chwsavings.com Open in urlscan Pro
146.20.84.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/1ypogpg88ix28jvv/a41a907.html
Effective URL:
https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Submission: On October 29 via api (October 29th 2021, 7:31:12 am UTC) from BE — Scanned from DE

Summary HTTP 100 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 28 IPs in 3 countries across 49 domains to perform 100 HTTP transactions. The main IP is 146.20.84.216, located in San Antonio, United States and belongs to RACKSPACE, US. The main domain is chwsavings.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 15th 2021. Valid for: a year.

This is the only time chwsavings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	142.250.185.240 142.250.185.240	15169 (GOOGLE) (GOOGLE)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 1	5.133.15.146 5.133.15.146	197155 (ARTNET) (ARTNET)
1 1	54.154.148.1 54.154.148.1	16509 (AMAZON-02) (AMAZON-02)
23	146.20.84.216 146.20.84.216	27357 (RACKSPACE) (RACKSPACE)
3	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	() ()
1	18.66.112.100 18.66.112.100	16509 (AMAZON-02) (AMAZON-02)
1	13.225.85.149 13.225.85.149	16509 (AMAZON-02) (AMAZON-02)
2	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
2	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1 2	64.233.166.155 64.233.166.155	15169 (GOOGLE) (GOOGLE)
1 4	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
4	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	() ()
1 2	142.250.184.232 142.250.184.232	() ()
2	157.240.20.19 157.240.20.19	() ()
3	13.107.21.200 13.107.21.200	() ()
1	13.224.195.8 13.224.195.8	() ()
1 1	35.227.244.1 35.227.244.1	() ()
3	18.66.122.10 18.66.122.10	() ()
1 25	52.46.133.124 52.46.133.124	() ()
6	104.18.6.244 104.18.6.244	() ()
1	157.240.20.35 157.240.20.35	() ()
1 1	3.127.52.31 3.127.52.31	() ()
2 2	18.194.61.148 18.194.61.148	() ()
1 1	104.89.42.102 104.89.42.102	() ()
4 4	18.156.0.31 18.156.0.31	() ()
2 2	54.93.162.63 54.93.162.63	() ()
2 2	18.194.84.14 18.194.84.14	() ()
1	52.202.196.233 52.202.196.233	() ()
1	212.82.100.182 212.82.100.182	() ()
1	104.22.24.87 104.22.24.87	() ()
1 1	2.21.142.210 2.21.142.210	() ()
1 1	143.204.103.201 143.204.103.201	() ()
1	3.94.65.142 3.94.65.142	() ()
1 1	34.192.56.19 34.192.56.19	() ()
1	69.173.144.139 69.173.144.139	() ()
2 2	52.17.185.148 52.17.185.148	() ()
1 1	34.98.67.61 34.98.67.61	() ()
2 2	37.157.4.24 37.157.4.24	() ()
2 2	185.94.180.126 185.94.180.126	() ()
2 2	142.250.185.226 142.250.185.226	() ()
2 2	13.32.99.105 13.32.99.105	() ()
2 2	34.98.64.218 34.98.64.218	() ()
2 2	2.21.141.232 2.21.141.232	() ()
2 2	77.243.60.138 77.243.60.138	() ()
2 2	185.33.221.15 185.33.221.15	() ()
1 1	69.173.144.165 69.173.144.165	() ()
1	34.254.143.3 34.254.143.3	() ()
100	28

1 142.250.185.240 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f16.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.133.15.146 (Poland) 1 redirects

ASN197155 (ARTNET, PL)
PTR: d15146.artnet.gda.pl

placestogo.org.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.148.1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-148-1.eu-west-1.compute.amazonaws.com

track.qpuue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 146.20.84.216 (San Antonio, United States)

ASN27357 (RACKSPACE, US)

chwsavings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.chwplan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.100 (United States)

ASN16509 (AMAZON-02, US)

cdn.datasteam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.85.149 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-149.fra2.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.166.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wm-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.232 (None, ) 1 redirects

ASN- ()

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.20.19 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.200 (None, )

ASN- ()

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.8 (None, )

ASN- ()

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.244.1 (None, ) 1 redirects

ASN- ()

shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.122.10 (None, )

ASN- ()

d3rr3d0n31t48m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 52.46.133.124 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.6.244 (None, )

ASN- ()

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
at1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sca1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.20.35 (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.52.31 (None, ) 1 redirects

ASN- ()

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.61.148 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.42.102 (None, ) 1 redirects

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (None, ) 4 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.162.63 (None, ) 2 redirects

ASN- ()

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.84.14 (None, ) 2 redirects

ASN- ()

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.196.233 (None, )

ASN- ()

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (None, )

ASN- ()

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.24.87 (None, )

ASN- ()

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.142.210 (None, ) 1 redirects

ASN- ()

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.103.201 (None, ) 1 redirects

ASN- ()

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.94.65.142 (None, )

ASN- ()

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.56.19 (None, ) 1 redirects

ASN- ()

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.185.148 (None, ) 2 redirects

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (None, ) 1 redirects

ASN- ()

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (None, ) 2 redirects

ASN- ()

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (None, ) 2 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.105 (None, ) 2 redirects

ASN- ()

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (None, ) 2 redirects

ASN- ()

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.141.232 (None, ) 2 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (None, ) 2 redirects

ASN- ()

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.15 (None, ) 2 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, ) 1 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (None, )

ASN- ()

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	20 KB
22	chwsavings.com chwsavings.com	2 MB
7	listrakbi.com cdn.listrakbi.com s1.listrakbi.com at1.listrakbi.com sca1.listrakbi.com	25 KB
6	doubleclick.net 3 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	4 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com cms.analytics.yahoo.com	3 KB
4	google.be www.google.be	692 B
4	google.com 1 redirects www.google.com	621 B
4	google-analytics.com 1 redirects www.google-analytics.com ssl.google-analytics.com	37 KB
3	cloudfront.net d3rr3d0n31t48m.cloudfront.net	52 KB
3	bing.com bat.bing.com	11 KB
3	googletagmanager.com www.googletagmanager.com	112 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	semasio.net 2 redirects uipglob.semasio.net	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	openx.net 2 redirects us-u.openx.net	620 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com	740 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	adform.net 2 redirects c1.adform.net	998 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	rubiconproject.com 1 redirects pixel.rubiconproject.com token.rubiconproject.com	571 B
2	myvisualiq.net 2 redirects t.myvisualiq.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	659 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	facebook.net connect.facebook.net	37 KB
2	gstatic.com fonts.gstatic.com	63 KB
2	googleadservices.com www.googleadservices.com	32 KB
2	googleapis.com storage.googleapis.com fonts.googleapis.com	2 KB
1	exelator.com loadus.exelator.com	324 B
1	mookie1.com 1 redirects odr.mookie1.com	604 B
1	samba.tv 1 redirects ads.samba.tv	292 B
1	samplicio.us usersync.samplicio.us	263 B
1	imdb.com 1 redirects www.imdb.com	884 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com	759 B
1	zeotap.com spl.zeotap.com	731 B
1	tremorhub.com amazon.partners.tremorhub.com	183 B
1	bluekai.com 1 redirects tags.bluekai.com	672 B
1	agkn.com 1 redirects aa.agkn.com	337 B
1	facebook.com www.facebook.com	425 B
1	shop.pe 1 redirects shop.pe	239 B
1	adsrvr.org js.adsrvr.org	2 KB
1	datasteam.io cdn.datasteam.io	22 KB
1	chwplan.com www.chwplan.com	20 KB
1	qpuue.com 1 redirects track.qpuue.com	2 KB
1	placestogo.org.uk 1 redirects placestogo.org.uk	287 B
1	bit.ly 1 redirects bit.ly	287 B
0	ninthdecimal.com Failed lciapi.ninthdecimal.com Failed
0	krxd.net Failed beacon.krxd.net Failed
0	serving-sys.com Failed lm.serving-sys.com Failed
0	survata.com Failed px.surveywall-api.survata.com Failed
100	49

	Domain	Requested by
25	s.amazon-adsystem.com	1 redirects chwsavings.com s.amazon-adsystem.com
22	chwsavings.com	chwsavings.com
4	ups.analytics.yahoo.com	4 redirects
4	at1.listrakbi.com	cdn.listrakbi.com
4	www.google.be	chwsavings.com
4	www.google.com	1 redirects chwsavings.com
3	d3rr3d0n31t48m.cloudfront.net	chwsavings.com shop.pe
3	bat.bing.com	chwsavings.com bat.bing.com
3	www.googletagmanager.com	chwsavings.com www.googletagmanager.com
2	ib.adnxs.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	us-u.openx.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	t.myvisualiq.net	2 redirects
2	pixel.advertising.com	2 redirects
2	x.bidswitch.net	2 redirects
2	connect.facebook.net	chwsavings.com connect.facebook.net
2	ssl.google-analytics.com	1 redirects chwsavings.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	stats.g.doubleclick.net	1 redirects www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googleadservices.com	chwsavings.com www.googletagmanager.com
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	odr.mookie1.com	1 redirects
1	pixel.rubiconproject.com	s.amazon-adsystem.com
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	spl.zeotap.com	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	sca1.listrakbi.com	chwsavings.com
1	www.facebook.com	chwsavings.com
1	s1.listrakbi.com	cdn.listrakbi.com
1	shop.pe	1 redirects
1	cdn.listrakbi.com	chwsavings.com
1	js.adsrvr.org	chwsavings.com
1	cdn.datasteam.io	chwsavings.com
1	fonts.googleapis.com	chwsavings.com
1	www.chwplan.com	chwsavings.com
1	track.qpuue.com	1 redirects
1	placestogo.org.uk	1 redirects
1	bit.ly	1 redirects
1	storage.googleapis.com
0	lciapi.ninthdecimal.com Failed	s.amazon-adsystem.com
0	beacon.krxd.net Failed	s.amazon-adsystem.com
0	lm.serving-sys.com Failed	s.amazon-adsystem.com
0	px.surveywall-api.survata.com Failed	s.amazon-adsystem.com
100	58

This site contains links to these domains. Also see Links.

Domain
www.choicehomewarranty.com

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
chwplan.com Go Daddy Secure Certificate Authority - G2	`2021-03-15` - `2022-04-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
cdn.datasteam.io Amazon	`2021-10-20` - `2022-11-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.be GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-07` - `2021-11-05`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.listrakbi.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
listrakbi.com Cloudflare Inc ECC CA-3	`2021-08-09` - `2022-08-08`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.samplicio.us Amazon	`2021-04-17` - `2022-05-16`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Frame ID: 14824FD80B2F2C54A73EF7DBC3399623
Requests: 63 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=371359260793427260&dcc=t
Frame ID: 69E972822C29D1AC406EF0F9E318CD37
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Tp4Wq_v4T7aytJqx_ev2Qw&ep=DvmjCSyxS0N2ecmRSatxTFQzXRAnkJDuZD5cKjWGuNP-ZsMc0BZOU-y7MSlUibpKkuQm76zeTWK9aog4FHz4jSBP8JXuINshs7ErGgjhuQRMRmBa3op6Hzp8cmYIKbk8gPPd8IYa5W5L3sTSTCkxaaFTRvFgvxB2TMXX4n0FSbV4SjvTMkombCa_RcXlxNDLYN_GRa4UFeoMxvURDoM5KA
Frame ID: 9E5B55CB7AB9B9B7363D6B8C85E05DEE
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Choice Home Warranty

Page URL History Show full URLs

https://storage.googleapis.com/1ypogpg88ix28jvv/a41a907.html Page URL
https://bit.ly/3b9dLHE HTTP 301
http://placestogo.org.uk/file.html?cbbbbcccQ5CGcvKDMcdcCJcGcwHQYckzFcbbbbc HTTP 302
http://track.qpuue.com/aff_c?offer_id=3781&aff_id=4680&aff_sub=2_20002_2354236&aff_sub2=1701_611814... HTTP 302
https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8d... Page URL

Page Statistics

100
Requests

69 %
HTTPS

0 %
IPv6

49
Domains

58
Subdomains

28
IPs

3
Countries

2555 kB
Transfer

3455 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.choicehomewarranty.com/user_agreement.php
Title: Click Here

Search URL Search Domain Scan URL

URL: https://www.choicehomewarranty.com/privacy_policy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/1ypogpg88ix28jvv/a41a907.html Page URL
https://bit.ly/3b9dLHE HTTP 301
http://placestogo.org.uk/file.html?cbbbbcccQ5CGcvKDMcdcCJcGcwHQYckzFcbbbbc HTTP 302
http://track.qpuue.com/aff_c?offer_id=3781&aff_id=4680&aff_sub=2_20002_2354236&aff_sub2=1701_6118147_2489966_35&aff_sub3=1 HTTP 302
https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=133145595&utmhn=chwsavings.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Choice%20Home%20Warranty&utmhid=1893763277&utmr=https%3A%2F%2Fstorage.googleapis.com%2F&utmp=%2Fa%2Fa79%2Findex.php%3Futm_source%3Dgwmfm%26utm_campaign%3D4680%26token%3D1027d81ad8276da9e8dfa27ab7ed75&utmht=1635492670706&utmac=UA-6898183-1&utmcc=__utma%3D22644969.952388445.1635492668.1635492671.1635492671.1%3B%2B__utmz%3D22644969.1635492671.1.1.utmcsr%3Dgwmfm%7Cutmccn%3D4680%7Cutmcmd%3D(not%2520set)%3B&utmjid=174865766&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6898183-1&cid=952388445.1635492668&jid=174865766&_v=5.7.2&z=133145595 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=952388445.1635492668&jid=174865766&_v=5.7.2&z=133145595 HTTP 302
https://www.google.be/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=952388445.1635492668&jid=174865766&_v=5.7.2&z=133145595&slf_rd=1&random=2997419002

Request Chain 44

https://shop.pe/widget/widget_async.js HTTP 301
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

Request Chain 45

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=371359260793427260 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=371359260793427260&dcc=t

Request Chain 58

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=165010503954000090946&ex=neustar.biz

Request Chain 59

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=56c4027f8c232d9976e6737706bd76fb

Request Chain 60

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 61

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=TXPyeCJkRDmQheDDr4v6kA HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=TXPyeCJkRDmQheDDr4v6kA&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=TXPyeCJkRDmQheDDr4v6kA

Request Chain 62

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1 HTTP 302
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP30a4785a-388a-11ec-a15c-06bbc839886a HTTP 302
https://s.amazon-adsystem.com/ecm3?id=96a4c21e49d6693c8b95e19b89c57395b7618236&ex=aoldisplay.com

Request Chain 63

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a0f1b53d-f919-4729-a37e-f12a34c37303

Request Chain 67

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=92ff5cadf8c2ae9c4e0bbc33d5e837&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 68

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 70

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e5ff70b5b695a681

Request Chain 72

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=oFBisBgDQBuiQChxXd0CzQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=oFBisBgDQBuiQChxXd0CzQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=14659740173802058302598536844291541627

Request Chain 73

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=sL_0X2cXQKCChnPq-UIjfA HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10828834935344994573&gdpr=&gdpr_consent=

Request Chain 75

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6363465272439359252

Request Chain 76

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=30df48a8-388a-11ec-a249-102ad03c0306 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=30df486a-388a-11ec-a249-102ad03c0306

Request Chain 77

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22a8a6c4c2-4c8a-4be2-9958-cdaa3c5892a1%22,%22Time%22:%2220211029T033111.788628%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEB_E7fuktTKBAtHAgFuwHks&google_cver=1

Request Chain 79

https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

Request Chain 80

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f537bc85f8c65e16675b8aefe6dbcd29

Request Chain 81

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=dd98164f-8aef-c486-3323-e6753b0197c2

Request Chain 82

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KCmUD3mmLjOXsJ3FJG7xajc4dPI4ZgIC

Request Chain 83

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=84A06D11FCEA7FD5

Request Chain 84

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=7773764652822423241&ex=appnexus.com

Request Chain 85

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=HMZyozNA7noVA_txk_x7FA&ex=rubiconproject.com&status=ok

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Tp4Wq_v4T7aytJqx_ev2Qw& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 89

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-sF5hqxp1l2MmqUXupkwYuFOWP9MsBp8-

Request Chain 90

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=935d6c16a205bb99efb2305b6c1822a3b0a51e2c5f4cdbe10cfd2f8d9ae38a2f

Request Chain 91

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=ABEB4591-D4DE-4704-A7DF-65ECA87449EB

Request Chain 92

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=9383f923-bb29-47d2-b1f6-2fffdf611538-tuct87528c0

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 a41a907.html Show response
storage.googleapis.com/1ypogpg88ix28jvv/ 162 B
739 B 29ms
8ms Document
text/html 142.250.185.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/1ypogpg88ix28jvv/a41a907.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.240 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f16.1e100.net
Software: UploadServer /
Resource Hash: a79496c01de9411a906d3b0f5cdb59d6807068218e0fb1169e08db7b408f77f6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-guploader-uploadid: ADPycdvcveCNs0NYbxsbqX5q_RjT0LYhpjR5jZhMMT1DY4mCtNXXKGamyIcRT_mLKK2AOl3CKZH9s7CqCOhxLRQWu9g
expires: Fri, 29 Oct 2021 07:53:41 GMT
date: Fri, 29 Oct 2021 06:53:41 GMT
last-modified: Tue, 26 Oct 2021 11:05:05 GMT
etag: "3e52061a75e85700c36c33673377dc83"
x-goog-generation: 1635246305087985
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 162
content-type: text/html
x-goog-hash: crc32c=Dg84Nw== md5=PlIGGnXoVwDDbDNnM3fcgw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 162
server: UploadServer
cache-control: public, max-age=3600
age: 2245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

Primary Request index.php Show response
chwsavings.com/a/a79/
Redirect Chain

https://bit.ly/3b9dLHE
http://placestogo.org.uk/file.html?cbbbbcccQ5CGcvKDMcdcCJcGcwHQYckzFcbbbbc
http://track.qpuue.com/aff_c?offer_id=3781&aff_id=4680&aff_sub=2_20002_2354236&aff_sub2=1701_6118147_2489966_35&aff_sub3=1
https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

50 KB
12 KB

432ms
112ms

Document
text/html

146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 5cde0534f0d60a8a265bc4cdd6960908d0c193311d75d39806493a8fe5bece0f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storage.googleapis.com/1ypogpg88ix28jvv/a41a907.html

Response headers

Date: Fri, 29 Oct 2021 07:31:07 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=604800
Expires: Fri, 05 Nov 2021 07:31:07 GMT
Content-Length: 11871
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Server: nginx
Date: Fri, 29 Oct 2021 07:31:06 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 302
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Tracking_id: 1027d81ad8276da9e8dfa27ab7ed75
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 3604162cbddd0f1f4ac11d36ff154e00
Access-Control-Allow-Headers: Tune-SDK-Version

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 55ms
33ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6898183-1

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

765a3073885bd13d3a914be071dd962ff894a3d61f930b9f2a3452b860836d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35754
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Oct 2021 07:31:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 63ms
41ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1038983633

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6c69929d8a3625c8a8eb4c8c18bda0c221e12d9a99b620ae2e4a5c356bcce66c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39154
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Oct 2021 07:31:07 GMT

GET
H/1.1 200
OK bootstrap.min.css
chwsavings.com/a/a79/bootstrap/css/ 119 KB
20 KB 103ms
103ms Stylesheet
text/css 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://chwsavings.com/a/a79/bootstrap/css/bootstrap.min.css
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: edd03ab3a1f8f4fee1f13400764eaa7de9b4ec3da31a2de7f2a5a40e2ea181a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "1da10-568e178501dc0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19856
Expires: Fri, 05 Nov 2021 07:31:07 GMT

GET
H/1.1 200
OK font-awesome.css
chwsavings.com/a/a79/bootstrap/css/ 22 KB
5 KB 199ms
95ms Stylesheet
text/css 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://chwsavings.com/a/a79/bootstrap/css/font-awesome.css
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 52b860bf171d4c3ddb8c50fe9b1cf48cd6337c07f0b111788d7ba34aad733299

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "58b3-568e178501dc0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4658
Expires: Fri, 05 Nov 2021 07:31:07 GMT

GET
H/1.1 200
OK style.css
chwsavings.com/a/a79/css/ 3 KB
1 KB 281ms
97ms Stylesheet
text/css 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://chwsavings.com/a/a79/css/style.css?1635492667
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: f3a974df6314eccf6bafadf8a8008e1b9c5e4686688f862c6a4e866f20725d72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "a2b-568e178501dc0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 806
Expires: Fri, 05 Nov 2021 07:31:07 GMT

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
chwsavings.com/a/a79/bootstrap/js/ 94 KB
33 KB 290ms
104ms Script
application/javascript 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://chwsavings.com/a/a79/bootstrap/js/jquery-1.11.1.min.js
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "1762a-568e178501dc0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33225

GET
H/1.1 200
OK masked.min.js Show response
www.chwplan.com/jsinc/ 62 KB
20 KB 704ms
98ms Script
text/javascript 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chwplan.com/jsinc/masked.min.js
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: ee5e6f24e63a934667e065cf35fa4cdb9a1ec3391da17621c3994fdb63bb82ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 18:08:00 GMT
Server: Apache
ETag: "3e1541-f85d-568e1785f6000"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=115
Content-Length: 19485
Expires: Fri, 05 Nov 2021 07:31:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 37ms
16ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,500,700,300

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

9769961274520466f30da2f63030d5adbaaabfcdfba561471df48ec282d30ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 07:31:07 GMT
server: ESF
date: Fri, 29 Oct 2021 07:31:07 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Fri, 29 Oct 2021 07:31:07 GMT

GET
H/1.1 200
OK logo2.png
chwsavings.com/a/a79/images/ 87 KB
88 KB 100ms
99ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/logo2.png
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 7b2751e9f78b28ba219da86ee5acceffb7f9bef80a1db0617023b2da321c16d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "15db6-568e178501dc0"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 89526
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK spinner.gif
chwsavings.com/a/a79/ 21 KB
21 KB 113ms
111ms Image
text/html 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/spinner.gif
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 6661
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK icon1.png
chwsavings.com/a/a79/images/ 15 KB
16 KB 98ms
96ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/icon1.png
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 4540fe3d85b175ac7c0272025c164aee14f38b34d5515d35591fe752eeab7780

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Fri, 08 Oct 2021 21:02:19 GMT
Server: Apache
ETag: "3cf8-5cdddb1e34b7a"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15608
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK icon2.png
chwsavings.com/a/a79/images/ 15 KB
15 KB 102ms
99ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/icon2.png
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 688aa4443fd103dd4eba9512fbd4a0ff2c47b8ebbd4b8c8d4aaef45f4e4f48b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Fri, 10 Apr 2020 00:35:30 GMT
Server: Apache
ETag: "3a92-5a2e4e91b0e88"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14994
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK icon3.png
chwsavings.com/a/a79/images/ 21 KB
21 KB 477ms
95ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/icon3.png
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: f30bf2284e7872587d6aa890cc2611f01e4be6a2fcfdc0003d63c6fa137745c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Fri, 10 Apr 2020 00:35:30 GMT
Server: Apache
ETag: "5233-5a2e4e91c4af0"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 21043
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK repair_b.png
chwsavings.com/a/a79/images/ 28 KB
28 KB 480ms
97ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/repair_b.png
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 342f64eee8020ed8ccd8c957c7c3442acc3fd585a200470edfcd199549a1eae9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "6e3f-568e178501dc0"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 28223
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK replace_b.png
chwsavings.com/a/a79/images/ 145 KB
145 KB 449ms
99ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/replace_b.png
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 81a3487cf49a66c946a642f19c8f0a0d0484c49958d22f13d803f148f635039d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "243ad-568e178501dc0"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 148397
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK 24_b.png
chwsavings.com/a/a79/images/ 30 KB
31 KB 260ms
97ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/24_b.png
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 55b90523aabe14478d4e85de11038ffe927f92a520b2ff59907f5a6755f0df8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "78c2-568e178501dc0"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 30914
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK jquery.validate.js Show response
chwsavings.com/a/a79/ 38 KB
10 KB 100ms
99ms Script
application/javascript 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://chwsavings.com/a/a79/jquery.validate.js
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 93f6ce56be9b5d1cc8f0462801eebf1f4612ed1c5e9e0a389072c7b3fabee5b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "999b-568e178501dc0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 10284

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
18 KB 2603ms
2581ms Script
text/javascript 142.250.186.66

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

5f16dac2da002b531a66f23c20e7889f304391f4e854b50d0cdba2ac2d5b4d1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17666
x-xss-protection: 0
server: cafe
etag: 4889939424608973499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 07:31:10 GMT

GET
H2 200 D24328ECFA2D48.js Show response
cdn.datasteam.io/js/ 66 KB
22 KB 35ms
8ms Script
application/x-javascript 18.66.112.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datasteam.io/js/D24328ECFA2D48.js
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6a5209f9aed9b080f3abafce3859f310b8f122437223d598697fac71175dddb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 12:10:01 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 20:11:45 GMT
server: AmazonS3
age: 69668
etag: W/"a5d544adc89032892f6e37779b40c53d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=600,s-maxage=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: Xvp-mYQmtNJ7yQWD-utPnfyAESUV_S4OJ_LGviCKG-J4pgdRdWQKUQ==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 24ms
7ms Script
application/x-javascript 13.225.85.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.85.149 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-85-149.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 06:07:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 4995
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: euX1Ss7pHz0IljpPO0OgDsfMmCDa-0S0jvbBIomi5Sq8JDai7wWs7Q==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
7ms Script
text/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6898183-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 5434
date: Fri, 29 Oct 2021 06:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 29 Oct 2021 08:00:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 24ms
22ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1038983633&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6898183-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

58969b54625aa3115a5c57f87a8cded390d6df59807d68de74a23bf1c55746a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39100
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Oct 2021 07:31:08 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 3436ms
3434ms Script
text/javascript 142.250.186.66

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1038983633

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

afc9ea91964f1089ed3afcc20604ffa0107862a6d992ddc37ae0d21afa441b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14418
x-xss-protection: 0
server: cafe
etag: 2987026233222861869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 07:31:11 GMT

GET
H/1.1 200
OK promo_header.png
chwsavings.com/a/a79/images/ 28 KB
28 KB 179ms
96ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/promo_header.png
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 5a3bcabc8607d2278afadf03f14bfa5b1cd4b620e41a5ff0dbc737abe0edcbba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Fri, 08 Oct 2021 20:20:58 GMT
Server: Apache
ETag: "6fe3-5cddd1dff5eda"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 28643
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK bg2.jpg
chwsavings.com/a/a79/images/ 1 MB
1 MB 261ms
96ms Image
image/jpeg 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/bg2.jpg
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 56bd13291e337ee24a5d6120a2d69b291a03ff19253f5b68e52f383fc3f94196

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Wed, 30 Jun 2021 15:54:35 GMT
Server: Apache
ETag: "179392-5c5fdbd3e2a99"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1545106
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK espn.png
chwsavings.com/a/a79/images/ 17 KB
18 KB 358ms
97ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/espn.png
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 90dc1edaca43e2e886e6e556485fa4f2d9bbb86193f9d8d6b3b1b5b087bb140c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Wed, 30 Jun 2021 15:54:36 GMT
Server: Apache
ETag: "4586-5c5fdbd467f69"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 17798
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK fox.png
chwsavings.com/a/a79/images/ 18 KB
19 KB 368ms
97ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/fox.png
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: d3573cda52041247cfe2bec3dd48b363196a581a5aa0686f6cd74a5f96bb090f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Wed, 30 Jun 2021 15:54:36 GMT
Server: Apache
ETag: "49cc-5c5fdbd478521"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 18892
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK tvland.png
chwsavings.com/a/a79/images/ 18 KB
18 KB 349ms
95ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/tvland.png
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 10bef3f85822237893d33ac7eed079f59191bf1457d08309401afc43a1902d50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Wed, 30 Jun 2021 15:54:36 GMT
Server: Apache
ETag: "47a3-5c5fdbd4980f1"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 18339
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK lifetime.png
chwsavings.com/a/a79/images/ 16 KB
17 KB 256ms
98ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/lifetime.png
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 6d97fccd01135ed97a465ce2d65e3d5993c7b240b06a7638b3fec90424f6252a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Wed, 30 Jun 2021 15:54:36 GMT
Server: Apache
ETag: "41bd-5c5fdbd4886f1"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 16829
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H/1.1 200
OK universalhd.png
chwsavings.com/a/a79/images/ 18 KB
19 KB 258ms
100ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwsavings.com/a/a79/images/universalhd.png
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: ec286d9204d650f3688680ab7df9b05406c4baddb997cf762d2fedd7b5084365

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Last-Modified: Wed, 30 Jun 2021 15:54:36 GMT
Server: Apache
ETag: "49b3-5c5fdbd4a7709"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 18867
Expires: Fri, 05 Nov 2021 07:31:08 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 28 KB
29 KB 28ms
6ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chwsavings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:57:27 GMT
x-content-type-options: nosniff
age: 221621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28968
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Oct 2022 17:57:27 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 33 KB
34 KB 34ms
13ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chwsavings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 01:35:32 GMT
x-content-type-options: nosniff
age: 21336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34260
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 01:35:32 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
chwsavings.com/a/a79/bootstrap/fonts/ 43 KB
44 KB 188ms
96ms Font
application/font-woff 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://chwsavings.com/a/a79/bootstrap/fonts/fontawesome-webfont.woff?v=4.0.1
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/bootstrap/css/font-awesome.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: c151a7e68aedc7bd4d84cb2096e92ee2f055c16be01c2ba027acd38b6cc9d52a

Request headers

Referer: https://chwsavings.com/a/a79/bootstrap/css/font-awesome.css
Origin: https://chwsavings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 18:07:59 GMT
Server: Apache
ETag: "adbc-568e178501dc0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/font-woff
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
23ms XHR
text/plain 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1893763277&t=pageview&_s=1&dl=https%3A%2F%2Fchwsavings.com%2Fa%2Fa79%2Findex.php%3Futm_source%3Dgwmfm%26utm_campaign%3D4680%26token%3D1027d81ad8276da9e8dfa27ab7ed75&dr=https%3A%2F%2Fstorage.googleapis.com%2F&ul=en-us&de=UTF-8&dt=Choice%20Home%20Warranty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1749592698&gjid=1037786186&cid=952388445.1635492668&tid=UA-6898183-1&_gid=791057238.1635492668&_r=1&gtm=2ouar0&z=2037600313

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chwsavings.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chwsavings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 65ms
20ms XHR
text/plain 64.233.166.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-6898183-1&cid=952388445.1635492668&jid=1749592698&gjid=1037786186&_gid=791057238.1635492668&_u=YEBAAUAAAAAAAC~&z=1552505361

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

36c37dce8dad9e60464f6bf6ff04d7c7c9ee7d5e98088ac0976f56fe365ca024

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chwsavings.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Oct 2021 07:31:08 GMT
content-type: text/plain
access-control-allow-origin: https://chwsavings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
472 B 63ms
27ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-6898183-1&cid=952388445.1635492668&jid=1749592698&_u=YEBAAUAAAAAAAC~&z=1141608522

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.be/ads/ 42 B
501 B 41ms
18ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.be/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-6898183-1&cid=952388445.1635492668&jid=1749592698&_u=YEBAAUAAAAAAAC~&z=1141608522

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/ 2 KB
2 KB 292ms
27ms Script
text/javascript 142.250.184.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/?random=1635492670415&cv=9&fst=1635492670415&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fchwsavings.com%2Fa%2Fa79%2Findex.php%3Futm_source%3Dgwmfm%26utm_campaign%3D4680%26token%3D1027d81ad8276da9e8dfa27ab7ed75&ref=https%3A%2F%2Fstorage.googleapis.com%2F&tiba=Choice%20Home%20Warranty&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f71cc04cf7328023a2f58b8a56e1e5177042c74f565effab357589d55efce0e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1091
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 271ms
6ms Script
text/javascript 142.250.184.232

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chwsavings.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 2128
date: Fri, 29 Oct 2021 06:55:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 29 Oct 2021 08:55:42 GMT

GET
H3

200

ga-audiences
www.google.be/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=133145595&utmhn=chwsavings.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Choice...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6898183-1&cid=952388445.1635492668&jid=174865766&_v=5.7.2&z=133145595
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=952388445.1635492668&jid=174865766&_v=5.7.2&z=133145595
https://www.google.be/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=952388445.1635492668&jid=174865766&_v=5.7.2&z=133145595&slf_rd=1&random=2997419002

42 B
63 B

18ms
18ms

Image
image/gif

142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.be/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=952388445.1635492668&jid=174865766&_v=5.7.2&z=133145595&slf_rd=1&random=2997419002

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.be/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=952388445.1635492668&jid=174865766&_v=5.7.2&z=133145595&slf_rd=1&random=2997419002
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 21ms
7ms Script
application/x-javascript 157.240.20.19

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 -, , ASN (),

Reverse DNS

Software

Resource Hash

9d1a71851b9c575f7a08134336da7769a379f0db481b058bf45a82d60b7e2ddc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: EiUSEq/GsUYhi55kKoKghiNsQK31m94G5H9F07lxTi16GVp2gXmqVGG8aQ35tdzru1abYi8wAmekdpaLPsSEnw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 29 Oct 2021 07:31:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 34 KB
10 KB 86ms
49ms Script
application/javascript 13.107.21.200

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:10 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 19:11:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F5856173471C4D64BEF399A934B42BE1 Ref B: PRG01EDGE0716 Ref C: 2021-10-29T07:31:10Z
etag: "805b72e6bad71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10001

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 65 KB
21 KB 76ms
21ms Script
text/javascript 13.224.195.8

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.8 -, , ASN (),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5bcc5065a721ce15a226f1c1770ad812b25037e73ed1febbaa78173a0c88c81d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 07:31:10 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-AspNet-Version: 4.0.30319
X-ltk: 10/28/2021 6:15:18 PM
X-Powered-By: ASP.NET
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 20752
Last-Modified: Wed, 13 Oct 2021 15:33:10 GMT
Server: cloudflare
ETag: "wwiUvxvkCIrpH0XaiFZ5Qg=="
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
CF-RAY: 6a5785a04bc105c4-FRA
X-Amz-Cf-Id: BWQq0Ib9YR82PW1QD_P3wRscZ2satlXyYHuxn_65UHLU4cZGR5JRhw==
Expires: Fri, 29 Oct 2021 08:23:18 GMT

GET
H2

200

widget_async.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/
Redirect Chain

https://shop.pe/widget/widget_async.js
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

2 KB
1 KB

31ms
6ms

Script
application/javascript

18.66.122.10

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: H2
Server: 18.66.122.10 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c925acd5cbf649b4731a67e19f4204220366464042ff84f6df893f6037859310

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:01:43 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 15:00:51 GMT
server: AmazonS3
age: 1768
etag: "c17e4a815995f1b0a876cfd234bd7596"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 899
x-amz-cf-id: 0CfX-sP_Nh707Um4HJQG3KbezsTHUuX_4h0vK0N4W8NGFnjtoG5GAQ==
x-amz-meta-mtime: 1635433249.06

Redirect headers

content-security-policy: frame-ancestors none;
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
server: nginx
date: Fri, 29 Oct 2021 07:31:10 GMT
x-frame-options: deny
content-type: text/html
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 178

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 69E9
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3...

676 B
2 KB

190ms
188ms

Document
text/html

52.46.133.124

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=371359260793427260&dcc=t

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

f657cb1d8280e4cdff6843d25f134a84a03c8ba82b0f8870605f9b184392d674

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/

Response headers

Server: Server
Date: Fri, 29 Oct 2021 07:31:11 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 676
Connection: keep-alive
x-amz-rid: 2VRNDF6A0S50RSHEJ58E
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Fri, 29 Oct 2021 07:31:10 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: R13XWNHV2FSZYQRHPXQK
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=371359260793427260&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H3 200 /
www.google.com/pagead/1p-user-list/1038983633/ 42 B
64 B 35ms
19ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1038983633/?random=1635492670415&cv=9&fst=1635490800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fchwsavings.com%2Fa%2Fa79%2Findex.php%3Futm_source%3Dgwmfm%26utm_campaign%3D4680%26token%3D1027d81ad8276da9e8dfa27ab7ed75&ref=https%3A%2F%2Fstorage.googleapis.com%2F&tiba=Choice%20Home%20Warranty&fmt=3&is_vtc=1&random=3014125318&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.be/pagead/1p-user-list/1038983633/ 42 B
64 B 35ms
19ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.be/pagead/1p-user-list/1038983633/?random=1635492670415&cv=9&fst=1635490800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fchwsavings.com%2Fa%2Fa79%2Findex.php%3Futm_source%3Dgwmfm%26utm_campaign%3D4680%26token%3D1027d81ad8276da9e8dfa27ab7ed75&ref=https%3A%2F%2Fstorage.googleapis.com%2F&tiba=Choice%20Home%20Warranty&fmt=3&is_vtc=1&random=3014125318&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1374492936214348 Show response
connect.facebook.net/signals/config/ 39 KB
11 KB 478ms
469ms Script
application/x-javascript 157.240.20.19

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1374492936214348?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.19 -, , ASN (),

Reverse DNS

Software

Resource Hash

ad465515abac5ee0c7aa4d316452460b228a33346dc4372d8badf995ffb3b444

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: L8trhAra6+mnIm8kxh8MeqCfPiXH2b9rLLb8lMiopU8IxG59OIjZ7hTSWeyMcepqH4XQeViPMy5OWxFQfhxZ+Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 29 Oct 2021 07:31:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 getIds Show response
s1.listrakbi.com/3QgckfkNYGiq/session/ 175 B
1 KB 458ms
411ms Script
application/x-javascript 104.18.6.244

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/3QgckfkNYGiq/session/getIds?callback=ltkCallback6876&gsid=&_sid=&_tid=564543&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.244 -, , ASN (),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4dcbaa7a5cd1a3b35e38e8d4f159c978c67cf08da6897857507cfd39f960bfa1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type: application/x-javascript; charset=utf-8
cache-control: no-cache
cf-ray: 6a5ab3e8db294137-PRG
expires: -1

GET
H2 204 5223598.js Show response
bat.bing.com/p/action/ 0
111 B 290ms
289ms Script
text/plain 13.107.21.200

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5223598.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 -, , ASN (),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Oct 2021 07:31:10 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 77F385B661D846FAA7205AB15E10A250 Ref B: PRG01EDGE0716 Ref C: 2021-10-29T07:31:10Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
151 B 48ms
48ms Image
text/plain 13.107.21.200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5223598&Ver=2&mid=e9c0c7ab-9ed5-43f0-a574-00b7c6f57f9f&sid=30453620388a11ec888619c249b60ed1&vid=30456010388a11ecb159ef9ffa02d034&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Choice%20Home%20Warranty&p=https%3A%2F%2Fchwsavings.com%2Fa%2Fa79%2Findex.php%3Futm_source%3Dgwmfm%26utm_campaign%3D4680%26token%3D1027d81ad8276da9e8dfa27ab7ed75&r=https%3A%2F%2Fstorage.googleapis.com%2F&lt=4528&evt=pageLoad&msclkid=N&sv=1&rn=576633
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C74CD2D1537649169504DF5A7A2CEBFD Ref B: PRG01EDGE0716 Ref C: 2021-10-29T07:31:10Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 triggerRunner.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 10 KB
4 KB 7ms
6ms Script
application/javascript 18.66.122.10

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=12a9f05
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.10 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d71aa41f2ba221f0bba812c5aaf838e575fe3af76f78a1311b3ee06c4d5e2703

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 15:01:42 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 15:00:52 GMT
server: AmazonS3
age: 59369
etag: "b6dc79265e3094c412e766fec59f19d3"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 3710
x-amz-cf-id: AaU8Y_lmlkMdAeSKuIim_6nZsV07_m3T0Ypnx65tkQbQVYo-7_q2nw==
x-amz-meta-mtime: 1635433248.98

GET
H2 200 widget.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 181 KB
47 KB 7ms
7ms Script
application/javascript 18.66.122.10

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=d28455b
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.10 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d581332f23ab61723ada12f14b3ccc4b882c9f59bcbfe1e14cefe29fc83d9491

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 15:01:42 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 15:00:51 GMT
server: AmazonS3
age: 59368
etag: "e8a4b4d0968142a1876aff1216b5e40d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 47425
x-amz-cf-id: 6o7VNmG3ZUzRKbEqErgAmlTg1OpJDg5NKf6ljo1oUSksXM7btzKizw==
x-amz-meta-mtime: 1635433245.39

GET
H2 200 /
www.facebook.com/tr/ 44 B
425 B 29ms
7ms Image
image/gif 157.240.20.35

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1374492936214348&ev=PageView&dl=https%3A%2F%2Fchwsavings.com%2Fa%2Fa79%2Findex.php%3Futm_source%3Dgwmfm%26utm_campaign%3D4680%26token%3D1027d81ad8276da9e8dfa27ab7ed75&rl=https%3A%2F%2Fstorage.googleapis.com%2F&if=false&ts=1635492671234&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=28&fbp=fb.1.1635492671232.1554893520&it=1635492670746&coo=false&exp=p1&rqm=GET

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 29 Oct 2021 07:31:11 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 9E5B 5 KB
5 KB 113ms
113ms Document
text/html 52.46.133.124

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Tp4Wq_v4T7aytJqx_ev2Qw&ep=DvmjCSyxS0N2ecmRSatxTFQzXRAnkJDuZD5cKjWGuNP-ZsMc0BZOU-y7MSlUibpKkuQm76zeTWK9aog4FHz4jSBP8JXuINshs7ErGgjhuQRMRmBa3op6Hzp8cmYIKbk8gPPd8IYa5W5L3sTSTCkxaaFTRvFgvxB2TMXX4n0FSbV4SjvTMkombCa_RcXlxNDLYN_GRa4UFeoMxvURDoM5KA

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=371359260793427260&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

f87b3c6971d2f2ce1a71d51e6ab26ed6f5acec5af1cbf573aab8e7d67f1ade83

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=371359260793427260&dcc=t

Response headers

Server: Server
Date: Fri, 29 Oct 2021 07:31:11 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 4957
Connection: keep-alive
x-amz-rid: 0HTJKTYEPJ5BSDYZ1YGS
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H2 200 3QgckfkNYGiq Show response
at1.listrakbi.com/activity/ 111 B
617 B 442ms
427ms Script
text/javascript 104.18.6.244

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/3QgckfkNYGiq
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.244 -, , ASN (),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d0b775725240f39dd9cd00a67f6ea0ea286f4bd447d2bf337fe7da53e5b9acbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript; charset=utf-8
cache-control: private
cf-ray: 6a5ab3eb9f894137-PRG

GET
H2 200 update
sca1.listrakbi.com/3QgckfkNYGiq/cart/ 44 B
418 B 470ms
437ms Image
image/gif 104.18.6.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sca1.listrakbi.com/3QgckfkNYGiq/cart/update?gsid=ec28d343-6c5f-4f18-bd61-9a6530a9dea9&_sid=6888e4b3-2500-4144-b621-20981339a8c1&_tid=564543&_uid=80F36EA4-EB97-4281-8467-C880A2D83452&s_0=warranty-quote&q_0=1&p_0=1.00&n_0=Warranty%20Quote
Requested by: Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.244 -, , ASN (),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type: image/gif
cache-control: no-cache
cf-ray: 6a5ab3ebbfbe4137-PRG
content-length: 44

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=165010503954000090946&ex=neustar.biz

43 B
556 B

115ms
114ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=165010503954000090946&ex=neustar.biz

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Tp4Wq_v4T7aytJqx_ev2Qw&ep=DvmjCSyxS0N2ecmRSatxTFQzXRAnkJDuZD5cKjWGuNP-ZsMc0BZOU-y7MSlUibpKkuQm76zeTWK9aog4FHz4jSBP8JXuINshs7ErGgjhuQRMRmBa3op6Hzp8cmYIKbk8gPPd8IYa5W5L3sTSTCkxaaFTRvFgvxB2TMXX4n0FSbV4SjvTMkombCa_RcXlxNDLYN_GRa4UFeoMxvURDoM5KA

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: MAAV4XHRXF0HH3ZJZR5C
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:11 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=165010503954000090946&ex=neustar.biz
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=56c4027f8c232d9976e6737706bd76fb

43 B
556 B

217ms
115ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=56c4027f8c232d9976e6737706bd76fb

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: V06W5SZ34J9HWE1P32SE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=56c4027f8c232d9976e6737706bd76fb
Date: Fri, 29 Oct 2021 07:31:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
556 B

202ms
111ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0ECN94MA9RJ79XW5MJMR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Date: Fri, 29 Oct 2021 07:31:11 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=TXPyeCJkRDmQheDDr4v6kA
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=TXPyeCJkRDmQheDDr4v6kA&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=TXPyeCJkRDmQheDDr4v6kA

43 B
556 B

306ms
107ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=TXPyeCJkRDmQheDDr4v6kA

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0ZN205WZ2QV0N74XJ66T
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 29 Oct 2021 07:31:11 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=TXPyeCJkRDmQheDDr4v6kA
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP30a4785a-388a-11ec-a15c-06bbc839886a
https://s.amazon-adsystem.com/ecm3?id=96a4c21e49d6693c8b95e19b89c57395b7618236&ex=aoldisplay.com

43 B
556 B

312ms
116ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=96a4c21e49d6693c8b95e19b89c57395b7618236&ex=aoldisplay.com

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: A2Z975X7NTEAC0C0BWDN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 29 Oct 2021 07:31:11 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?id=96a4c21e49d6693c8b95e19b89c57395b7618236&ex=aoldisplay.com
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a0f1b53d-f919-4729-a37e-f12a34c37303

43 B
556 B

299ms
107ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a0f1b53d-f919-4729-a37e-f12a34c37303

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AYCT7CG8SZ46WQVGBK72
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Fri, 29 Oct 2021 07:31:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a0f1b53d-f919-4729-a37e-f12a34c37303

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 9E5B 43 B
183 B 293ms
93ms Image
image/gif 52.202.196.233

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Tp4Wq_v4T7aytJqx_ev2Qw&ep=DvmjCSyxS0N2ecmRSatxTFQzXRAnkJDuZD5cKjWGuNP-ZsMc0BZOU-y7MSlUibpKkuQm76zeTWK9aog4FHz4jSBP8JXuINshs7ErGgjhuQRMRmBa3op6Hzp8cmYIKbk8gPPd8IYa5W5L3sTSTCkxaaFTRvFgvxB2TMXX4n0FSbV4SjvTMkombCa_RcXlxNDLYN_GRa4UFeoMxvURDoM5KA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.196.233 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:11 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 9E5B 0
0 109ms
34ms Image
text/html 212.82.100.182

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Tp4Wq_v4T7aytJqx_ev2Qw&ep=DvmjCSyxS0N2ecmRSatxTFQzXRAnkJDuZD5cKjWGuNP-ZsMc0BZOU-y7MSlUibpKkuQm76zeTWK9aog4FHz4jSBP8JXuINshs7ErGgjhuQRMRmBa3op6Hzp8cmYIKbk8gPPd8IYa5W5L3sTSTCkxaaFTRvFgvxB2TMXX4n0FSbV4SjvTMkombCa_RcXlxNDLYN_GRa4UFeoMxvURDoM5KA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 /
spl.zeotap.com/ Frame 9E5B 731 B
731 B 71ms
32ms Image
text/html 104.22.24.87

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1353&env=mWeb&eventType=pageview&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%24_ZTP_UUID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Tp4Wq_v4T7aytJqx_ev2Qw&ep=DvmjCSyxS0N2ecmRSatxTFQzXRAnkJDuZD5cKjWGuNP-ZsMc0BZOU-y7MSlUibpKkuQm76zeTWK9aog4FHz4jSBP8JXuINshs7ErGgjhuQRMRmBa3op6Hzp8cmYIKbk8gPPd8IYa5W5L3sTSTCkxaaFTRvFgvxB2TMXX4n0FSbV4SjvTMkombCa_RcXlxNDLYN_GRa4UFeoMxvURDoM5KA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.24.87 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a5ab3ec78b34125-PRG
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=92ff5cadf8c2ae9c4e0bbc33d5e837&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

301ms
104ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=92ff5cadf8c2ae9c4e0bbc33d5e837&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BSVNSBKM5WPVVEG049M0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=92ff5cadf8c2ae9c4e0bbc33d5e837&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1635492671302091-351
Expires: Fri, 29 Oct 2021 07:31:11 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
556 B

173ms
114ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1K4TP4N7TQXKBF5KM6W6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 29 Oct 2021 07:31:11 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
content-security-policy-report-only: default-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com; script-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=078213WBHG0334Q75DFH:sn=www.imdb.com
x-cache: Miss from cloudfront
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: 078213WBHG0334Q75DFH
strict-transport-security: max-age=47474747; includeSubDomains; preload
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
permissions-policy: interest-cohort=()
x-amz-cf-id: _-lburmlPuQxPcm1STqmGAa4sbFjdCK2vzfLROCrnvoi3a2gUyB9ww==

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 9E5B 0
263 B 387ms
100ms Image
text/plain 3.94.65.142

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Tp4Wq_v4T7aytJqx_ev2Qw&ep=DvmjCSyxS0N2ecmRSatxTFQzXRAnkJDuZD5cKjWGuNP-ZsMc0BZOU-y7MSlUibpKkuQm76zeTWK9aog4FHz4jSBP8JXuINshs7ErGgjhuQRMRmBa3op6Hzp8cmYIKbk8gPPd8IYa5W5L3sTSTCkxaaFTRvFgvxB2TMXX4n0FSbV4SjvTMkombCa_RcXlxNDLYN_GRa4UFeoMxvURDoM5KA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.65.142 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Server: nginx/1.16.1
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e5ff70b5b695a681

43 B
556 B

105ms
104ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e5ff70b5b695a681

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9AAXMMNDH7AKMFPYFF2R
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e5ff70b5b695a681
date: Fri, 29 Oct 2021 07:31:11 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 93
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 9E5B 0
239 B 43ms
8ms Image
image/gif 69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=1053074&nid=2179&put=HYp8cpWyTRaEV8lttUG9dA
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Tp4Wq_v4T7aytJqx_ev2Qw&ep=DvmjCSyxS0N2ecmRSatxTFQzXRAnkJDuZD5cKjWGuNP-ZsMc0BZOU-y7MSlUibpKkuQm76zeTWK9aog4FHz4jSBP8JXuINshs7ErGgjhuQRMRmBa3op6Hzp8cmYIKbk8gPPd8IYa5W5L3sTSTCkxaaFTRvFgvxB2TMXX4n0FSbV4SjvTMkombCa_RcXlxNDLYN_GRa4UFeoMxvURDoM5KA
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=oFBisBgDQBuiQChxXd0CzQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=oFBisBgDQBuiQChxXd0CzQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=14659740173802058302598536844291541627

43 B
556 B

109ms
108ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=14659740173802058302598536844291541627

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TQ8S63H44TCDQ1HAG4PC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v019-080af9c5c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: GSKG9VuaR1w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=14659740173802058302598536844291541627
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=sL_0X2cXQKCChnPq-UIjfA
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10828834935344994573&gdpr=&gdpr_consent=

43 B
556 B

104ms
104ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10828834935344994573&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NGKCTSZJK27TF31QYT59
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:11 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10828834935344994573&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 9E5B 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6363465272439359252

43 B
556 B

108ms
108ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6363465272439359252

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 48YDVEQWN0E1A1B8E023
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:11 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6363465272439359252
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=30df48a8-388a-11ec-a249-102ad03c0306
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=30df486a-388a-11ec-a249-102ad03c0306

43 B
556 B

117ms
117ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=30df486a-388a-11ec-a249-102ad03c0306

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TXEXY8MHZ3XBJVMWD4C4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 29 Oct 2021 07:31:11 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=30df486a-388a-11ec-a249-102ad03c0306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 77
Connection: keep-alive
Content-Length: 0

GET

acs
lm.serving-sys.com/lm/ Frame 9E5B
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22a8a6c4c2-4c8a-4be2-9958-cdaa3c5892a1%22,%22Time%22:%2220211029T033111.788628%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]

0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEB_E7fuktTKBAtHAgFuwHks&google_cver=1

43 B
556 B

116ms
116ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEB_E7fuktTKBAtHAgFuwHks&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QR3M3YE2C9T81Z1NMQMS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEB_E7fuktTKBAtHAgFuwHks&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

usermatch.gif
beacon.krxd.net/ Frame 9E5B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=amzn
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f537bc85f8c65e16675b8aefe6dbcd29

43 B
556 B

111ms
111ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f537bc85f8c65e16675b8aefe6dbcd29

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GJ7KJWAAHZ8QYZ6ZRPP4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 29 Oct 2021 07:31:11 GMT
via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f537bc85f8c65e16675b8aefe6dbcd29
content-length: 108
x-amz-cf-id: 7v_VhKqbcLhUvY8mB03Ijv4AYIdnNGO2xIw-uNI-UBGLQJI4L1Tx4g==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=dd98164f-8aef-c486-3323-e6753b0197c2

43 B
556 B

107ms
107ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=dd98164f-8aef-c486-3323-e6753b0197c2

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TQAX6SFJVE619YS02V1F
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 29 Oct 2021 07:31:11 GMT
content-encoding: gzip
server: OXGW/16.217.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=dd98164f-8aef-c486-3323-e6753b0197c2
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1
https://s.amazon-adsystem.com/ecm3?ex=index&id=KCmUD3mmLjOXsJ3FJG7xajc4dPI4ZgIC

43 B
556 B

117ms
117ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KCmUD3mmLjOXsJ3FJG7xajc4dPI4ZgIC

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: D7XS3EWSA2PVZ35DM7P7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KCmUD3mmLjOXsJ3FJG7xajc4dPI4ZgIC
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 267
Expires: Fri, 29 Oct 2021 07:31:11 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=84A06D11FCEA7FD5

43 B
556 B

144ms
117ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=84A06D11FCEA7FD5

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5VGXT3G6NKYFA5A3Q600
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:10 GMT
frontend-id: 8
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=84A06D11FCEA7FD5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=7773764652822423241&ex=appnexus.com

43 B
556 B

104ms
103ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=7773764652822423241&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PTTA9NEEB5G9R6F1PPTB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:12 GMT
X-Proxy-Origin: 216.131.114.145; 216.131.114.145; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 572c6c7e-66e1-44c3-b1c1-c0e46e8f2890
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=7773764652822423241&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=HMZyozNA7noVA_txk_x7FA&ex=rubiconproject.com&status=ok

43 B
556 B

107ms
106ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=HMZyozNA7noVA_txk_x7FA&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X0ZBVE09RWV7E0F19F8A
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=HMZyozNA7noVA_txk_x7FA&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Tp4Wq_v4T7aytJqx_ev2Qw&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
556 B

112ms
112ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: A3AHNFN4J5J4ZWS14JM5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame 9E5B 0
324 B 102ms
33ms Image
text/plain 34.254.143.3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-y-HMT_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=Tp4Wq_v4T7aytJqx_ev2Qw&ep=DvmjCSyxS0N2ecmRSatxTFQzXRAnkJDuZD5cKjWGuNP-ZsMc0BZOU-y7MSlUibpKkuQm76zeTWK9aog4FHz4jSBP8JXuINshs7ErGgjhuQRMRmBa3op6Hzp8cmYIKbk8gPPd8IYa5W5L3sTSTCkxaaFTRvFgvxB2TMXX4n0FSbV4SjvTMkombCa_RcXlxNDLYN_GRa4UFeoMxvURDoM5KA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 -, , ASN (),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET /
lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/ Frame 9E5B 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-sF5hqxp1l2MmqUXupkwYuFOWP9MsBp8-

43 B
556 B

125ms
123ms

Image
image/gif

52.46.133.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-sF5hqxp1l2MmqUXupkwYuFOWP9MsBp8-

Requested by

Protocol

HTTP/1.1

Server

52.46.133.124 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 07:31:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: G2SNF4PPXS0M774CKZ0Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 29 Oct 2021 07:31:12 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-sF5hqxp1l2MmqUXupkwYuFOWP9MsBp8-
Connection: keep-alive
Content-Length: 0

GET

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=935d6c16a205bb99efb2305b6c1822a3b0a51e2c5f4cdbe10cfd2f8d9ae38a2f

0
0

GET

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=ABEB4591-D4DE-4704-A7DF-65ECA87449EB

0
0

GET

ecm3
s.amazon-adsystem.com/ Frame 9E5B
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=9383f923-bb29-47d2-b1f6-2fffdf611538-tuct87528c0

0
0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/ 2 KB
1 KB 512ms
497ms Script
text/javascript 142.250.184.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/?random=1635492671557&cv=9&fst=1635492671557&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaar0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fchwsavings.com%2Fa%2Fa79%2Findex.php%3Futm_source%3Dgwmfm%26utm_campaign%3D4680%26token%3D1027d81ad8276da9e8dfa27ab7ed75&ref=https%3A%2F%2Fstorage.googleapis.com%2F&tiba=Choice%20Home%20Warranty&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

4b2cfcb2a0ef6d2a70774e6d0661adbd6ce64733a30c168530a6b85bc7545b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1119
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3QgckfkNYGiq Show response
at1.listrakbi.com/activity/ 111 B
493 B 125ms
124ms Script
text/javascript 104.18.6.244

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/3QgckfkNYGiq?vuid=a3591a71-1194-4779-a593-8d3eef074efa&uid=84C7D4BC-FD8F-41F0-8521-DEE58FBBECDF&gsid=ec28d343-6c5f-4f18-bd61-9a6530a9dea9&sid=6888e4b3-2500-4144-b621-20981339a8c1&_t_0=at&t_0=ProductBrowse&k_0=warranty-quote
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.244 -, , ASN (),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d0b775725240f39dd9cd00a67f6ea0ea286f4bd447d2bf337fe7da53e5b9acbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript; charset=utf-8
cache-control: private
cf-ray: 6a5ab3ee4c784137-PRG

GET
H2 200 3QgckfkNYGiq Show response
at1.listrakbi.com/activity/ 111 B
517 B 440ms
440ms Script
text/javascript 104.18.6.244

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/3QgckfkNYGiq?vuid=a3591a71-1194-4779-a593-8d3eef074efa&uid=39552082-3B6B-4F46-AB9A-C58005B162B3&gsid=ec28d343-6c5f-4f18-bd61-9a6530a9dea9&sid=6888e4b3-2500-4144-b621-20981339a8c1&_t_0=at&t_0=Identification&k_0=3&_t_1=at&t_1=Identification&k_1=4&_t_2=at&t_2=Identification&k_2=5
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.244 -, , ASN (),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d0b775725240f39dd9cd00a67f6ea0ea286f4bd447d2bf337fe7da53e5b9acbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript; charset=utf-8
cache-control: private
cf-ray: 6a5ab3ee4c7b4137-PRG

GET
H2 200 3QgckfkNYGiq Show response
at1.listrakbi.com/activity/ 111 B
491 B 125ms
125ms Script
text/javascript 104.18.6.244

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/3QgckfkNYGiq?vuid=a3591a71-1194-4779-a593-8d3eef074efa&uid=C7A20119-BFF6-47BA-8AB0-9CADE6B9B54A&gsid=ec28d343-6c5f-4f18-bd61-9a6530a9dea9&sid=6888e4b3-2500-4144-b621-20981339a8c1&_t_0=at&t_0=PageBrowse&k_0=https%3A%2F%2Fchwsavings.com%2Fa%2Fa79%2Findex.php%3Futm_source%3Dgwmfm%26utm_campaign%3D4680%26token%3D1027d81ad8276da9e8dfa27ab7ed75
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.244 -, , ASN (),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d0b775725240f39dd9cd00a67f6ea0ea286f4bd447d2bf337fe7da53e5b9acbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 07:31:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript; charset=utf-8
cache-control: private
cf-ray: 6a5ab3ee4c7e4137-PRG

GET
H3 200 /
www.google.com/pagead/1p-user-list/1038983633/ 42 B
64 B 20ms
20ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1038983633/?random=1635492671557&cv=9&fst=1635490800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaar0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fchwsavings.com%2Fa%2Fa79%2Findex.php%3Futm_source%3Dgwmfm%26utm_campaign%3D4680%26token%3D1027d81ad8276da9e8dfa27ab7ed75&ref=https%3A%2F%2Fstorage.googleapis.com%2F&tiba=Choice%20Home%20Warranty&async=1&fmt=3&is_vtc=1&random=3609012523&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.be/pagead/1p-user-list/1038983633/ 42 B
64 B 25ms
25ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.be/pagead/1p-user-list/1038983633/?random=1635492671557&cv=9&fst=1635490800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaar0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fchwsavings.com%2Fa%2Fa79%2Findex.php%3Futm_source%3Dgwmfm%26utm_campaign%3D4680%26token%3D1027d81ad8276da9e8dfa27ab7ed75&ref=https%3A%2F%2Fstorage.googleapis.com%2F&tiba=Choice%20Home%20Warranty&async=1&fmt=3&is_vtc=1&random=3609012523&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: chwsavings.com
URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://chwsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 07:31:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Domain: lm.serving-sys.com
URL: https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22a8a6c4c2-4c8a-4be2-9958-cdaa3c5892a1%22,%22Time%22:%2220211029T033111.788628%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]

Domain: beacon.krxd.net
URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

Domain: lciapi.ninthdecimal.com
URL: https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=935d6c16a205bb99efb2305b6c1822a3b0a51e2c5f4cdbe10cfd2f8d9ae38a2f

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=ABEB4591-D4DE-4704-A7DF-65ECA87449EB

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=9383f923-bb29-47d2-b1f6-2fffdf611538-tuct87528c0

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 02:37:24	Name: _bit Value: l9t7v6-36cad2efbff84a231b-00g
chwsavings.com/	1969-12-31 23:59:59	Name: COOKIE Value: !3w0TODy918fzFYjuUVyM9dLmp2wyxKaVlRauMvtnBnd2WigUbTKYj2YnhQlW49+bZ5jOs2pdxFugGQ==
.chwsavings.com/	1970-01-20 00:27:48	Name: _gcl_au Value: 1.1.544569802.1635492667
.chwsavings.com/	1970-01-20 15:49:24	Name: _ga Value: GA1.2.952388445.1635492668
.chwsavings.com/	1970-01-19 22:19:39	Name: _gid Value: GA1.2.791057238.1635492668
.chwsavings.com/	1970-01-19 22:18:12	Name: _gat_gtag_UA_6898183_1 Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75(Line 922) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://chwsavings.com/a/a79/index.php?utm_source=gwmfm&utm_campaign=4680&token=1027d81ad8276da9e8dfa27ab7ed75(Line 922) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
amazon.partners.tremorhub.com
at1.listrakbi.com
bat.bing.com
beacon.krxd.net
bit.ly
c1.adform.net
cdn.datasteam.io
cdn.listrakbi.com
chwsavings.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d3rr3d0n31t48m.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
js.adsrvr.org
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
odr.mookie1.com
pixel.advertising.com
pixel.rubiconproject.com
placestogo.org.uk
px.surveywall-api.survata.com
s.amazon-adsystem.com
s1.listrakbi.com
sb.scorecardresearch.com
sca1.listrakbi.com
shop.pe
spl.zeotap.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
storage.googleapis.com
sync.search.spotxchange.com
t.myvisualiq.net
tags.bluekai.com
token.rubiconproject.com
track.qpuue.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.samplicio.us
www.chwplan.com
www.facebook.com
www.google-analytics.com
www.google.be
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.imdb.com
x.bidswitch.net
beacon.krxd.net
lciapi.ninthdecimal.com
lm.serving-sys.com
px.surveywall-api.survata.com
s.amazon-adsystem.com
104.18.6.244
104.22.24.87
104.89.42.102
13.107.21.200
13.224.195.8
13.225.85.149
13.32.99.105
142.250.184.195
142.250.184.200
142.250.184.226
142.250.184.232
142.250.184.234
142.250.185.226
142.250.185.240
142.250.185.67
142.250.186.132
142.250.186.66
143.204.103.201
146.20.84.216
157.240.20.19
157.240.20.35
172.217.23.110
18.156.0.31
18.194.61.148
18.194.84.14
18.66.112.100
18.66.122.10
185.33.221.15
185.94.180.126
2.21.141.232
2.21.142.210
212.82.100.182
3.127.52.31
3.94.65.142
34.192.56.19
34.254.143.3
34.98.64.218
34.98.67.61
35.227.244.1
37.157.4.24
5.133.15.146
52.17.185.148
52.202.196.233
52.46.133.124
54.154.148.1
54.93.162.63
64.233.166.155
67.199.248.10
69.173.144.139
69.173.144.165
77.243.60.138
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
10bef3f85822237893d33ac7eed079f59191bf1457d08309401afc43a1902d50
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
342f64eee8020ed8ccd8c957c7c3442acc3fd585a200470edfcd199549a1eae9
36c37dce8dad9e60464f6bf6ff04d7c7c9ee7d5e98088ac0976f56fe365ca024
4540fe3d85b175ac7c0272025c164aee14f38b34d5515d35591fe752eeab7780
4b2cfcb2a0ef6d2a70774e6d0661adbd6ce64733a30c168530a6b85bc7545b7e
4dcbaa7a5cd1a3b35e38e8d4f159c978c67cf08da6897857507cfd39f960bfa1
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
52b860bf171d4c3ddb8c50fe9b1cf48cd6337c07f0b111788d7ba34aad733299
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55b90523aabe14478d4e85de11038ffe927f92a520b2ff59907f5a6755f0df8f
56bd13291e337ee24a5d6120a2d69b291a03ff19253f5b68e52f383fc3f94196
58969b54625aa3115a5c57f87a8cded390d6df59807d68de74a23bf1c55746a2
5a3bcabc8607d2278afadf03f14bfa5b1cd4b620e41a5ff0dbc737abe0edcbba
5bcc5065a721ce15a226f1c1770ad812b25037e73ed1febbaa78173a0c88c81d
5cde0534f0d60a8a265bc4cdd6960908d0c193311d75d39806493a8fe5bece0f
5f16dac2da002b531a66f23c20e7889f304391f4e854b50d0cdba2ac2d5b4d1b
688aa4443fd103dd4eba9512fbd4a0ff2c47b8ebbd4b8c8d4aaef45f4e4f48b0
6c69929d8a3625c8a8eb4c8c18bda0c221e12d9a99b620ae2e4a5c356bcce66c
6d97fccd01135ed97a465ce2d65e3d5993c7b240b06a7638b3fec90424f6252a
765a3073885bd13d3a914be071dd962ff894a3d61f930b9f2a3452b860836d8e
7b2751e9f78b28ba219da86ee5acceffb7f9bef80a1db0617023b2da321c16d3
81a3487cf49a66c946a642f19c8f0a0d0484c49958d22f13d803f148f635039d
90dc1edaca43e2e886e6e556485fa4f2d9bbb86193f9d8d6b3b1b5b087bb140c
93f6ce56be9b5d1cc8f0462801eebf1f4612ed1c5e9e0a389072c7b3fabee5b7
9769961274520466f30da2f63030d5adbaaabfcdfba561471df48ec282d30ef3
9d1a71851b9c575f7a08134336da7769a379f0db481b058bf45a82d60b7e2ddc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a79496c01de9411a906d3b0f5cdb59d6807068218e0fb1169e08db7b408f77f6
ad465515abac5ee0c7aa4d316452460b228a33346dc4372d8badf995ffb3b444
afc9ea91964f1089ed3afcc20604ffa0107862a6d992ddc37ae0d21afa441b70
c151a7e68aedc7bd4d84cb2096e92ee2f055c16be01c2ba027acd38b6cc9d52a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c925acd5cbf649b4731a67e19f4204220366464042ff84f6df893f6037859310
d0b775725240f39dd9cd00a67f6ea0ea286f4bd447d2bf337fe7da53e5b9acbc
d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a
d3573cda52041247cfe2bec3dd48b363196a581a5aa0686f6cd74a5f96bb090f
d581332f23ab61723ada12f14b3ccc4b882c9f59bcbfe1e14cefe29fc83d9491
d71aa41f2ba221f0bba812c5aaf838e575fe3af76f78a1311b3ee06c4d5e2703
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a5209f9aed9b080f3abafce3859f310b8f122437223d598697fac71175dddb
ec286d9204d650f3688680ab7df9b05406c4baddb997cf762d2fedd7b5084365
edd03ab3a1f8f4fee1f13400764eaa7de9b4ec3da31a2de7f2a5a40e2ea181a7
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee5e6f24e63a934667e065cf35fa4cdb9a1ec3391da17621c3994fdb63bb82ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30bf2284e7872587d6aa890cc2611f01e4be6a2fcfdc0003d63c6fa137745c7
f3a974df6314eccf6bafadf8a8008e1b9c5e4686688f862c6a4e866f20725d72
f657cb1d8280e4cdff6843d25f134a84a03c8ba82b0f8870605f9b184392d674
f71cc04cf7328023a2f58b8a56e1e5177042c74f565effab357589d55efce0e7
f87b3c6971d2f2ce1a71d51e6ab26ed6f5acec5af1cbf573aab8e7d67f1ade83
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

chwsavings.com Open in urlscan Pro 146.20.84.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

100 Requests

69 %HTTPS

0 %IPv6

49 Domains

58 Subdomains

28 IPs

3 Countries

2555 kBTransfer

3455 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

chwsavings.com Open in urlscan Pro
146.20.84.216 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

69 %
HTTPS

0 %
IPv6

49
Domains

58
Subdomains

28
IPs

3
Countries

2555 kB
Transfer

3455 kB
Size

6
Cookies

100 HTTP transactions
0 data transactions