URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Submission: On February 23 via manual from US

Summary

This website contacted 18 IPs in 1 countries across 17 domains to perform 42 HTTP transactions. The main IP is 146.20.84.216, located in San Antonio, United States and belongs to RACKSPACE - Rackspace Hosting, US. The main domain is chwplan.com.
TLS certificate: Issued by RapidSSL SHA256 CA on May 16th 2017. Valid for: 3 years.
This is the only time chwplan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 146.20.84.216 27357 (RACKSPACE)
1 172.217.22.34 15169 (GOOGLE)
1 2 107.22.160.161 14618 (AMAZON-AES)
1 205.234.175.175 30081 (CACHENETW...)
1 216.58.207.74 15169 (GOOGLE)
3 52.22.210.9 14618 (AMAZON-AES)
2 216.58.206.3 15169 (GOOGLE)
1 172.217.22.66 15169 (GOOGLE)
2 172.217.21.232 15169 (GOOGLE)
1 216.58.208.36 15169 (GOOGLE)
1 216.58.207.67 15169 (GOOGLE)
2 13.107.21.200 8068 (MICROSOFT...)
2 157.240.20.19 32934 (FACEBOOK)
1 54.230.45.165 16509 (AMAZON-02)
1 157.240.20.35 32934 (FACEBOOK)
2 54.80.218.53 14618 (AMAZON-AES)
1 1 34.242.96.54 16509 (AMAZON-02)
1 34.243.136.23 16509 (AMAZON-02)
2 34.192.159.131 14618 (AMAZON-AES)
42 18
Domain Requested by
16 chwplan.com chwplan.com
3 track.securedvisit.com chwplan.com
track.securedvisit.com
2 apis.murdoog.com code.murdoog.com
2 connect.facebook.net chwplan.com
connect.facebook.net
2 bat.bing.com chwplan.com
2 ssl.google-analytics.com chwplan.com
2 fonts.gstatic.com chwplan.com
2 rdcdn.com 1 redirects chwplan.com
1 aa.agkn.com chwplan.com
1 adadvisor.net 1 redirects
1 sca1.listrakbi.com chwplan.com
1 s1.listrakbi.com cdn.listrakbi.com
1 www.facebook.com chwplan.com
1 cdn.listrakbi.com chwplan.com
1 www.google.de chwplan.com
1 www.google.com chwplan.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 fonts.googleapis.com chwplan.com
1 code.murdoog.com chwplan.com
1 www.googleadservices.com chwplan.com
1 www.chwplan.com chwplan.com
42 21

This site contains links to these domains. Also see Links.

Domain
www.choicehomewarranty.com
Subject Issuer Validity Valid
*.chwplan.com
RapidSSL SHA256 CA
2017-05-16 -
2020-05-15
3 years crt.sh

This page contains 1 frames:

Primary Page: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Frame ID: (B26260E77B50D619774B2E93C8A7569D)
Requests: 42 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

42
Requests

40 %
HTTPS

0 %
IPv6

17
Domains

21
Subdomains

18
IPs

1
Countries

1082 kB
Transfer

1555 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://rdcdn.com/rt?aid=1223&e=1&img=1 HTTP 302
  • https://rdcdn.com/images/blank.gif
Request Chain 38
  • https://adadvisor.net/adscores/g.jsonp?sid=9202274878&userid=B7CC46-1540192F-C5DC-4E93-97A9-4160470CD386 HTTP 302
  • https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=B7CC46-1540192F-C5DC-4E93-97A9-4160470CD386&&bounced=1

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set index.php
chwplan.com/a/a69/
44 KB
11 KB
Document
General
Full URL
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
3d0f4d6db5a4a147d190207e58cc94a26697dc91cf6a3cbcca9cda0edb94ef4c

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
chwplan.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:07:24 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Set-Cookie
ServerID=1024; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=15, max=120
Content-Length
10587
Expires
Fri, 02 Mar 2018 14:07:24 GMT
Cookie set bootstrap.min.css
chwplan.com/a/a69/bootstrap/css/
119 KB
20 KB
Stylesheet
General
Full URL
https://chwplan.com/a/a69/bootstrap/css/bootstrap.min.css
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
edd03ab3a1f8f4fee1f13400764eaa7de9b4ec3da31a2de7f2a5a40e2ea181a7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:07:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Sep 2016 17:13:41 GMT
Server
Apache
ETag
"3e0fd7-1da10-53dbcb74265c2"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Set-Cookie
ServerID=1024; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=119
Content-Length
19856
Expires
Fri, 02 Mar 2018 14:07:24 GMT
Cookie set font-awesome.css
chwplan.com/a/a69/bootstrap/css/
22 KB
5 KB
Stylesheet
General
Full URL
https://chwplan.com/a/a69/bootstrap/css/font-awesome.css
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
52b860bf171d4c3ddb8c50fe9b1cf48cd6337c07f0b111788d7ba34aad733299

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:07:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Sep 2016 17:13:41 GMT
Server
Apache
ETag
"3e0fd9-58b3-53dbcb7470948"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Set-Cookie
ServerID=1024; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=118
Content-Length
4658
Expires
Fri, 02 Mar 2018 14:07:24 GMT
Cookie set style.css
chwplan.com/a/a69/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://chwplan.com/a/a69/css/style.css?1519394844
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
f3a974df6314eccf6bafadf8a8008e1b9c5e4686688f862c6a4e866f20725d72

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:07:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Oct 2016 18:33:30 GMT
Server
Apache
ETag
"3e0fc6-a2b-53ec358a338c8"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Set-Cookie
ServerID=1024; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=120
Content-Length
806
Expires
Fri, 02 Mar 2018 14:07:25 GMT
Cookie set jquery-1.11.1.min.js
chwplan.com/a/a69/bootstrap/js/
94 KB
33 KB
Script
General
Full URL
https://chwplan.com/a/a69/bootstrap/js/jquery-1.11.1.min.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:11:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Sep 2016 17:13:39 GMT
Server
Apache
ETag
"3e0fc9-1762a-53dbcb7252170"
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Set-Cookie
ServerID=1025; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=120
Content-Length
33225
Expires
Fri, 02 Mar 2018 14:11:07 GMT
Cookie set masked.min.js
www.chwplan.com/jsinc/
62 KB
19 KB
Script
General
Full URL
https://www.chwplan.com/jsinc/masked.min.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
ee5e6f24e63a934667e065cf35fa4cdb9a1ec3391da17621c3994fdb63bb82ea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:07:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Apr 2016 16:15:56 GMT
Server
Apache
ETag
"3e0e87-f85d-530c4ace58700"
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Set-Cookie
ServerID=1024; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=120
Content-Length
19485
Expires
Fri, 02 Mar 2018 14:07:25 GMT
Cookie set logo2.png
chwplan.com/a/a69/images/
87 KB
88 KB
Image
General
Full URL
https://chwplan.com/a/a69/images/logo2.png
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
7b2751e9f78b28ba219da86ee5acceffb7f9bef80a1db0617023b2da321c16d3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:11:08 GMT
Last-Modified
Mon, 10 Oct 2016 22:31:13 GMT
Server
Apache
ETag
"3e0fb9-15db6-53e8a513e5eb0"
Content-Type
image/png
Set-Cookie
ServerID=1025; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=119
Content-Length
89526
Expires
Fri, 02 Mar 2018 14:11:08 GMT
Cookie set spinner.gif
chwplan.com/a/a69/
18 KB
18 KB
Image
General
Full URL
https://chwplan.com/a/a69/spinner.gif
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:07:25 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Set-Cookie
ServerID=1024; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=15, max=117
Content-Length
5623
Expires
Fri, 02 Mar 2018 14:07:25 GMT
Cookie set icon1.png
chwplan.com/a/a69/images/
39 KB
39 KB
Image
General
Full URL
https://chwplan.com/a/a69/images/icon1.png
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
29dfcec3cdc29247824b12860c03424435087cabd120edc8cf797d3a6b1d9cf4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:11:08 GMT
Last-Modified
Mon, 10 Oct 2016 22:31:12 GMT
Server
Apache
ETag
"3e0fc0-9c47-53e8a513ba375"
Content-Type
image/png
Set-Cookie
ServerID=1025; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=120
Content-Length
40007
Expires
Fri, 02 Mar 2018 14:11:08 GMT
Cookie set icon2.png
chwplan.com/a/a69/images/
28 KB
29 KB
Image
General
Full URL
https://chwplan.com/a/a69/images/icon2.png
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
e2f4e3dd1fe889ca75b3456318cbc933f26a8f6ca462c1a324919917a585fe87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:07:25 GMT
Last-Modified
Wed, 15 Feb 2017 17:28:05 GMT
Server
Apache
ETag
"3e0fbf-70e4-5489500e5af69"
Content-Type
image/png
Set-Cookie
ServerID=1024; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=120
Content-Length
28900
Expires
Fri, 02 Mar 2018 14:07:25 GMT
Cookie set icon3.png
chwplan.com/a/a69/images/
42 KB
42 KB
Image
General
Full URL
https://chwplan.com/a/a69/images/icon3.png
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
d9583cbfae5519b983d838d3a8bd3391f6aca916b164e859e358b20090c22895

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:11:08 GMT
Last-Modified
Mon, 10 Oct 2016 22:31:12 GMT
Server
Apache
ETag
"3e0fc2-a60c-53e8a513ca92e"
Content-Type
image/png
Set-Cookie
ServerID=1025; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=119
Content-Length
42508
Expires
Fri, 02 Mar 2018 14:11:08 GMT
Cookie set repair_b.png
chwplan.com/a/a69/images/
28 KB
28 KB
Image
General
Full URL
https://chwplan.com/a/a69/images/repair_b.png
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
342f64eee8020ed8ccd8c957c7c3442acc3fd585a200470edfcd199549a1eae9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:11:08 GMT
Last-Modified
Mon, 10 Oct 2016 22:31:13 GMT
Server
Apache
ETag
"3e0fbe-6e3f-53e8a513ff8da"
Content-Type
image/png
Set-Cookie
ServerID=1025; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=120
Content-Length
28223
Expires
Fri, 02 Mar 2018 14:11:08 GMT
Cookie set replace_b.png
chwplan.com/a/a69/images/
145 KB
145 KB
Image
General
Full URL
https://chwplan.com/a/a69/images/replace_b.png
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
81a3487cf49a66c946a642f19c8f0a0d0484c49958d22f13d803f148f635039d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:07:25 GMT
Last-Modified
Mon, 10 Oct 2016 22:31:13 GMT
Server
Apache
ETag
"3e0fb4-243ad-53e8a51408193"
Content-Type
image/png
Set-Cookie
ServerID=1024; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=117
Content-Length
148397
Expires
Fri, 02 Mar 2018 14:07:25 GMT
Cookie set 24_b.png
chwplan.com/a/a69/images/
30 KB
31 KB
Image
General
Full URL
https://chwplan.com/a/a69/images/24_b.png
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
55b90523aabe14478d4e85de11038ffe927f92a520b2ff59907f5a6755f0df8f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:07:25 GMT
Last-Modified
Mon, 10 Oct 2016 22:31:12 GMT
Server
Apache
ETag
"3e0fc4-78c2-53e8a51360dbf"
Content-Type
image/png
Set-Cookie
ServerID=1024; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=116
Content-Length
30914
Expires
Fri, 02 Mar 2018 14:07:25 GMT
Cookie set jquery.validate.js
chwplan.com/a/a69/
38 KB
10 KB
Script
General
Full URL
https://chwplan.com/a/a69/jquery.validate.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
93f6ce56be9b5d1cc8f0462801eebf1f4612ed1c5e9e0a389072c7b3fabee5b7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:07:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Sep 2016 17:13:38 GMT
Server
Apache
ETag
"3e0fc5-999b-53dbcb71ea540"
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Set-Cookie
ServerID=1024; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=119
Content-Length
10284
Expires
Fri, 02 Mar 2018 14:07:25 GMT
conversion.js
www.googleadservices.com/pagead/
18 KB
7 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
SPDY
Server
172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f34.1e100.net
Software
cafe /
Resource Hash
98786c449e5a4b389780e3f5363ec29ba2d67e3b0399a73a2a944a9b0a6261ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Feb 2018 14:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
1139595683204754379
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=3600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
6782
x-xss-protection
1; mode=block
expires
Fri, 23 Feb 2018 14:11:09 GMT
blank.gif
rdcdn.com/images/
Redirect Chain
  • https://rdcdn.com/rt?aid=1223&e=1&img=1
  • https://rdcdn.com/images/blank.gif
42 B
354 B
Image
General
Full URL
https://rdcdn.com/images/blank.gif
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Server
107.22.160.161 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-22-160-161.compute-1.amazonaws.com
Software
Microsoft-IIS/8.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:11:09 GMT
Last-Modified
Tue, 10 Mar 2015 13:44:15 GMT
Server
Microsoft-IIS/8.0
ETag
"1de6b54c385bd01:0"
P3P
CP="NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
42

Redirect headers

Date
Fri, 23 Feb 2018 14:11:08 GMT
X-AspNetMvc-Version
4.0
Server
Microsoft-IIS/8.0
X-AspNet-Version
4.0.30319
P3P
CP="NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Location
https://rdcdn.com/images/blank.gif
Cache-Control
private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
151
C14328ECFA2D48.js
code.murdoog.com/onetag/
66 KB
24 KB
Script
General
Full URL
https://code.murdoog.com/onetag/C14328ECFA2D48.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
SPDY
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 / ASP.NET
Resource Hash
dbb74a21ed22ebec31d2683cfbe7c528831e103f96de8d1ba734388ae75f8524

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 23 Feb 2018 14:11:09 GMT
content-encoding
gzip
x-cf3
M
x-aspnet-version
4.0.30319
cf4ttl
1209600.000
x-powered-by
ASP.NET
x-cf1
15787:fC.fra2:co:1513632299:cacheN.fra2-01:M
status
200
x-cf-tsc
1518782887
x-cf2
H
x-aspnetmvc-version
5.2
server
CFS 0215
x-cff
B
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
cf4age
0
expires
Fri, 23 Feb 2018 14:16:09 GMT
css
fonts.googleapis.com/
8 KB
802 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700,300
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
SPDY
Server
216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f10.1e100.net
Software
ESF /
Resource Hash
812ac81da4f689edcdac326a9b4f0810bfc4619a16e665a9989b865451e10970
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 23 Feb 2018 14:11:09 GMT
content-encoding
gzip
last-modified
Fri, 23 Feb 2018 14:11:09 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Fri, 23 Feb 2018 14:11:09 GMT
sv.js
track.securedvisit.com/js/
63 KB
25 KB
Script
General
Full URL
https://track.securedvisit.com/js/sv.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Server
52.22.210.9 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-210-9.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
c0bc7fce9f7c2e368407610a4b45af17fa5adbbcb6a7f5f92efd2198ca448d59

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Feb 2018 14:11:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Feb 2018 14:11:09 GMT
Server
nginx/1.12.1
ETag
W/"0f6e868193ee9faa6b7d9af21eba767a"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
proxy-revalidate, no-cache, private, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
25140
Expires
Fri, 23 Feb 2018 14:11:09 GMT
4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v11/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v11/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
SPDY
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
sffe /
Resource Hash
3696787b5628c80ea9ae73a18a2de9414b9cd5b8106de5edc9acc377c722ca61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700,300
Origin
https://chwplan.com

Response headers

date
Mon, 12 Feb 2018 18:00:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:22:13 GMT
server
sffe
age
936633
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14036
x-xss-protection
1; mode=block
expires
Tue, 12 Feb 2019 18:00:36 GMT
Cookie set bg2.jpg
chwplan.com/a/a69/images/
373 KB
374 KB
Image
General
Full URL
https://chwplan.com/a/a69/images/bg2.jpg
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
39fd9c35d7c10b0d25399bba1275b88d590b6428ee7f3cf28421d8a80b8d0e8b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:07:25 GMT
Last-Modified
Thu, 13 Oct 2016 18:33:29 GMT
Server
Apache
ETag
"3e0fba-5d55c-53ec3589d6879"
Content-Type
image/jpeg
Set-Cookie
ServerID=1024; path=/
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=119
Content-Length
382300
Expires
Fri, 02 Mar 2018 14:07:25 GMT
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v11/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v11/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
SPDY
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
sffe /
Resource Hash
a8d0fedb1ea3bf3105179cbc2f16c83a387c7293ec70b17132148cf2fe5035ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700,300
Origin
https://chwplan.com

Response headers

date
Mon, 12 Feb 2018 14:20:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:22:06 GMT
server
sffe
age
949818
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
13508
x-xss-protection
1; mode=block
expires
Tue, 12 Feb 2019 14:20:51 GMT
Cookie set fontawesome-webfont.woff
chwplan.com/a/a69/bootstrap/fonts/
43 KB
44 KB
Font
General
Full URL
https://chwplan.com/a/a69/bootstrap/fonts/fontawesome-webfont.woff?v=4.0.1
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
c151a7e68aedc7bd4d84cb2096e92ee2f055c16be01c2ba027acd38b6cc9d52a

Request headers

Pragma
no-cache
Origin
https://chwplan.com
Accept-Encoding
gzip, deflate
Host
chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
https://chwplan.com/a/a69/bootstrap/css/font-awesome.css
Cookie
ServerID=1024
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://chwplan.com/a/a69/bootstrap/css/font-awesome.css
Origin
https://chwplan.com

Response headers

Date
Fri, 23 Feb 2018 14:07:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Sep 2016 17:13:41 GMT
Server
Apache
ETag
"3e0fd5-adbc-53dbcb73ea0e6"
Vary
Accept-Encoding,User-Agent
Content-Type
text/plain; charset=UTF-8
Set-Cookie
ServerID=1024; path=/
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=118
Content-Length
44476
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/?random=1519395069316&cv=9&fst=1519395069316&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dsccfm%26utm_campaign%3D134%26r%3D290&tiba=Choice%20Home%20Warranty&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
SPDY
Server
172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
df3783a24593413959e70f42a2f86c6ae4e92fdb12de2797bb35af54c34c68a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2018 14:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
923
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
SPDY
Server
172.217.21.232 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f232.1e100.net
Software
Golfe2 /
Resource Hash
7c2c58fc24e2d3458b88680cfad4577011697df9a1406808f2f7d8f46060d8a7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
5869
date
Fri, 23 Feb 2018 12:33:20 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
17172
expires
Fri, 23 Feb 2018 14:33:20 GMT
/
www.google.com/ads/user-lists/1038983633/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/user-lists/1038983633/?random=1519395069316&cv=9&fst=1519394400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dsccfm%26utm_campaign%3D134%26r%3D290&tiba=Choice%20Home%20Warranty&fmt=3&cdct=2&is_vtc=1&random=1309598639&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
SPDY
Server
216.58.208.36 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f36.1e100.net
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2018 14:11:09 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/ads/user-lists/1038983633/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/user-lists/1038983633/?random=1519395069316&cv=9&fst=1519394400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dsccfm%26utm_campaign%3D134%26r%3D290&tiba=Choice%20Home%20Warranty&fmt=3&cdct=2&is_vtc=1&random=1309598639&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
SPDY
Server
216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f3.1e100.net
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2018 14:11:09 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/r/
35 B
199 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=1&utmn=2121428375&utmhn=chwplan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Choice%20Home%20Warranty&utmhid=65129437&utmr=-&utmp=%2Fa%2Fa69%2Findex.php%3Futm_source%3Dsccfm%26utm_campaign%3D134%26r%3D290&utmht=1519395069364&utmac=UA-6898183-1&utmcc=__utma%3D136185571.1695276160.1519395069.1519395069.1519395069.1%3B%2B__utmz%3D136185571.1519395069.1.1.utmcsr%3Dsccfm%7Cutmccn%3D134%7Cutmcmd%3D(not%2520set)%3B&utmjid=788537036&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
SPDY
Server
172.217.21.232 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f232.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Feb 2018 14:11:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/
12 KB
4 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
SPDY
Server
13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
29ffc149b62c81598d2a87ce3a0b3b3eba0116a454622f49ec0b6e3328dab0a1

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 23 Feb 2018 14:11:08 GMT
content-encoding
gzip
last-modified
Wed, 07 Feb 2018 01:00:00 GMT
x-msedge-ref
Ref A: 1E5453DC7DBA4FF2BC51E0612863529E Ref B: FRAEDGE0215 Ref C: 2018-02-23T14:11:09Z
status
200
etag
"0a884faae9fd31:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
4084
fbevents.js
connect.facebook.net/en_US/
39 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
SPDY
Server
157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
29451fb716c05b025bfb8a468767f7112baad0112dbc512d1610f64dbbad4bc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
12439
x-xss-protection
0
pragma
private
x-fb-debug
fI9kksfOcaEk/1M4akn4E7UTKMqMRpgH14cymmY7XE2k85+WOov0YJfyaAzf2KoDm/PzajFb6rwMR3WynZicig==
date
Fri, 23 Feb 2018 14:11:09 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
script.js
cdn.listrakbi.com/scripts/
58 KB
19 KB
Script
General
Full URL
https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Server
54.230.45.165 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-45-165.fra6.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
82c2e93e838277dfc637da891ea9854e5c4b25b917dfa0f8def7f20c5d5ff795

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 19 Jan 2018 07:18:36 GMT
Content-Encoding
gzip
X-AspNet-Version
4.0.30319
Age
310
X-Powered-By
ASP.NET
X-Cache
Hit from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection
keep-alive
Content-Length
18514
Last-Modified
Thu, 30 Nov 2017 23:03:02 GMT
Server
Microsoft-IIS/8.5
X-ltk
1/19/2018 2:18:36 AM
ETag
"f3D7Al/CyTzBDmGxGkqb5Q=="
Vary
Accept-encoding
Content-Type
text/javascript
Via
1.1 7b6339693d82ec593824b8c6ad776117.cloudfront.net (CloudFront)
Cache-Control
public, no-transform, max-age=3600, s-maxage=600, no-cache="set-cookie"
Accept-Ranges
bytes
X-Amz-Cf-Id
WYqKCYJXUU4ek5VqUgiztWS7CY_cHIq_p_6_amCSfS501AMn85sAGQ==
Expires
Fri, 19 Jan 2018 08:18:36 GMT
1374492936214348
connect.facebook.net/signals/config/
1 KB
1 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1374492936214348?v=2.8.12&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Server
157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
ffbb37761d49420f36b7b937edf5793147171e6e361df2afbba0c4053a30e0dc
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
779
x-xss-protection
0
pragma
public
x-fb-debug
CZ0twibw34CHGV11xHOlMbWIJHGRtmOyVNnNImQAWPJYTjoyL34d9svNudrNcEPqlWJRwcddtjBrAVsue2a5ew==
x-frame-options
DENY
date
Fri, 23 Feb 2018 14:11:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
296 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1374492936214348&ev=PageView&dl=https%3A%2F%2Fchwplan.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dsccfm%26utm_campaign%3D134%26r%3D290&rl=&if=false&ts=1519395069407&sw=1600&sh=1200&v=2.8.12&r=stable&ec=0&o=28&it=1519395069399
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
SPDY
Server
157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 23 Feb 2018 14:11:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 23 Feb 2018 14:11:09 GMT
getIds
s1.listrakbi.com/3QgckfkNYGiq/session/
155 B
1 KB
Script
General
Full URL
https://s1.listrakbi.com/3QgckfkNYGiq/session/getIds?callback=ltkCallback7164&gsid=&_sid=&_tid=564543
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol
HTTP/1.1
Server
54.80.218.53 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-80-218-53.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bf781e594c6d1e82835604d8dbe5d6c374614b0bc65b68cfdd485863324f5406

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Feb 2018 14:11:09 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control
no-cache, no-cache="set-cookie"
Connection
keep-alive
Content-Type
application/x-javascript; charset=utf-8
Content-Length
155
Expires
-1
0
bat.bing.com/action/
0
148 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5223598&Ver=2&mid=b1c9860c-451d-d9d0-cfa9-f758d008ceac&evt=pageLoad&sid=036e8707-1&lt=1579&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Choice%20Home%20Warranty&p=https%3A%2F%2Fchwplan.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dsccfm%26utm_campaign%3D134%26r%3D290&r=&msclkid=N&rn=163976
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
SPDY
Server
13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Fri, 23 Feb 2018 14:11:08 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 78DBAFE49A4A4BB1B9933935FD140CB2 Ref B: FRAEDGE0215 Ref C: 2018-02-23T14:11:09Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.securedvisit.com/citecapture/
0
174 B
Script
General
Full URL
https://track.securedvisit.com/citecapture/?cc_event=viewpage&cc_context=View%20Page&sv_cid=2810_03958&sv_onetag_id=1781&sv_session=4c4c8d39779b48319e4b15f5692a6f2d&sv_ver=1.6.8&sv_dt=2018-02-23T14%3A11%3A09.835Z&sv_referrer=
Requested by
Host: track.securedvisit.com
URL: https://track.securedvisit.com/js/sv.js
Protocol
HTTP/1.1
Server
52.22.210.9 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-210-9.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:11:09 GMT
Server
nginx/1.12.1
Connection
keep-alive
Content-Length
0
Content-Type
application/javascript; charset=utf-8
/
track.securedvisit.com/
51 B
658 B
Image
General
Full URL
https://track.securedvisit.com/?sv_dt=2018-02-23T14%3A11%3A09.834Z&sv_cid=2810_03958&sv_width=1600&sv_height=1200&sv_pixelDepth=24&sv_colorDepth=24&sv_cookieEnabled=true&sv_lang=en-us&sv_charset=UTF-8&sv_referrer=&sv_title=Choice%20Home%20Warranty&sv_tzOffset=0000&sv_inframe=false&sv_ver=1.6.8&sv_session=4c4c8d39779b48319e4b15f5692a6f2d&sv_first=true&sv_utma=136185571.1695276160.1519395069.1519395069.1519395069.1
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Server
52.22.210.9 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-210-9.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
1c7e88364233e27b707e34abf3171c2771ef7014512dc5c6b62ae72194e4fa92

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Feb 2018 14:11:10 GMT
Server
nginx/1.12.1
P3P
CP="DSP NON COR OUR CUR ADM DEVo TAIo PSAo PSDi IVAo IVDi CONi BUS DEM UNI STA PUR LOC NAV COM INT PHY ONL", policyref="/w3c/p3p.xml"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
51
update
sca1.listrakbi.com/3QgckfkNYGiq/cart/
44 B
610 B
Image
General
Full URL
https://sca1.listrakbi.com/3QgckfkNYGiq/cart/update?gsid=bcae6be9-63eb-4c83-a6d2-4a6f7400a5bd&_sid=6541bda8-a25e-4e9c-b2d0-7b48b5fe7cf3&_tid=564543&_uid=C3FCEC15-DD4E-4552-AAA9-DEDCD7EB0C7A&s_0=warranty-quote&q_0=1&p_0=1.00&n_0=Warranty%20Quote
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Server
54.80.218.53 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-80-218-53.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:11:12 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control
no-cache, no-cache="set-cookie"
Connection
keep-alive
Content-Type
image/gif
Content-Length
44
g.jsonp
aa.agkn.com/adscores/
Redirect Chain
  • https://adadvisor.net/adscores/g.jsonp?sid=9202274878&userid=B7CC46-1540192F-C5DC-4E93-97A9-4160470CD386
  • https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=B7CC46-1540192F-C5DC-4E93-97A9-4160470CD386&&bounced=1
70 B
404 B
Script
General
Full URL
https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=B7CC46-1540192F-C5DC-4E93-97A9-4160470CD386&&bounced=1
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
Protocol
HTTP/1.1
Server
34.243.136.23 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-136-23.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e162ed870cd96f77d94a7bf953aa5434d641c44e8153083de36ffa228288c9a9

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:11:10 GMT
Server
AAWebServer
Connection
close
P3P
policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Content-Length
70
Content-Type
application/json

Redirect headers

Location
https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=B7CC46-1540192F-C5DC-4E93-97A9-4160470CD386&&bounced=1
Date
Fri, 23 Feb 2018 14:11:10 GMT
Server
AAWebServer
Connection
close
P3P
policyref="http://www.adadvisor.net/w3c/p3p.xml",CP="NOI NID"
4328ECFA2D48
apis.murdoog.com/mgx_2/C/RawData/
208 B
1 KB
Script
General
Full URL
https://apis.murdoog.com/mgx_2/C/RawData/4328ECFA2D48?v=1540192f-c5dc-4e93-97a9-4160470cd386&m=772ddcf1-c483-484a-9777-d4af9f74de66&se=f7c20586-a0bd-4901-bd5e-d646f23c12b5&d=eyJ2IjoiMTU0MDE5MmYtYzVkYy00ZTkzLTk3YTktNDE2MDQ3MGNkMzg2IiwibSI6Ijc3MmRkY2YxLWM0ODMtNDg0YS05Nzc3LWQ0YWY5Zjc0ZGU2NiIsImNzaSI6MTEzOTY3MTU1NCwic2UiOiJmN2MyMDU4Ni1hMGJkLTQ5MDEtYmQ1ZS1kNjQ2ZjIzYzEyYjUiLCJuIjoxLCJwIjoiYTY4M2NiYzUtMjFiNC00Yzk0LTg2MGMtZmJjZWY5MDBjOThjIiwidSI6Imh0dHBzOi8vY2h3cGxhbi5jb20vYS9hNjkvaW5kZXgucGhwP3V0bV9zb3VyY2U9c2NjZm0mdXRtX2NhbXBhaWduPTEzNCZyPTI5MCIsInBuIjoiL2EvYTY5L2luZGV4LnBocCIsInQiOiJDaG9pY2UgSG9tZSBXYXJyYW50eSIsImMiOiJodHRwczovL2Nod3BsYW4uY29tL2EvYTY5L2luZGV4LnBocD91dG1fc291cmNlPXNjY2ZtJnV0bV9jYW1wYWlnbj0xMzQmcj0yOTAiLCJwciI6IkI3Q0M0NiIsInV0bV9zIjoic2NjZm0iLCJ1dG1fYyI6IjEzNCIsInMiOjEsInZzIjoxLCJsIjoiUGFnZUxvYWQifQ%3D%3D&callback=cbc3069721c72c8
Requested by
Host: code.murdoog.com
URL: https://code.murdoog.com/onetag/C14328ECFA2D48.js
Protocol
HTTP/1.1
Server
34.192.159.131 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-192-159-131.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3abc6bbe1c7b22c07e6a9136775ea7241a4ae71a324c57e79a04be954ce4b45d

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:11:19 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private
Connection
keep-alive
Content-Length
301
4328ECFA2D48
apis.murdoog.com/mgx_2/C/RawData/
208 B
1 KB
Script
General
Full URL
https://apis.murdoog.com/mgx_2/C/RawData/4328ECFA2D48?v=1540192f-c5dc-4e93-97a9-4160470cd386&m=772ddcf1-c483-484a-9777-d4af9f74de66&se=f7c20586-a0bd-4901-bd5e-d646f23c12b5&d=eyJ2IjoiMTU0MDE5MmYtYzVkYy00ZTkzLTk3YTktNDE2MDQ3MGNkMzg2IiwibSI6Ijc3MmRkY2YxLWM0ODMtNDg0YS05Nzc3LWQ0YWY5Zjc0ZGU2NiIsImNzaSI6MTEzOTY3MTU1NCwic2UiOiJmN2MyMDU4Ni1hMGJkLTQ5MDEtYmQ1ZS1kNjQ2ZjIzYzEyYjUiLCJwIjoiYTY4M2NiYzUtMjFiNC00Yzk0LTg2MGMtZmJjZWY5MDBjOThjIiwidSI6Imh0dHBzOi8vY2h3cGxhbi5jb20vYS9hNjkvaW5kZXgucGhwP3V0bV9zb3VyY2U9c2NjZm0mdXRtX2NhbXBhaWduPTEzNCZyPTI5MCIsInBuIjoiL2EvYTY5L2luZGV4LnBocCIsInQiOiJDaG9pY2UgSG9tZSBXYXJyYW50eSIsImMiOiJodHRwczovL2Nod3BsYW4uY29tL2EvYTY5L2luZGV4LnBocD91dG1fc291cmNlPXNjY2ZtJnV0bV9jYW1wYWlnbj0xMzQmcj0yOTAiLCJwciI6IkI3Q0M0NiIsImVpZCI6Im5zX3NlZ18wMDAiLCJ1dG1fcyI6InNjY2ZtIiwidXRtX2MiOiIxMzQiLCJzIjoyLCJ2cyI6MSwibCI6IkFjdGlvbiIsInYwMSI6IkVpZCIsInYwMiI6Im5zX3NlZ18wMDAifQ%3D%3D&callback=cb25a9fde7c5f08
Requested by
Host: code.murdoog.com
URL: https://code.murdoog.com/onetag/C14328ECFA2D48.js
Protocol
HTTP/1.1
Server
34.192.159.131 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-192-159-131.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9cc2a748039395396d37dfb8e1dfe5fae33747951f55f439d75618eefd6d1d84

Request headers

Referer
https://chwplan.com/a/a69/index.php?utm_source=sccfm&utm_campaign=134&r=290
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Feb 2018 14:11:05 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private
Connection
keep-alive
Content-Length
300

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| PopIt function| UnPopIt object| _svq function| doTrk function| doCalculate function| doCalculate2 object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_remarketing_for_search object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions string| gaJsHost object| _gat object| _gaq object| pageTracker object| gaGlobal object| uetq function| fbq function| _fbq string| biJsHost function| _MGX_LU function| _MGX_LG object| MGX object| __MGX__ object| MGX_API function| _Utilities function| AsyncManager function| AsyncCall function| Identity function| LTK function| _Order function| _TRKT function| _Product function| _Customer function| _Client function| _Assembler function| _LTKClick function| _LTKSubscriber function| _Profile function| _ProfileItem function| _LTKSignup function| isWatermark function| SessionTracker function| SCAItem function| getCookieDomain function| _Session string| _protocol object| _ltk_util object| match string| _ltkwmt object| _ltk object| customEvent object| jQueryLoadCall number| _jQueryLoadInterval object| ltkLoadCall number| _ltkLoadInterval number| c_start string| ua object| matched object| browser object| lists function| UET object| sv_event object| _svData object| _svt function| neustarResponse boolean| __MGX_E__ undefined| cbc3069721c72c8 undefined| cb25a9fde7c5f08

14 Cookies

Domain/Path Name / Value
.chwplan.com/ Name: STSID564543
Value: 6541bda8-a25e-4e9c-b2d0-7b48b5fe7cf3
.chwplan.com/ Name: GSID3QgckfkNYGiq
Value: bcae6be9-63eb-4c83-a6d2-4a6f7400a5bd
.chwplan.com/ Name: __utmt
Value: 1
.chwplan.com/ Name: __utmz
Value: 136185571.1519395069.1.1.utmcsr=sccfm|utmccn=134|utmcmd=(not%20set)
chwplan.com/ Name: ServerID
Value: 1025
.chwplan.com/ Name: _uetsid
Value: _uet036e8707
.chwplan.com/ Name: __utmc
Value: 136185571
.chwplan.com/ Name: MGX_CID
Value: 0863f4c0-065f-4ea6-b8b0-5dc0721eef89
.chwplan.com/ Name: MGX_PX
Value: f7c20586-a0bd-4901-bd5e-d646f23c12b5
.chwplan.com/ Name: _svsid
Value: 4c4c8d39779b48319e4b15f5692a6f2d
.chwplan.com/ Name: MGX_U
Value: 772ddcf1-c483-484a-9777-d4af9f74de66
.chwplan.com/ Name: MGX_P
Value: 1540192f-c5dc-4e93-97a9-4160470cd386
.chwplan.com/ Name: __utmb
Value: 136185571.1.10.1519395069
.chwplan.com/ Name: __utma
Value: 136185571.1695276160.1519395069.1519395069.1519395069.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
adadvisor.net
apis.murdoog.com
bat.bing.com
cdn.listrakbi.com
chwplan.com
code.murdoog.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
rdcdn.com
s1.listrakbi.com
sca1.listrakbi.com
ssl.google-analytics.com
track.securedvisit.com
www.chwplan.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
107.22.160.161
13.107.21.200
146.20.84.216
157.240.20.19
157.240.20.35
172.217.21.232
172.217.22.34
172.217.22.66
205.234.175.175
216.58.206.3
216.58.207.67
216.58.207.74
216.58.208.36
34.192.159.131
34.242.96.54
34.243.136.23
52.22.210.9
54.230.45.165
54.80.218.53
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c7e88364233e27b707e34abf3171c2771ef7014512dc5c6b62ae72194e4fa92
29451fb716c05b025bfb8a468767f7112baad0112dbc512d1610f64dbbad4bc0
29dfcec3cdc29247824b12860c03424435087cabd120edc8cf797d3a6b1d9cf4
29ffc149b62c81598d2a87ce3a0b3b3eba0116a454622f49ec0b6e3328dab0a1
342f64eee8020ed8ccd8c957c7c3442acc3fd585a200470edfcd199549a1eae9
3696787b5628c80ea9ae73a18a2de9414b9cd5b8106de5edc9acc377c722ca61
39fd9c35d7c10b0d25399bba1275b88d590b6428ee7f3cf28421d8a80b8d0e8b
3abc6bbe1c7b22c07e6a9136775ea7241a4ae71a324c57e79a04be954ce4b45d
3d0f4d6db5a4a147d190207e58cc94a26697dc91cf6a3cbcca9cda0edb94ef4c
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
52b860bf171d4c3ddb8c50fe9b1cf48cd6337c07f0b111788d7ba34aad733299
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55b90523aabe14478d4e85de11038ffe927f92a520b2ff59907f5a6755f0df8f
7b2751e9f78b28ba219da86ee5acceffb7f9bef80a1db0617023b2da321c16d3
7c2c58fc24e2d3458b88680cfad4577011697df9a1406808f2f7d8f46060d8a7
812ac81da4f689edcdac326a9b4f0810bfc4619a16e665a9989b865451e10970
81a3487cf49a66c946a642f19c8f0a0d0484c49958d22f13d803f148f635039d
82c2e93e838277dfc637da891ea9854e5c4b25b917dfa0f8def7f20c5d5ff795
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
93f6ce56be9b5d1cc8f0462801eebf1f4612ed1c5e9e0a389072c7b3fabee5b7
98786c449e5a4b389780e3f5363ec29ba2d67e3b0399a73a2a944a9b0a6261ae
9cc2a748039395396d37dfb8e1dfe5fae33747951f55f439d75618eefd6d1d84
a8d0fedb1ea3bf3105179cbc2f16c83a387c7293ec70b17132148cf2fe5035ab
bf781e594c6d1e82835604d8dbe5d6c374614b0bc65b68cfdd485863324f5406
c0bc7fce9f7c2e368407610a4b45af17fa5adbbcb6a7f5f92efd2198ca448d59
c151a7e68aedc7bd4d84cb2096e92ee2f055c16be01c2ba027acd38b6cc9d52a
d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a
d9583cbfae5519b983d838d3a8bd3391f6aca916b164e859e358b20090c22895
dbb74a21ed22ebec31d2683cfbe7c528831e103f96de8d1ba734388ae75f8524
df3783a24593413959e70f42a2f86c6ae4e92fdb12de2797bb35af54c34c68a4
e162ed870cd96f77d94a7bf953aa5434d641c44e8153083de36ffa228288c9a9
e2f4e3dd1fe889ca75b3456318cbc933f26a8f6ca462c1a324919917a585fe87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd03ab3a1f8f4fee1f13400764eaa7de9b4ec3da31a2de7f2a5a40e2ea181a7
ee5e6f24e63a934667e065cf35fa4cdb9a1ec3391da17621c3994fdb63bb82ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a974df6314eccf6bafadf8a8008e1b9c5e4686688f862c6a4e866f20725d72
ffbb37761d49420f36b7b937edf5793147171e6e361df2afbba0c4053a30e0dc