Document
text/html 2600:1f14:74a:1a02:31ee:80e7:901f:4dea
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN

Requested by

Host: paid.outbrain.com
URL: https://paid.outbrain.com/network/redir?p=trDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67iDt0AAgzcS3txMBGiKbQvXGCWqljWnikbKr5gN-b93_2k_wG35m20225RCJwECoUCmLCgb6EnoaQ7ewxEut6r4L3kwh4vLvdpdohHv7IKn2iML-npjq9L3k3XjcB7p8JLpM1zu2un3FM2pPxxioAdqcrtTYJJkVY1o7Ph_hZ2-Hdou_Fz-hn-bjMqEm7kjgBy5UbxnRV8_P04zm8F1OXJJyBIzMMsIiAs9SMy-yRTNGTJME76qx88Yb5y0Zo9bSwPbFaaEsFp5aoNv0rxNuFcy3uwKOIOfa1P72J-trrqXCXGuxM8M98q23OTuIyY-p9e0B_CkssCxwz4_6yhNpgF6SflaNtKDD2MoBM68nHpVzVmlt-I0q3WjZfAdIQW1Tdv6TDfWShgPK9izRTnOQXrE4n3uxn_a501OK1pwlUYim6XVIV1BQT4WUhb4pLEb8xPhpaHlOuRbcTb29pDRQxl69GrdKVxLVy234uKbgHpWwzsjS_3lT7zTAuw3a9HNJDeR82_m9epgLvNErZoqRtxyn9wag91ihZb16K8DGLsFVMVTFEZolfnOXRLdd4zFa3Qx_yCBqA8Bq6VBApwvg1PPb0yX-GnDoYoAuaW82ShugtorkHQCRcVOKJ7Q0KYnWfEClZj6EDY5NZsM3tJTPW0Rn6W6gaq5QdCJtLFCbI0r-STPd-ExwFU9ZHbjJj_0CA1sue8ycM-T3O6EEN6zzB-y7OfFnCOO7f60i8DE4lBAtv9rOmX_PIzKTJ4ytFTvikw4Dx2W05olWrJJGPLQ_o65dJBGBhMo8mOovWiyN29-lK2rHyaMyhBdey6Ahho5UI86S7w7m3nxr-03FxQRiz-RtIfOLoLv7-N-VNb23Upi_xYNUy4_a8XQt8E8xPAcRNeYlBTRJ-lBvPGwumoimpkA-9r-bXhEqwShC9o1cOhqUX0RnBHWx161Zsm9nWNIXXP79PfZNpgHKxoQJEtEr17xVBaqhq6CMk8uA5fGfTepvp-DylEqAeIkVf3v11i6fKqKQ5Jw&c=a0c399bb&v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f14:74a:1a02:31ee:80e7:901f:4dea , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

Resource Hash

1e7a32705649c464f7d7e09e0a91b586bd046a0597af1c5e531acf6937c90e6b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.fetcharate.com
:scheme: https
:path: /pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://paid.outbrain.com/network/redir?p=trDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67iDt0AAgzcS3txMBGiKbQvXGCWqljWnikbKr5gN-b93_2k_wG35m20225RCJwECoUCmLCgb6EnoaQ7ewxEut6r4L3kwh4vLvdpdohHv7IKn2iML-npjq9L3k3XjcB7p8JLpM1zu2un3FM2pPxxioAdqcrtTYJJkVY1o7Ph_hZ2-Hdou_Fz-hn-bjMqEm7kjgBy5UbxnRV8_P04zm8F1OXJJyBIzMMsIiAs9SMy-yRTNGTJME76qx88Yb5y0Zo9bSwPbFaaEsFp5aoNv0rxNuFcy3uwKOIOfa1P72J-trrqXCXGuxM8M98q23OTuIyY-p9e0B_CkssCxwz4_6yhNpgF6SflaNtKDD2MoBM68nHpVzVmlt-I0q3WjZfAdIQW1Tdv6TDfWShgPK9izRTnOQXrE4n3uxn_a501OK1pwlUYim6XVIV1BQT4WUhb4pLEb8xPhpaHlOuRbcTb29pDRQxl69GrdKVxLVy234uKbgHpWwzsjS_3lT7zTAuw3a9HNJDeR82_m9epgLvNErZoqRtxyn9wag91ihZb16K8DGLsFVMVTFEZolfnOXRLdd4zFa3Qx_yCBqA8Bq6VBApwvg1PPb0yX-GnDoYoAuaW82ShugtorkHQCRcVOKJ7Q0KYnWfEClZj6EDY5NZsM3tJTPW0Rn6W6gaq5QdCJtLFCbI0r-STPd-ExwFU9ZHbjJj_0CA1sue8ycM-T3O6EEN6zzB-y7OfFnCOO7f60i8DE4lBAtv9rOmX_PIzKTJ4ytFTvikw4Dx2W05olWrJJGPLQ_o65dJBGBhMo8mOovWiyN29-lK2rHyaMyhBdey6Ahho5UI86S7w7m3nxr-03FxQRiz-RtIfOLoLv7-N-VNb23Upi_xYNUy4_a8XQt8E8xPAcRNeYlBTRJ-lBvPGwumoimpkA-9r-bXhEqwShC9o1cOhqUX0RnBHWx161Zsm9nWNIXXP79PfZNpgHKxoQJEtEr17xVBaqhq6CMk8uA5fGfTepvp-DylEqAeIkVf3v11i6fKqKQ5Jw&c=a0c399bb&v=3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://paid.outbrain.com/network/redir?p=trDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67iDt0AAgzcS3txMBGiKbQvXGCWqljWnikbKr5gN-b93_2k_wG35m20225RCJwECoUCmLCgb6EnoaQ7ewxEut6r4L3kwh4vLvdpdohHv7IKn2iML-npjq9L3k3XjcB7p8JLpM1zu2un3FM2pPxxioAdqcrtTYJJkVY1o7Ph_hZ2-Hdou_Fz-hn-bjMqEm7kjgBy5UbxnRV8_P04zm8F1OXJJyBIzMMsIiAs9SMy-yRTNGTJME76qx88Yb5y0Zo9bSwPbFaaEsFp5aoNv0rxNuFcy3uwKOIOfa1P72J-trrqXCXGuxM8M98q23OTuIyY-p9e0B_CkssCxwz4_6yhNpgF6SflaNtKDD2MoBM68nHpVzVmlt-I0q3WjZfAdIQW1Tdv6TDfWShgPK9izRTnOQXrE4n3uxn_a501OK1pwlUYim6XVIV1BQT4WUhb4pLEb8xPhpaHlOuRbcTb29pDRQxl69GrdKVxLVy234uKbgHpWwzsjS_3lT7zTAuw3a9HNJDeR82_m9epgLvNErZoqRtxyn9wag91ihZb16K8DGLsFVMVTFEZolfnOXRLdd4zFa3Qx_yCBqA8Bq6VBApwvg1PPb0yX-GnDoYoAuaW82ShugtorkHQCRcVOKJ7Q0KYnWfEClZj6EDY5NZsM3tJTPW0Rn6W6gaq5QdCJtLFCbI0r-STPd-ExwFU9ZHbjJj_0CA1sue8ycM-T3O6EEN6zzB-y7OfFnCOO7f60i8DE4lBAtv9rOmX_PIzKTJ4ytFTvikw4Dx2W05olWrJJGPLQ_o65dJBGBhMo8mOovWiyN29-lK2rHyaMyhBdey6Ahho5UI86S7w7m3nxr-03FxQRiz-RtIfOLoLv7-N-VNb23Upi_xYNUy4_a8XQt8E8xPAcRNeYlBTRJ-lBvPGwumoimpkA-9r-bXhEqwShC9o1cOhqUX0RnBHWx161Zsm9nWNIXXP79PfZNpgHKxoQJEtEr17xVBaqhq6CMk8uA5fGfTepvp-DylEqAeIkVf3v11i6fKqKQ5Jw&c=a0c399bb&v=3

Response headers

status: 200
date: Wed, 16 Jan 2019 16:08:03 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
set-cookie: visitorId=3084db9b-97b8-4818-844b-77d0091fa96e; Max-Age=63072000; Domain=.fetcharate.com; Path=/; Expires=Fri, 15 Jan 2021 16:08:03 GMT connect.sid=s%3AspKcHdrFp9O5H4STYDoz3FYp9eJy_LeK.ySYFYprobqnfEd2CAyiJdZivAxbuFO3aiQwJVagsEDE; Path=/; HttpOnly
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 index.css
d24lmrlk349cdv.cloudfront.net/pa/____~_~_~/449/css/ 63 KB
11 KB 66ms
10ms Stylesheet
text/css 2600:9000:20bb:7800:1:2a25:bcc0:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d24lmrlk349cdv.cloudfront.net/pa/____~_~_~/449/css/index.css

Requested by

Host: www.fetcharate.com
URL: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20bb:7800:1:2a25:bcc0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

Resource Hash

e0588533b015c798c11b6c2ec68f28c0b23eb38c36ae8a7d9a402a01aab0f545

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 15 Jan 2019 22:14:26 GMT
content-encoding: gzip
age: 64417
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status: 200
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: MebZuQl8fiYyt7miQfBYceNjHdsXpp-bFNXJ_Ke17cwUHnllVhsfIg==
via: 1.1 6fe90cb7a4852d2683f62e862f7a790c.cloudfront.net (CloudFront)

GET
H2 200 modernizr.js Show response
d24lmrlk349cdv.cloudfront.net/global-assets/js/lib/ 17 KB
7 KB 65ms
9ms Script
application/javascript 2600:9000:20bb:7800:1:2a25:bcc0:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d24lmrlk349cdv.cloudfront.net/global-assets/js/lib/modernizr.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20bb:7800:1:2a25:bcc0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

Resource Hash

9fe9ed580719e3e40ac353ea81163e063ccde4e36379938d5a7824f48fe6b146

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 12 Jan 2019 11:41:38 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 18 Dec 2018 03:22:19 GMT
age: 884
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-amz-cf-id: 4cMI-e_Eq7co9PF_xwXUovGwW7gt2vCvh5ttRYctgvxlEZxfmKqEXQ==
via: 1.1 6fe90cb7a4852d2683f62e862f7a790c.cloudfront.net (CloudFront)

GET
H2 200 loading-md.gif
www.fetcharate.com/global-assets/img/ 9 KB
9 KB 184ms
182ms Image
image/gif 2600:1f14:74a:1a02:31ee:80e7:901f:4dea
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fetcharate.com/global-assets/img/loading-md.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f14:74a:1a02:31ee:80e7:901f:4dea , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

Resource Hash

c092eb0912db76d1cc78fc36dfdaebe947d55c47d7a840668a92b3c1ba99b6da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /global-assets/img/loading-md.gif
pragma: no-cache
cookie: visitorId=3084db9b-97b8-4818-844b-77d0091fa96e; connect.sid=s%3AspKcHdrFp9O5H4STYDoz3FYp9eJy_LeK.ySYFYprobqnfEd2CAyiJdZivAxbuFO3aiQwJVagsEDE
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.fetcharate.com
referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
:scheme: https
:method: GET
Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 16 Jan 2019 16:08:03 GMT
last-modified: Tue, 18 Dec 2018 03:22:19 GMT
status: 200
x-frame-options: SAMEORIGIN
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=7200
accept-ranges: bytes
content-type: image/gif
content-length: 8963

GET
H2 200 fetcharate-white.svg
d24lmrlk349cdv.cloudfront.net/img/logo/ 4 KB
2 KB 69ms
15ms Image
image/svg+xml 2600:9000:20bb:7800:1:2a25:bcc0:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d24lmrlk349cdv.cloudfront.net/img/logo/fetcharate-white.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20bb:7800:1:2a25:bcc0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

Resource Hash

428111dee81238e69b69dd1484a01e31c2387f81356b9d568803ad269c9f58a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 08 Jan 2019 16:20:05 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 18 Dec 2018 03:22:19 GMT
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: f8vn2iNDJIVuW3zfVlCIHiqpd3Fht4UXKDWhtFh7MnqiEEZaL8045w==
via: 1.1 6fe90cb7a4852d2683f62e862f7a790c.cloudfront.net (CloudFront)

GET
H2 200 mvl3D61a
www.fetcharate.com/pa_images_v2_author/ 13 KB
13 KB 186ms
186ms Image
image/jpeg 2600:1f14:74a:1a02:31ee:80e7:901f:4dea
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fetcharate.com/pa_images_v2_author/mvl3D61a

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f14:74a:1a02:31ee:80e7:901f:4dea , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

Resource Hash

5f13acd9c95c41b3d219b3ab195a8bdcf96c011688b6cf56d2809fff7b246cb7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /pa_images_v2_author/mvl3D61a
pragma: no-cache
cookie: visitorId=3084db9b-97b8-4818-844b-77d0091fa96e; connect.sid=s%3AspKcHdrFp9O5H4STYDoz3FYp9eJy_LeK.ySYFYprobqnfEd2CAyiJdZivAxbuFO3aiQwJVagsEDE
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.fetcharate.com
referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
:scheme: https
:method: GET
Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 16 Jan 2019 16:08:03 GMT
content-type: image/jpeg
content-length: 13539
x-frame-options: SAMEORIGIN
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 a7l8wGk5
d24lmrlk349cdv.cloudfront.net/pa_images_v2/ 206 KB
207 KB 17ms
17ms Image
image/jpeg 2600:9000:20bb:7800:1:2a25:bcc0:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d24lmrlk349cdv.cloudfront.net/pa_images_v2/a7l8wGk5

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20bb:7800:1:2a25:bcc0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

Resource Hash

d07c51088e29fde056ae4fcd5af4abb9c5d4ece34570ca21585a2e84e5c3beff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 16 Jan 2019 16:04:55 GMT
via: 1.1 6fe90cb7a4852d2683f62e862f7a790c.cloudfront.net (CloudFront)
age: 188
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status: 200
content-type: image/jpeg
content-length: 211238
x-amz-cf-id: ekODD0Zt7OngGsakwdINvrRbypIpyN2nLrzF9eSFKPbK3duG0LjQfw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 20:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2489118
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 33951
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2019 20:42:45 GMT

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.26.2/ 37 KB
14 KB 40ms
7ms Script
application/javascript 2a04:4e42:200::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.26.2/raven.min.js
Requested by: Host: www.fetcharate.com
URL: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Fastly /
Resource Hash: 4b6d78009e6e369507e7d50925b9f2864e05b27820a92862f8b6bcf5c27a8430

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
Origin: https://www.fetcharate.com

Response headers

date: Wed, 16 Jan 2019 16:08:03 GMT
content-encoding: gzip
last-modified: Mon, 11 Jun 2018 15:59:55 GMT
server: Fastly
age: 33261
etag: "1419f17d4165274db4b1ad69fc9721c5"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13696

GET
H2 200 main.js Show response
d24lmrlk349cdv.cloudfront.net/js/ 9 KB
3 KB 30ms
10ms Script
application/javascript 2600:9000:20bb:1e00:1:2a25:bcc0:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d24lmrlk349cdv.cloudfront.net/js/main.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20bb:1e00:1:2a25:bcc0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

Resource Hash

f820fcb9b7aead9082aae5e53cf771fd24ef3a43615ae643d2c43ffaf8128910

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
Origin: https://www.fetcharate.com

Response headers

date: Wed, 16 Jan 2019 11:00:05 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 18 Dec 2018 03:22:19 GMT
age: 3462
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-amz-cf-id: 0xn17w7p9iOAEUqovu_DDjOHB1o5ebny8P_nDYZ0h1NUr5Dea75rTg==
via: 1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
27 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:817::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N4SHZWT

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

d1ab327cfb5a3be6f970bcd03b6be1224ff6986c6a47874c9f779ac6b640e30a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 16 Jan 2019 16:08:03 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27217
x-xss-protection: 1; mode=block
expires: Wed, 16 Jan 2019 16:08:03 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 182 KB
57 KB 42ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1874b3668bf2c800adc3bf08f2ffb891bfbd732d6a4ea7666ed79797df4fa89f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: W00avT6FOlH9VXl0gonqNg==
status: 200
vary: Accept-Encoding
content-length: 57989
x-xss-protection: 0
x-fb-debug: rBIhCE5X+IkN3lKIJtm93GIB9Hzo0gzAOmbf09L5PHf3J9iGz7Koza34/M1k0DhnoRL2gYiC8JKy1gMHXOStvg==
x-fb-content-md5: 440c74547836655ae5089e759263e63c
date: Wed, 16 Jan 2019 16:08:03 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3dde4157f4cbdaa4741ad9b6510043e4"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin: *
expires: Wed, 16 Jan 2019 16:08:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v18/ 35 KB
20 KB 6ms
6ms Font
font/ttf 2a00:1450:4001:81b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxP.ttf

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

466989fd178ca6ed13641893b7003e5d6ec36e42c2a816dee71f87b775ea097f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://d24lmrlk349cdv.cloudfront.net/pa/____~_~_~/449/css/index.css
Origin: https://www.fetcharate.com

Response headers

date: Wed, 02 Jan 2019 16:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1210011
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 20272
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Oct 2017 17:32:56 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2020 16:01:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc9.ttf
fonts.gstatic.com/s/roboto/v18/ 34 KB
20 KB 7ms
6ms Font
font/ttf 2a00:1450:4001:81b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc9.ttf

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

01027695832f4a3850663c9e798eb03eadfd1462d0b76e7c5ac6465d2d77dbd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://d24lmrlk349cdv.cloudfront.net/pa/____~_~_~/449/css/index.css
Origin: https://www.fetcharate.com

Response headers

date: Fri, 21 Dec 2018 06:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2281749
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 20327
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Oct 2017 17:33:15 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2019 06:18:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
32 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:817::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1041002978

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SHZWT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

f28d328802e1dfdd17e4e24fd54428ea0e4d2d99225c8e5d113ccf4702974d20

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 16 Jan 2019 16:08:03 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 32165
x-xss-protection: 1; mode=block
expires: Wed, 16 Jan 2019 16:08:03 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
4 KB 45ms
45ms Script
application/javascript 2a00:1288:7c:800::4000
YAHOO-ULS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:7c:800::4000 , United Kingdom, ASN43428 (YAHOO-ULS, GB),

Reverse DNS

Software

ATS /

Resource Hash

bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 16 Jan 2019 16:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Accept-Encoding
content-length: 4111
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 Oct 2018 11:15:33 GMT
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
via: http/1.1 spdc0032.pbp.ir2.yahoo.com (ApacheTrafficServer), https/1.1 e30.ycpi.lob.yahoo.com (ApacheTrafficServer [cMsSf ])
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
accept-ranges: bytes

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1119445/ 21 KB
7 KB 61ms
13ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1119445/tfa.js
Requested by: Host: paid.outbrain.com
URL: https://paid.outbrain.com/network/redir?p=trDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67iDt0AAgzcS3txMBGiKbQvXGCWqljWnikbKr5gN-b93_2k_wG35m20225RCJwECoUCmLCgb6EnoaQ7ewxEut6r4L3kwh4vLvdpdohHv7IKn2iML-npjq9L3k3XjcB7p8JLpM1zu2un3FM2pPxxioAdqcrtTYJJkVY1o7Ph_hZ2-Hdou_Fz-hn-bjMqEm7kjgBy5UbxnRV8_P04zm8F1OXJJyBIzMMsIiAs9SMy-yRTNGTJME76qx88Yb5y0Zo9bSwPbFaaEsFp5aoNv0rxNuFcy3uwKOIOfa1P72J-trrqXCXGuxM8M98q23OTuIyY-p9e0B_CkssCxwz4_6yhNpgF6SflaNtKDD2MoBM68nHpVzVmlt-I0q3WjZfAdIQW1Tdv6TDfWShgPK9izRTnOQXrE4n3uxn_a501OK1pwlUYim6XVIV1BQT4WUhb4pLEb8xPhpaHlOuRbcTb29pDRQxl69GrdKVxLVy234uKbgHpWwzsjS_3lT7zTAuw3a9HNJDeR82_m9epgLvNErZoqRtxyn9wag91ihZb16K8DGLsFVMVTFEZolfnOXRLdd4zFa3Qx_yCBqA8Bq6VBApwvg1PPb0yX-GnDoYoAuaW82ShugtorkHQCRcVOKJ7Q0KYnWfEClZj6EDY5NZsM3tJTPW0Rn6W6gaq5QdCJtLFCbI0r-STPd-ExwFU9ZHbjJj_0CA1sue8ycM-T3O6EEN6zzB-y7OfFnCOO7f60i8DE4lBAtv9rOmX_PIzKTJ4ytFTvikw4Dx2W05olWrJJGPLQ_o65dJBGBhMo8mOovWiyN29-lK2rHyaMyhBdey6Ahho5UI86S7w7m3nxr-03FxQRiz-RtIfOLoLv7-N-VNb23Upi_xYNUy4_a8XQt8E8xPAcRNeYlBTRJ-lBvPGwumoimpkA-9r-bXhEqwShC9o1cOhqUX0RnBHWx161Zsm9nWNIXXP79PfZNpgHKxoQJEtEr17xVBaqhq6CMk8uA5fGfTepvp-DylEqAeIkVf3v11i6fKqKQ5Jw&c=a0c399bb&v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f47e3b59304f68f6498c6695e0a03add9ed8f6e4d1d9c13614235a7db2ecf4f8

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: Ce6vOPc2xfWUwRLOmV1qYzYigFaU9Cvw
content-encoding: gzip
age: 139
x-cache: HIT
status: 200
date: Wed, 16 Jan 2019 16:08:03 GMT
x-amz-replication-status: PENDING
content-length: 7037
x-amz-id-2: bn2cDs22qz1GbDK96mDze/f6IJuyc35GLbaITyRVdI3PWANc+kmB+99hHQ/fZ9yKE52rjR0ySUw=
x-served-by: cache-hhn1527-HHN
last-modified: Wed, 16 Jan 2019 16:05:44 GMT
server: AmazonS3
x-timer: S1547654884.835907,VS0,VE0
etag: "7101549d18e311965f9aa828d783f09f"
vary: Accept-Encoding
x-amz-request-id: 71B1718984ABB224
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 80
x-cache-hits: 1114

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 4 KB
2 KB 98ms
15ms Script
application/x-javascript 23.211.2.209
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: paid.outbrain.com
URL: https://paid.outbrain.com/network/redir?p=trDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67iDt0AAgzcS3txMBGiKbQvXGCWqljWnikbKr5gN-b93_2k_wG35m20225RCJwECoUCmLCgb6EnoaQ7ewxEut6r4L3kwh4vLvdpdohHv7IKn2iML-npjq9L3k3XjcB7p8JLpM1zu2un3FM2pPxxioAdqcrtTYJJkVY1o7Ph_hZ2-Hdou_Fz-hn-bjMqEm7kjgBy5UbxnRV8_P04zm8F1OXJJyBIzMMsIiAs9SMy-yRTNGTJME76qx88Yb5y0Zo9bSwPbFaaEsFp5aoNv0rxNuFcy3uwKOIOfa1P72J-trrqXCXGuxM8M98q23OTuIyY-p9e0B_CkssCxwz4_6yhNpgF6SflaNtKDD2MoBM68nHpVzVmlt-I0q3WjZfAdIQW1Tdv6TDfWShgPK9izRTnOQXrE4n3uxn_a501OK1pwlUYim6XVIV1BQT4WUhb4pLEb8xPhpaHlOuRbcTb29pDRQxl69GrdKVxLVy234uKbgHpWwzsjS_3lT7zTAuw3a9HNJDeR82_m9epgLvNErZoqRtxyn9wag91ihZb16K8DGLsFVMVTFEZolfnOXRLdd4zFa3Qx_yCBqA8Bq6VBApwvg1PPb0yX-GnDoYoAuaW82ShugtorkHQCRcVOKJ7Q0KYnWfEClZj6EDY5NZsM3tJTPW0Rn6W6gaq5QdCJtLFCbI0r-STPd-ExwFU9ZHbjJj_0CA1sue8ycM-T3O6EEN6zzB-y7OfFnCOO7f60i8DE4lBAtv9rOmX_PIzKTJ4ytFTvikw4Dx2W05olWrJJGPLQ_o65dJBGBhMo8mOovWiyN29-lK2rHyaMyhBdey6Ahho5UI86S7w7m3nxr-03FxQRiz-RtIfOLoLv7-N-VNb23Upi_xYNUy4_a8XQt8E8xPAcRNeYlBTRJ-lBvPGwumoimpkA-9r-bXhEqwShC9o1cOhqUX0RnBHWx161Zsm9nWNIXXP79PfZNpgHKxoQJEtEr17xVBaqhq6CMk8uA5fGfTepvp-DylEqAeIkVf3v11i6fKqKQ5Jw&c=a0c399bb&v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.2.209 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-2-209.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8623cf8cecc8d3054769a703af48ff942b71a086f6d8c041f87c1f1d78c6dea9

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 16 Jan 2019 16:08:03 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Jan 2019 09:05:51 GMT
Server: Apache
ETag: "082b1a2194370e4f778215e6bb207aee:1547370351"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1943
Expires: Wed, 16 Jan 2019 16:28:03 GMT

GET
H2

200

activityi;dc_pre=CPCH49zX8t8CFcOwewod4ncCQA;src=6784673;type=invmedia;cat=globa0;ord=9961170301172;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3D...
6784673.fls.doubleclick.net/ Frame CF70
Redirect Chain

https://6784673.fls.doubleclick.net/activityi;src=6784673;type=invmedia;cat=globa0;ord=9961170301172;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%...
https://6784673.fls.doubleclick.net/activityi;dc_pre=CPCH49zX8t8CFcOwewod4ncCQA;src=6784673;type=invmedia;cat=globa0;ord=9961170301172;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww...

0
0

61ms
60ms

Document
text/html

172.217.22.70
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://6784673.fls.doubleclick.net/activityi;dc_pre=CPCH49zX8t8CFcOwewod4ncCQA;src=6784673;type=invmedia;cat=globa0;ord=9961170301172;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SHZWT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.70 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f70.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: 6784673.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPCH49zX8t8CFcOwewod4ncCQA;src=6784673;type=invmedia;cat=globa0;ord=9961170301172;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 16 Jan 2019 16:08:04 GMT
expires: Wed, 16 Jan 2019 16:08:04 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 448
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUmGSFBb3JDdOznwgM__GXitVKcmJfIkFhzU_IDgi_I6pp-FYnpg_j99xXgx; expires=Mon, 10-Feb-2020 16:08:04 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 16 Jan 2019 16:08:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6784673.fls.doubleclick.net/activityi;dc_pre=CPCH49zX8t8CFcOwewod4ncCQA;src=6784673;type=invmedia;cat=globa0;ord=9961170301172;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Wed, 16-Jan-2019 16:23:04 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2

200

activityi;dc_pre=CKSM49zX8t8CFYK43godx7sBuA;src=6784673;type=invmedia;cat=rt_pa0;ord=4242240554971;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3D...
6784673.fls.doubleclick.net/ Frame 745D
Redirect Chain

https://6784673.fls.doubleclick.net/activityi;src=6784673;type=invmedia;cat=rt_pa0;ord=4242240554971;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%...
https://6784673.fls.doubleclick.net/activityi;dc_pre=CKSM49zX8t8CFYK43godx7sBuA;src=6784673;type=invmedia;cat=rt_pa0;ord=4242240554971;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww...

0
0

39ms
39ms

Document
text/html

172.217.22.70
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://6784673.fls.doubleclick.net/activityi;dc_pre=CKSM49zX8t8CFYK43godx7sBuA;src=6784673;type=invmedia;cat=rt_pa0;ord=4242240554971;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4SHZWT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.70 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f70.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: 6784673.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKSM49zX8t8CFYK43godx7sBuA;src=6784673;type=invmedia;cat=rt_pa0;ord=4242240554971;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 16 Jan 2019 16:08:04 GMT
expires: Wed, 16 Jan 2019 16:08:04 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 450
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUlZBW16Yq0u0vCDbT_vQf1Xan7q3NBFeZhe3txNzd_gi6LqVKDuTQ7EKt4v; expires=Mon, 10-Feb-2020 16:08:04 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 16 Jan 2019 16:08:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6784673.fls.doubleclick.net/activityi;dc_pre=CKSM49zX8t8CFYK43godx7sBuA;src=6784673;type=invmedia;cat=rt_pa0;ord=4242240554971;gtm=2wgbc0;auiddc=896285346.1547654884;~oref=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Wed, 16-Jan-2019 16:23:04 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 j-GHT1gpo6-.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 267F 0
0 33ms
7ms Document
text/html 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 14 Jan 2020 21:35:29 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: G3Eq/9sONI9u3iNXbBco6LnDXzSgA+O3kiJIKlg/et/W1cE+NPM8H3FFsL5oDSigkr6USMyIDVxG5ZSQ4ikJoA==
content-length: 12076
date: Wed, 16 Jan 2019 16:08:03 GMT

GET
H2 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
450 B 130ms
34ms Script
application/x-javascript 188.125.66.33
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&jsonp=YAHOO.ywa.I13N.handleJSONResponse&d=Wed%2C%2016%20Jan%202019%2016%3A08%3A03%20GMT&n=0&b=Government%20Program%20Offers%20Up%20To%20%24350%2FMonth%20House%20Payment%20Reduction%2C%20You%20Can%20Check%20In%202%20Minutes%20If%20You%20Qualify&.yp=11773&f=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN&e=https%3A%2F%2Fpaid.outbrain.com%2Fnetwork%2Fredir%3Fp%3DtrDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67iDt0AAgzcS3txMBGiKbQvXGCWqljWnikbKr5gN-b93_2k_wG35m20225RCJwECoUCmLCgb6EnoaQ7ewxEut6r4L3kwh4vLvdpdohHv7IKn2iML-npjq9L3k3XjcB7p8JLpM1zu2un3FM2pPxxioAdqcrtTYJJkVY1o7Ph_hZ2-Hdou_Fz-hn-bjMqEm7kjgBy5UbxnRV8_P04zm8F1OXJJyBIzMMsIiAs9SMy-yRTNGTJME76qx88Yb5y0Zo9bSwPbFaaEsFp5aoNv0rxNuFcy3uwKOIOfa1P72J-trrqXCXGuxM8M98q23OTuIyY-p9e0B_CkssCxwz4_6yhNpgF6SflaNtKDD2MoBM68nHpVzVmlt-I0q3WjZfAdIQW1Tdv6TDfWShgPK9izRTnOQXrE4n3uxn_a501OK1pwlUYim6XVIV1BQT4WUhb4pLEb8xPhpaHlOuRbcTb29pDRQxl69GrdKVxLVy234uKbgHpWwzsjS_3lT7zTAuw3a9HNJDeR82_m9epgLvNErZoqRtxyn9wag91ihZb16K8DGLsFVMVTFEZolfnOXRLdd4zFa3Qx_yCBqA8Bq6VBApwvg1PPb0yX-GnDoYoAuaW82ShugtorkHQCRcVOKJ7Q0KYnWfEClZj6EDY5NZsM3tJTPW0Rn6W6gaq5QdCJtLFCbI0r-STPd-ExwFU9ZHbjJj_0CA1sue8ycM-T3O6EEN6zzB-y7OfFnCOO7f60i8DE4lBAtv9rOmX_PIzKTJ4ytFTvikw4Dx2W05olWrJJGPLQ_o65dJBGBhMo8mOovWiyN29-lK2rHyaMyhBdey6Ahho5UI86S7w7m3nxr-03FxQRiz-RtIfOLoLv7-N-VNb23Upi_xYNUy4_a8XQt8E8xPAcRNeYlBTRJ-lBvPGwumoimpkA-9r-bXhEqwShC9o1cOhqUX0RnBHWx161Zsm9nWNIXXP79PfZNpgHKxoQJEtEr17xVBaqhq6CMk8uA5fGfTepvp-DylEqAeIkVf3v11i6fKqKQ5Jw%26c%3Da0c399bb%26v%3D3&enc=UTF-8

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 16 Jan 2019 16:08:04 GMT
via: http/1.1 spdc0001.pbp.ir2.yahoo.com (ApacheTrafficServer)
x-content-type-options: nosniff
age: 0
status: 200
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Wed, 16 Jan 2019 16:08:04 GMT

GET
H2 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
95 B 130ms
35ms Script
application/x-javascript 188.125.66.33
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&jsonp=YAHOO.ywa.I13N.handleJSONResponse&b=Government%20Program%20Offers%20Up%20To%20%24350%2FMonth%20House%20Payment%20Reduction%2C%20You%20Can%20Check%20In%202%20Minutes%20If%20You%20Qualify&.yp=10070230&f=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN&e=https%3A%2F%2Fpaid.outbrain.com%2Fnetwork%2Fredir%3Fp%3DtrDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67iDt0AAgzcS3txMBGiKbQvXGCWqljWnikbKr5gN-b93_2k_wG35m20225RCJwECoUCmLCgb6EnoaQ7ewxEut6r4L3kwh4vLvdpdohHv7IKn2iML-npjq9L3k3XjcB7p8JLpM1zu2un3FM2pPxxioAdqcrtTYJJkVY1o7Ph_hZ2-Hdou_Fz-hn-bjMqEm7kjgBy5UbxnRV8_P04zm8F1OXJJyBIzMMsIiAs9SMy-yRTNGTJME76qx88Yb5y0Zo9bSwPbFaaEsFp5aoNv0rxNuFcy3uwKOIOfa1P72J-trrqXCXGuxM8M98q23OTuIyY-p9e0B_CkssCxwz4_6yhNpgF6SflaNtKDD2MoBM68nHpVzVmlt-I0q3WjZfAdIQW1Tdv6TDfWShgPK9izRTnOQXrE4n3uxn_a501OK1pwlUYim6XVIV1BQT4WUhb4pLEb8xPhpaHlOuRbcTb29pDRQxl69GrdKVxLVy234uKbgHpWwzsjS_3lT7zTAuw3a9HNJDeR82_m9epgLvNErZoqRtxyn9wag91ihZb16K8DGLsFVMVTFEZolfnOXRLdd4zFa3Qx_yCBqA8Bq6VBApwvg1PPb0yX-GnDoYoAuaW82ShugtorkHQCRcVOKJ7Q0KYnWfEClZj6EDY5NZsM3tJTPW0Rn6W6gaq5QdCJtLFCbI0r-STPd-ExwFU9ZHbjJj_0CA1sue8ycM-T3O6EEN6zzB-y7OfFnCOO7f60i8DE4lBAtv9rOmX_PIzKTJ4ytFTvikw4Dx2W05olWrJJGPLQ_o65dJBGBhMo8mOovWiyN29-lK2rHyaMyhBdey6Ahho5UI86S7w7m3nxr-03FxQRiz-RtIfOLoLv7-N-VNb23Upi_xYNUy4_a8XQt8E8xPAcRNeYlBTRJ-lBvPGwumoimpkA-9r-bXhEqwShC9o1cOhqUX0RnBHWx161Zsm9nWNIXXP79PfZNpgHKxoQJEtEr17xVBaqhq6CMk8uA5fGfTepvp-DylEqAeIkVf3v11i6fKqKQ5Jw%26c%3Da0c399bb%26v%3D3&enc=UTF-8

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 16 Jan 2019 16:08:04 GMT
via: http/1.1 spdc0001.pbp.ir2.yahoo.com (ApacheTrafficServer)
x-content-type-options: nosniff
age: 0
status: 200
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Wed, 16 Jan 2019 16:08:04 GMT

GET
H2 204 unip Show response
trc.taboola.com/1119445/log/3/ 0
401 B 49ms
21ms XHR
image/gif 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1119445/log/3/unip?en=page_view&tim=1547654884006
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
Origin: https://www.fetcharate.com

Response headers

date: Wed, 16 Jan 2019 16:08:04 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-cache-hits: 0
x-served-by: cache-hhn1527-HHN
pragma: no-cache
server: nginx
x-timer: S1547654884.038353,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://www.fetcharate.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 unip Show response
trc.taboola.com/1022678/log/3/ 0
146 B 20ms
20ms XHR
image/gif 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1022678/log/3/unip?en=page_view&tim=1547654884036
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
Origin: https://www.fetcharate.com

Response headers

date: Wed, 16 Jan 2019 16:08:04 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-cache-hits: 0
x-served-by: cache-hhn1527-HHN
pragma: no-cache
server: nginx
x-timer: S1547654884.039738,VS0,VE8
content-type: image/gif
access-control-allow-origin: https://www.fetcharate.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel
tr.outbrain.com/ 43 B
254 B 133ms
87ms Image
image/gif 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.outbrain.com/pixel?marketerId=004ef4122526ba9b9c997078fd9cfb244f&obApiVersion=1.0.10&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN&optOut=false&bust=008700214877665591

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: NYDC1, JFK, HHN, Europe1
x-timer: S1547654884.122513,VS0,VE80
date: Wed, 16 Jan 2019 16:08:04 GMT
x-cache: MISS, MISS
content-type: image/gif;
status: 200
cache-control: no-cache
backend-ip: 104.156.90.33
x-cache-hits: 0, 0
accept-ranges: bytes, bytes
content-length: 60
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-jfk8133-JFK, cache-hhn1527-HHN

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
269 B 480ms
116ms Image
image/gif 64.74.236.19
Outbrain

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amplifypixel.outbrain.com/pixel?mid=004ef4122526ba9b9c997078fd9cfb244f&dl=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN&bust=01266910028699706

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.74.236.19 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 16 Jan 2019 16:08:04 GMT
Cache-Control: no-cache
Content-Encoding: gzip
Content-Length: 60
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;

GET
H2 200 like.php
www.facebook.com/v3.0/plugins/ Frame D952 0
0 108ms
81ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df25a0bc006da114%26domain%3Dwww.fetcharate.com%26origin%3Dhttps%253A%252F%252Fwww.fetcharate.com%252Ff290af24ebeb458%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df25a0bc006da114%26domain%3Dwww.fetcharate.com%26origin%3Dhttps%253A%252F%252Fwww.fetcharate.com%252Ff290af24ebeb458%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false&size=small
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
facebook-api-version: v3.0
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: 76oSuhe0ewcCIud2a781NKsytGIGEWULzCKCA/CcNKyRav+C7JIz59AjufG/WanWYSKl4WDFT08MR/SO5BhLKg==
date: Wed, 16 Jan 2019 16:08:04 GMT

GET
H2 200 like.php
www.facebook.com/v3.0/plugins/ Frame 894E 0
0 102ms
80ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df3483d277f1c64%26domain%3Dwww.fetcharate.com%26origin%3Dhttps%253A%252F%252Fwww.fetcharate.com%252Ff290af24ebeb458%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df3483d277f1c64%26domain%3Dwww.fetcharate.com%26origin%3Dhttps%253A%252F%252Fwww.fetcharate.com%252Ff290af24ebeb458%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false&size=small
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
facebook-api-version: v3.0
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: 8I238knoyFbLPdvQkH3veJSw7CCikA1l3O8FNy8KoZlcmHnCaRr7tD/Cny5iHCmMIzvVi4hInjUTFg2b+1Axog==
date: Wed, 16 Jan 2019 16:08:04 GMT

GET
H2 200 page.php
www.facebook.com/v3.0/plugins/ Frame 3DD8 0
0 274ms
256ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df385e14401a4%26domain%3Dwww.fetcharate.com%26origin%3Dhttps%253A%252F%252Fwww.fetcharate.com%252Ff290af24ebeb458%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FFetcharate-155314494668736%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df385e14401a4%26domain%3Dwww.fetcharate.com%26origin%3Dhttps%253A%252F%252Fwww.fetcharate.com%252Ff290af24ebeb458%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FFetcharate-155314494668736%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
facebook-api-version: v3.0
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: UlIc/GgrDHfMWMTyYUEg90sMufuwSgxDnS6LUNRVo3dPxYHNTTvMUtnmlv9Zfc8576deuhJ1N4uvJ+m8OH0C9Q==
date: Wed, 16 Jan 2019 16:08:04 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 20ms
18ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1041002978

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

762a162d2e61989a1b2ed0bf516e6bdb4d8d00abf4773bca50b033444e0437f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 16 Jan 2019 16:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 8898
x-xss-protection: 1; mode=block
server: cafe
etag: 12426384907228739869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Jan 2019 16:08:04 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1041002978/ 4 KB
2 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1041002978/?random=1547654884143&cv=9&fst=1547654884143&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=2oabc0&sendb=1&frm=0&url=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN&ref=https%3A%2F%2Fpaid.outbrain.com%2Fnetwork%2Fredir%3Fp%3DtrDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67iDt0AAgzcS3txMBGiKbQvXGCWqljWnikbKr5gN-b93_2k_wG35m20225RCJwECoUCmLCgb6EnoaQ7ewxEut6r4L3kwh4vLvdpdohHv7IKn2iML-npjq9L3k3XjcB7p8JLpM1zu2un3FM2pPxxioAdqcrtTYJJkVY1o7Ph_hZ2-Hdou_Fz-hn-bjMqEm7kjgBy5UbxnRV8_P04zm8F1OXJJyBIzMMsIiAs9SMy-yRTNGTJME76qx88Yb5y0Zo9bSwPbFaaEsFp5aoNv0rxNuFcy3uwKOIOfa1P72J-trrqXCXGuxM8M98q23OTuIyY-p9e0B_CkssCxwz4_6yhNpgF6SflaNtKDD2MoBM68nHpVzVmlt-I0q3WjZfAdIQW1Tdv6TDfW&tiba=Government%20Program%20Offers%20Up%20To%20%24350%2FMonth%20House%20Payment%20Reduction%2C%20You%20Can%20Check%20In%202%20Minutes%20If%20You%20Qualify&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

24f5ca59da25f5c70e0ffb0cc3d4f03366a156a0145482a21234f8cc1a7964a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jan 2019 16:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1597
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1041002978/ 42 B
112 B 38ms
22ms Image
image/gif 2a00:1450:4001:808::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1041002978/?random=1547654884143&cv=9&fst=1547654400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=2oabc0&sendb=1&frm=0&url=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN&ref=https%3A%2F%2Fpaid.outbrain.com%2Fnetwork%2Fredir%3Fp%3DtrDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67iDt0AAgzcS3txMBGiKbQvXGCWqljWnikbKr5gN-b93_2k_wG35m20225RCJwECoUCmLCgb6EnoaQ7ewxEut6r4L3kwh4vLvdpdohHv7IKn2iML-npjq9L3k3XjcB7p8JLpM1zu2un3FM2pPxxioAdqcrtTYJJkVY1o7Ph_hZ2-Hdou_Fz-hn-bjMqEm7kjgBy5UbxnRV8_P04zm8F1OXJJyBIzMMsIiAs9SMy-yRTNGTJME76qx88Yb5y0Zo9bSwPbFaaEsFp5aoNv0rxNuFcy3uwKOIOfa1P72J-trrqXCXGuxM8M98q23OTuIyY-p9e0B_CkssCxwz4_6yhNpgF6SflaNtKDD2MoBM68nHpVzVmlt-I0q3WjZfAdIQW1Tdv6TDfW&tiba=Government%20Program%20Offers%20Up%20To%20%24350%2FMonth%20House%20Payment%20Reduction%2C%20You%20Can%20Check%20In%202%20Minutes%20If%20You%20Qualify&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=1107560715&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jan 2019 16:08:04 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1041002978/ 42 B
109 B 40ms
23ms Image
image/gif 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1041002978/?random=1547654884143&cv=9&fst=1547654400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=2oabc0&sendb=1&frm=0&url=https%3A%2F%2Fwww.fetcharate.com%2Fpa%2F%3Fpag_ref%3Dobstim%26csg_ref%3Dc_4140%26camp_id%3Dstate_may_pay_off_your_home_if_you_live_near_city%26keyword%3Djthinkin%26tg_ref%3Daugmobta%26sub2%3DCNN%2B%2528Turner%2BU.S.%2529_CNN&ref=https%3A%2F%2Fpaid.outbrain.com%2Fnetwork%2Fredir%3Fp%3DtrDHtbway0FPx02GdhDhX8z4yqzOcL2YgSHdT7_qsG50SK4tc_4FC30ObNFzBsW5wAz1JOTHSvpI-b67iDt0AAgzcS3txMBGiKbQvXGCWqljWnikbKr5gN-b93_2k_wG35m20225RCJwECoUCmLCgb6EnoaQ7ewxEut6r4L3kwh4vLvdpdohHv7IKn2iML-npjq9L3k3XjcB7p8JLpM1zu2un3FM2pPxxioAdqcrtTYJJkVY1o7Ph_hZ2-Hdou_Fz-hn-bjMqEm7kjgBy5UbxnRV8_P04zm8F1OXJJyBIzMMsIiAs9SMy-yRTNGTJME76qx88Yb5y0Zo9bSwPbFaaEsFp5aoNv0rxNuFcy3uwKOIOfa1P72J-trrqXCXGuxM8M98q23OTuIyY-p9e0B_CkssCxwz4_6yhNpgF6SflaNtKDD2MoBM68nHpVzVmlt-I0q3WjZfAdIQW1Tdv6TDfW&tiba=Government%20Program%20Offers%20Up%20To%20%24350%2FMonth%20House%20Payment%20Reduction%2C%20You%20Can%20Check%20In%202%20Minutes%20If%20You%20Qualify&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=1107560715&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fetcharate.com/pa/?pag_ref=obstim&csg_ref=c_4140&camp_id=state_may_pay_off_your_home_if_you_live_near_city&keyword=jthinkin&tg_ref=augmobta&sub2=CNN+%28Turner+U.S.%29_CNN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jan 2019 16:08:04 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 07:15:50	Name: IDE Value: AHWqTUmGSFBb3JDdOznwgM__GXitVKcmJfIkFhzU_IDgi_I6pp-FYnpg_j99xXgx
.fetcharate.com/	1970-01-19 00:03:50	Name: _gcl_au Value: 1.1.896285346.1547654884
www.fetcharate.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3AspKcHdrFp9O5H4STYDoz3FYp9eJy_LeK.ySYFYprobqnfEd2CAyiJdZivAxbuFO3aiQwJVagsEDE
.fetcharate.com/	1970-01-19 15:25:26	Name: visitorId Value: 3084db9b-97b8-4818-844b-77d0091fa96e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6784673.fls.doubleclick.net
ajax.googleapis.com
amplify.outbrain.com
amplifypixel.outbrain.com
cdn.ravenjs.com
cdn.taboola.com
connect.facebook.net
d24lmrlk349cdv.cloudfront.net
fonts.gstatic.com
googleads.g.doubleclick.net
paid.outbrain.com
s.yimg.com
sp.analytics.yahoo.com
staticxx.facebook.com
tr.outbrain.com
trc.taboola.com
www.facebook.com
www.fetcharate.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
151.101.2.2
172.217.22.66
172.217.22.70
188.125.66.33
23.211.2.209
2600:1f14:74a:1a02:31ee:80e7:901f:4dea
2600:9000:20bb:1e00:1:2a25:bcc0:21
2600:9000:20bb:7800:1:2a25:bcc0:21
2a00:1288:7c:800::4000
2a00:1450:4001:806::200a
2a00:1450:4001:808::2004
2a00:1450:4001:817::2002
2a00:1450:4001:817::2008
2a00:1450:4001:81b::2003
2a00:1450:4001:81e::2003
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::729
64.74.236.19
01027695832f4a3850663c9e798eb03eadfd1462d0b76e7c5ac6465d2d77dbd0
1874b3668bf2c800adc3bf08f2ffb891bfbd732d6a4ea7666ed79797df4fa89f
1e7a32705649c464f7d7e09e0a91b586bd046a0597af1c5e531acf6937c90e6b
24f5ca59da25f5c70e0ffb0cc3d4f03366a156a0145482a21234f8cc1a7964a8
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
428111dee81238e69b69dd1484a01e31c2387f81356b9d568803ad269c9f58a1
466989fd178ca6ed13641893b7003e5d6ec36e42c2a816dee71f87b775ea097f
4b6d78009e6e369507e7d50925b9f2864e05b27820a92862f8b6bcf5c27a8430
5f13acd9c95c41b3d219b3ab195a8bdcf96c011688b6cf56d2809fff7b246cb7
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
762a162d2e61989a1b2ed0bf516e6bdb4d8d00abf4773bca50b033444e0437f1
8623cf8cecc8d3054769a703af48ff942b71a086f6d8c041f87c1f1d78c6dea9
95e2e7e8e93a56abca0304f7767116561983cb8a0fe91f437e663bd0c1d6026e
9fe9ed580719e3e40ac353ea81163e063ccde4e36379938d5a7824f48fe6b146
bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a
c092eb0912db76d1cc78fc36dfdaebe947d55c47d7a840668a92b3c1ba99b6da
d07c51088e29fde056ae4fcd5af4abb9c5d4ece34570ca21585a2e84e5c3beff
d1ab327cfb5a3be6f970bcd03b6be1224ff6986c6a47874c9f779ac6b640e30a
e0588533b015c798c11b6c2ec68f28c0b23eb38c36ae8a7d9a402a01aab0f545
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28d328802e1dfdd17e4e24fd54428ea0e4d2d99225c8e5d113ccf4702974d20
f47e3b59304f68f6498c6695e0a03add9ed8f6e4d1d9c13614235a7db2ecf4f8
f820fcb9b7aead9082aae5e53cf771fd24ef3a43615ae643d2c43ffaf8128910

www.fetcharate.com Open in urlscan Pro 2600:1f14:74a:1a02:31ee:80e7:901f:4dea Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

68 %IPv6

16 Domains

22 Subdomains

19 IPs

4 Countries

487 kBTransfer

951 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fetcharate.com Open in urlscan Pro
2600:1f14:74a:1a02:31ee:80e7:901f:4dea Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

68 %
IPv6

16
Domains

22
Subdomains

19
IPs

4
Countries

487 kB
Transfer

951 kB
Size

4
Cookies

35 HTTP transactions
0 data transactions