chwdeal.com Open in urlscan Pro
146.20.84.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3a1s15C#8bWKk.osBQyNfxPfuEMCzTPlwOqtns?fdrwgoeqghjgm=vefhletzalnde1b7bndv0214qf01hxjg021rh1k0f7q...
Effective URL:
https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Submission: On April 17 via api (April 17th 2021, 3:11:00 am UTC) from BE

Summary HTTP 87 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 33 IPs in 8 countries across 55 domains to perform 87 HTTP transactions. The main IP is 146.20.84.216, located in United States and belongs to RACKSPACE, US. The main domain is chwdeal.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2020. Valid for: a year.

This is the only time chwdeal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
2 3	212.129.34.68 212.129.34.68	12876 (Online SAS) (Online SAS)
1	45.148.9.118 45.148.9.118	396073 (MAJESTIC-...) (MAJESTIC-HOSTING-01)
1 9	146.20.84.216 146.20.84.216	27357 (RACKSPACE) (RACKSPACE)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	99.84.156.18 99.84.156.18	16509 (AMAZON-02) (AMAZON-02)
1	13.33.136.122 13.33.136.122	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	99.84.154.9 99.84.154.9	16509 (AMAZON-02) (AMAZON-02)
1 3	35.227.244.1 35.227.244.1	15169 (GOOGLE) (GOOGLE)
3	143.204.245.118 143.204.245.118	16509 (AMAZON-02) (AMAZON-02)
1 31	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	35.174.31.79 35.174.31.79	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.132.239.61 18.132.239.61	16509 (AMAZON-02) (AMAZON-02)
1 1	213.19.147.151 213.19.147.151	26120 (RHYTHMONE) (RHYTHMONE)
2 2	3.126.158.103 3.126.158.103	16509 (AMAZON-02) (AMAZON-02)
1 1	23.45.110.176 23.45.110.176	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.28.254.214 52.28.254.214	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.172.223 18.195.172.223	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:16e5:e760:b671:d648	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	184.30.21.112 184.30.21.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	143.204.243.222 143.204.243.222	16509 (AMAZON-02) (AMAZON-02)
1	54.208.22.157 54.208.22.157	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.211.199.159 3.211.199.159	14618 (AMAZON-AES) (AMAZON-AES)
2 2	63.32.152.233 63.32.152.233	16509 (AMAZON-02) (AMAZON-02)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	80.252.91.52 80.252.91.52	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
1 1	54.80.70.38 54.80.70.38	14618 (AMAZON-AES) (AMAZON-AES)
3 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	18.210.140.68 18.210.140.68	14618 (AMAZON-AES) (AMAZON-AES)
1	34.253.129.66 34.253.129.66	16509 (AMAZON-02) (AMAZON-02)
2 2	143.204.245.56 143.204.245.56	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	143.204.245.61 143.204.245.61	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.156.231 45.79.156.231	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	3.88.253.15 3.88.253.15	14618 (AMAZON-AES) (AMAZON-AES)
1	52.30.2.3 52.30.2.3	16509 (AMAZON-02) (AMAZON-02)
1	35.190.54.17 35.190.54.17	15169 (GOOGLE) (GOOGLE)
87	33

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.129.34.68 (Paris, France) 2 redirects

ASN12876 (Online SAS, FR)
PTR: 212-129-34-68.rev.cloudlinkd.net

labelstudy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.148.9.118 (Dallas, United States)

ASN396073 (MAJESTIC-HOSTING-01, US)

www.glyzpoed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 146.20.84.216 (United States) 1 redirects

ASN27357 (RACKSPACE, US)

chwdeal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.chwplan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.156.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-18.txl52.r.cloudfront.net

cdn.datasteam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.136.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-136-122.cph50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.154.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-154-9.txl52.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.244.1 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com

shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.245.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-118.cph50.r.cloudfront.net

d3rr3d0n31t48m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 72.21.206.140 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.174.31.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-31-79.compute-1.amazonaws.com

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sca1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.239.61 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-239-61.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.151 (United Kingdom) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.158.103 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.110.176 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-110-176.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.254.214 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.172.223 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-172-223.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:16e5:e760:b671:d648 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.112 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.243.222 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-243-222.cph50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.22.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-22-157.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.199.159 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-199-159.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.152.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-152-233.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.252.91.52 (Amsterdam, Netherlands) 1 redirects

ASN15830 (EQUINIX-CONNECT, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.80.70.38 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.140.68 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.129.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-129-66.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.245.56 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-56.cph50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.246 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.145 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.245.61 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-61.cph50.r.cloudfront.net

pixel.placed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.156.231 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-10.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.88.253.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-253-15.compute-1.amazonaws.com

at1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.2.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-2-3.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.54.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com

shopper.shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	13 KB
8	chwdeal.com 1 redirects chwdeal.com	181 KB
7	doubleclick.net 4 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	4 KB
6	listrakbi.com cdn.listrakbi.com s1.listrakbi.com sca1.listrakbi.com at1.listrakbi.com	24 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com cms.analytics.yahoo.com	2 KB
4	shop.pe 1 redirects shop.pe shopper.shop.pe	25 KB
4	google.de www.google.de	786 B
4	google.com 1 redirects www.google.com	744 B
4	google-analytics.com 1 redirects www.google-analytics.com ssl.google-analytics.com	36 KB
3	cloudfront.net d3rr3d0n31t48m.cloudfront.net	50 KB
3	googletagmanager.com www.googletagmanager.com	103 KB
3	labelstudy.com 2 redirects labelstudy.com	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	947 B
2	tapad.com 2 redirects pixel.tapad.com	953 B
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	semasio.net 2 redirects uipglob.semasio.net	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	openx.net 2 redirects us-u.openx.net	620 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com	739 B
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	498 B
2	serving-sys.com 2 redirects bs.serving-sys.com lm.serving-sys.com	1022 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	adform.net 2 redirects c1.adform.net	997 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	659 B
2	bidswitch.net 2 redirects x.bidswitch.net	880 B
2	bing.com bat.bing.com	9 KB
2	facebook.net connect.facebook.net	35 KB
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	3 KB
2	googleadservices.com www.googleadservices.com	30 KB
1	taboola.com 1 redirects sync.taboola.com	298 B
1	ispot.tv 1 redirects pi.ispot.tv	342 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com	612 B
1	exelator.com loadus.exelator.com	324 B
1	placed.com 1 redirects pixel.placed.com	568 B
1	rubiconproject.com 1 redirects token.rubiconproject.com	332 B
1	mookie1.com 1 redirects odr.mookie1.com	600 B
1	samba.tv 1 redirects ads.samba.tv	292 B
1	samplicio.us usersync.samplicio.us	263 B
1	imdb.com 1 redirects www.imdb.com	858 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com	760 B
1	zeotap.com spl.zeotap.com	731 B
1	tremorhub.com amazon.partners.tremorhub.com	183 B
1	bluekai.com 1 redirects tags.bluekai.com	811 B
1	1rx.io 1 redirects sync.1rx.io	322 B
1	agkn.com 1 redirects aa.agkn.com	337 B
1	facebook.com www.facebook.com	259 B
1	datasteam.io cdn.datasteam.io	22 KB
1	chwplan.com www.chwplan.com	19 KB
1	cloudflare.com cdnjs.cloudflare.com	27 KB
1	googleapis.com fonts.googleapis.com	868 B
1	glyzpoed.com www.glyzpoed.com	472 B
1	bit.ly 1 redirects bit.ly	139 B
0	survata.com Failed px.surveywall-api.survata.com Failed
87	55

	Domain	Requested by
31	s.amazon-adsystem.com	1 redirects chwdeal.com s.amazon-adsystem.com
8	chwdeal.com	1 redirects www.glyzpoed.com chwdeal.com
4	www.google.de	chwdeal.com
4	www.google.com	1 redirects chwdeal.com
3	at1.listrakbi.com	cdn.listrakbi.com
3	cm.g.doubleclick.net	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	d3rr3d0n31t48m.cloudfront.net	chwdeal.com shop.pe
3	shop.pe	1 redirects d3rr3d0n31t48m.cloudfront.net
3	www.googletagmanager.com	chwdeal.com www.googletagmanager.com
3	labelstudy.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	pixel.tapad.com	2 redirects
2	ib.adnxs.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	us-u.openx.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	t.myvisualiq.net	2 redirects
2	pixel.advertising.com	2 redirects
2	x.bidswitch.net	2 redirects
2	bat.bing.com	chwdeal.com
2	connect.facebook.net	chwdeal.com connect.facebook.net
2	ssl.google-analytics.com	1 redirects chwdeal.com
2	stats.g.doubleclick.net	1 redirects www.google-analytics.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googleadservices.com	chwdeal.com www.googletagmanager.com
1	shopper.shop.pe	shop.pe
1	insight.adsrvr.org	js.adsrvr.org
1	sca1.listrakbi.com	chwdeal.com
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	pixel.placed.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	beacon.krxd.net	s.amazon-adsystem.com
1	usermatch.krxd.net	1 redirects
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	spl.zeotap.com	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	tags.bluekai.com	1 redirects
1	sync.1rx.io	1 redirects
1	aa.agkn.com	1 redirects
1	s1.listrakbi.com	cdn.listrakbi.com
1	www.facebook.com	chwdeal.com
1	cdn.listrakbi.com	chwdeal.com
1	js.adsrvr.org	chwdeal.com
1	cdn.datasteam.io	chwdeal.com
1	www.chwplan.com	chwdeal.com
1	cdnjs.cloudflare.com	chwdeal.com
1	fonts.googleapis.com	chwdeal.com
1	www.glyzpoed.com	labelstudy.com
1	bit.ly	1 redirects
0	px.surveywall-api.survata.com Failed	s.amazon-adsystem.com
87	66

This site contains links to these domains. Also see Links.

Domain
www.choicehomewarranty.com

Subject Issuer	Validity	Valid
www.glyzpoed.com R3	`2021-04-11` - `2021-07-10`	3 months	crt.sh
chwplan.com Go Daddy Secure Certificate Authority - G2	`2020-04-29` - `2021-05-14`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
cdn.datasteam.io Amazon	`2020-11-19` - `2021-12-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.listrakbi.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-29` - `2021-06-22`	6 months	crt.sh
*.samplicio.us Amazon	`2021-04-17` - `2022-05-16`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.shop.pe RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-03` - `2021-10-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Frame ID: B828FC296A2C5E22FAD31E3CC1C467A8
Requests: 49 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=641952459557987700&dcc=t
Frame ID: 610D34455DD79F943E12B35E886F1D49
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Frame ID: 245D80D3B621802E4A80AF96C42E7D4F
Requests: 36 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=zl9kfqh1&ref=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&upid=7h0r1mr&upv=1.1.0
Frame ID: 88F06A1F9B7975D6E829A1437421A380
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3a1s15C HTTP 301
http://labelstudy.com/anchor HTTP 301
http://labelstudy.com/anchor/ Page URL
http://labelstudy.com/8bWKk.osBQyNfxPfuEMCzTPlwOqtns?fdrwgoeqghjgm=vefhletzalnde1b7bndv0214qf01hxj... HTTP 302
https://www.glyzpoed.com/xCej0U4iHE-xyGebBRTochPt7mTY0AxMUVqWTm0p1nXCjrRnhXJ7WgJJ_bHkhzK2082iaphfgyYN... Page URL
http://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token... HTTP 301
https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token... Page URL

Page Statistics

87
Requests

98 %
HTTPS

22 %
IPv6

55
Domains

66
Subdomains

33
IPs

8
Countries

586 kB
Transfer

1317 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.choicehomewarranty.com/user_agreement.php
Title: Click Here

Search URL Search Domain Scan URL

URL: http://www.choicehomewarranty.com/privacy_policy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3a1s15C HTTP 301
http://labelstudy.com/anchor HTTP 301
http://labelstudy.com/anchor/ Page URL
http://labelstudy.com/8bWKk.osBQyNfxPfuEMCzTPlwOqtns?fdrwgoeqghjgm=vefhletzalnde1b7bndv0214qf01hxjg021rh1k0f7qff912ed HTTP 302
https://www.glyzpoed.com/xCej0U4iHE-xyGebBRTochPt7mTY0AxMUVqWTm0p1nXCjrRnhXJ7WgJJ_bHkhzK2082iaphfgyYNUpSA5vyrOg~~/2_49765_2516236/2285_3412023_0f7qff9_56/677428771 Page URL
http://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832 HTTP 301
https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/3a1s15C HTTP 301
http://labelstudy.com/anchor HTTP 301
http://labelstudy.com/anchor/

Request Chain 1

http://labelstudy.com/8bWKk.osBQyNfxPfuEMCzTPlwOqtns?fdrwgoeqghjgm=vefhletzalnde1b7bndv0214qf01hxjg021rh1k0f7qff912ed HTTP 302
https://www.glyzpoed.com/xCej0U4iHE-xyGebBRTochPt7mTY0AxMUVqWTm0p1nXCjrRnhXJ7WgJJ_bHkhzK2082iaphfgyYNUpSA5vyrOg~~/2_49765_2516236/2285_3412023_0f7qff9_56/677428771

Request Chain 28

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1441157528&utmhn=chwdeal.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Choice%20Home%20Warranty&utmhid=2112415898&utmr=-&utmp=%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&utmht=1618629041636&utmac=UA-6898183-1&utmcc=__utma%3D213928645.501282871.1618629041.1618629042.1618629042.1%3B%2B__utmz%3D213928645.1618629042.1.1.utmcsr%3DMADMFM%7Cutmccn%3D162705_2_49765_2516236%7Cutmcmd%3D(not%2520set)%3B&utmjid=1125515074&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6898183-1&cid=501282871.1618629041&jid=1125515074&_v=5.7.2&z=1441157528 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=501282871.1618629041&jid=1125515074&_v=5.7.2&z=1441157528 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=501282871.1618629041&jid=1125515074&_v=5.7.2&z=1441157528&slf_rd=1&random=152899272

Request Chain 32

https://shop.pe/widget/widget_async.js HTTP 301
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

Request Chain 33

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=641952459557987700 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=641952459557987700&dcc=t

Request Chain 43

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=164921103759000037000&ex=neustar.biz

Request Chain 44

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=OPTOUT&ex=rhythmone.com

Request Chain 45

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=48a50162b6e2d7af28a332e71608141b

Request Chain 46

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=%2Bb3Dvx9999OSl7oQ

Request Chain 47

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1 HTTP 302
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP7e5ed96b-9f2a-11eb-a026-06551156f9d2 HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP7e5ed96b-9f2a-11eb-a026-06551156f9d2&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?id=6e48fc24f4f19369c73c41e9cbfd0e469095ab77&ex=aoldisplay.com

Request Chain 48

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=acbf21e5-dc0f-4edc-95ee-9aa4b115991a

Request Chain 52

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=6c4c42bdae9dd5aa123f37edac1d8e&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 53

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 55

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=d64ad676d24fd3ba

Request Chain 56

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=lARcusbKQyOe_nRfE1NkPQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=lARcusbKQyOe_nRfE1NkPQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=35501636384438535750696791964897751319

Request Chain 57

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=KGMHNb3BSvOIAwgUDzgmaw HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10827779404177933282&gdpr=&gdpr_consent=

Request Chain 59

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4719829242195577490

Request Chain 60

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=7e9987a6-9f2a-11eb-ad56-1d37f49c3806 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=7e99875a-9f2a-11eb-ad56-1d37f49c3806

Request Chain 61

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2251881393-cbbd-425e-9367-be22b90a588d%22,%22Time%22:%2220210416T231042.513963%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=51881393-cbbd-425e-9367-be22b90a588d

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm=&ex=doubleclick.net&google_tc= HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEESCtNtWBFmwDsS-bN6WvZg&google_cver=1

Request Chain 63

https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

Request Chain 64

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=c2912f22ff21da5280ee93300365ff2c

Request Chain 65

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=6e0344aa-538e-c56a-1ade-44428423def5

Request Chain 66

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KShmgnXAcOQpn6iFSiIdejc4dAE4ZgIC

Request Chain 67

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=4463FD6DC8B1AFFD

Request Chain 68

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=7500861174385313522&ex=appnexus.com

Request Chain 69

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=SaylW8TSNx9pCeXCAeeONg&ex=rubiconproject.com&status=ok

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=oEUnOiClSoCuY-9tw-cgnQ& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 71

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-56578a28-ecdd-4c83-a2bf-b2f799635876&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-56578a28-ecdd-4c83-a2bf-b2f799635876 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-56578a28-ecdd-4c83-a2bf-b2f799635876&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-56578a28-ecdd-4c83-a2bf-b2f799635876 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-56578a28-ecdd-4c83-a2bf-b2f799635876

Request Chain 73

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E79C4F2DB3517A60AF66E80402276B96

Request Chain 74

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-_X54dDd1l2M9YgVRjt6wWWbpcDJ1_w8-

Request Chain 75

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=fb2a80db744e28fc82b036a23c533c8c8524d9986cc055a78576a3201856ae34

Request Chain 76

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=D03D5AA4-B567-4596-8A3C-7489D3F42D2B

Request Chain 77

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=069e5c2c-cd5d-437c-bba5-48b8e9baaa48-tuct773d732

87 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
labelstudy.com/anchor/
Redirect Chain

https://bit.ly/3a1s15C
http://labelstudy.com/anchor
http://labelstudy.com/anchor/

614 B
861 B

32ms
27ms

Document
text/html

212.129.34.68
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://labelstudy.com/anchor/
Protocol: HTTP/1.1
Server: 212.129.34.68 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 212-129-34-68.rev.cloudlinkd.net
Software: Apache /
Resource Hash: 179480435f74026d8235d5038cf816c93f9655301a4667ec517347e569d45e6b

Request headers

Host: labelstudy.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 03:10:38 GMT
Server: Apache
Last-Modified: Sat, 13 Feb 2021 12:58:29 GMT
ETag: "266-5bb374f2e207c"
Accept-Ranges: bytes
Content-Length: 614
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sat, 17 Apr 2021 03:10:38 GMT
Server: Apache
Location: http://labelstudy.com/anchor/
Content-Length: 237
Connection: close
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

Cookie set 677428771 Show response
www.glyzpoed.com/xCej0U4iHE-xyGebBRTochPt7mTY0AxMUVqWTm0p1nXCjrRnhXJ7WgJJ_bHkhzK2082iaphfgyYNUpSA5vyrOg~~/2_49765_2516236/2285_3412023_0f7qff9_56/
Redirect Chain

http://labelstudy.com/8bWKk.osBQyNfxPfuEMCzTPlwOqtns?fdrwgoeqghjgm=vefhletzalnde1b7bndv0214qf01hxjg021rh1k0f7qff912ed
https://www.glyzpoed.com/xCej0U4iHE-xyGebBRTochPt7mTY0AxMUVqWTm0p1nXCjrRnhXJ7WgJJ_bHkhzK2082iaphfgyYNUpSA5vyrOg~~/2_49765_2516236/2285_3412023_0f7qff9_56/677428771

168 B
472 B

872ms
429ms

Document
text/html

45.148.9.118
MAJESTIC-HOSTING-01

General

Check archive.org

Show headers Download Go to

Full URL: https://www.glyzpoed.com/xCej0U4iHE-xyGebBRTochPt7mTY0AxMUVqWTm0p1nXCjrRnhXJ7WgJJ_bHkhzK2082iaphfgyYNUpSA5vyrOg~~/2_49765_2516236/2285_3412023_0f7qff9_56/677428771
Requested by: Host: labelstudy.com
URL: http://labelstudy.com/anchor/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.148.9.118 Dallas, United States, ASN396073 (MAJESTIC-HOSTING-01, US),
Reverse DNS
Software: Apache /
Resource Hash: 3a3450ac1ef2eef133edcd99b3ea536abbcb2923723d1dfbb7deb76ce5ed006c

Request headers

Host: www.glyzpoed.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://labelstudy.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://labelstudy.com/anchor/#8bWKk.osBQyNfxPfuEMCzTPlwOqtns?fdrwgoeqghjgm=vefhletzalnde1b7bndv0214qf01hxjg021rh1k0f7qff912ed

Response headers

Date: Sat, 17 Apr 2021 03:10:39 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 168
Server: Apache
Set-Cookie: uid3852=596623832-20210416231039-44d3def81b7f81f69bf8adb622ccebdf-; domain=glyzpoed.com; expires=Mon, 17-May-2021 03:10:39 GMT; path=/; SameSite=None; Secure

Redirect headers

Date: Sat, 17 Apr 2021 03:10:38 GMT
Server: Apache
Location: https://www.glyzpoed.com/xCej0U4iHE-xyGebBRTochPt7mTY0AxMUVqWTm0p1nXCjrRnhXJ7WgJJ_bHkhzK2082iaphfgyYNUpSA5vyrOg~~/2_49765_2516236/2285_3412023_0f7qff9_56/677428771
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Primary Request

Cookie set index.php Show response
chwdeal.com/a/a104/
Redirect Chain

http://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

24 KB
8 KB

640ms
220ms

Document
text/html

146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Requested by: Host: www.glyzpoed.com
URL: https://www.glyzpoed.com/xCej0U4iHE-xyGebBRTochPt7mTY0AxMUVqWTm0p1nXCjrRnhXJ7WgJJ_bHkhzK2082iaphfgyYNUpSA5vyrOg~~/2_49765_2516236/2285_3412023_0f7qff9_56/677428771
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 3f68ac3475f7d8e30bac72bf0406031af2607a45d3094db2ece30cfccab7be8a

Request headers

Host: chwdeal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ServerID=1030
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.glyzpoed.com/xCej0U4iHE-xyGebBRTochPt7mTY0AxMUVqWTm0p1nXCjrRnhXJ7WgJJ_bHkhzK2082iaphfgyYNUpSA5vyrOg~~/2_49765_2516236/2285_3412023_0f7qff9_56/677428771

Response headers

Set-Cookie: ServerID=1030; path=/
Date: Sat, 17 Apr 2021 03:10:40 GMT
Server: Apache
Cache-Control: max-age=604800
Expires: Sat, 24 Apr 2021 03:10:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7798
Keep-Alive: timeout=15, max=120
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Set-Cookie: ServerID=1030; path=/
Date: Sat, 17 Apr 2021 03:10:39 GMT
Server: Apache
Location: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Cache-Control: max-age=604800
Expires: Sat, 24 Apr 2021 03:10:39 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 264
Keep-Alive: timeout=15, max=120
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6898183-1

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad3ebbfe405d065af10490aee81faffb7e3629c2f4806d761479b1ca4ef38f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37452
x-xss-protection: 0
expires: Sat, 17 Apr 2021 03:10:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1038983633

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e902e4c99eb69c83f3ed2429e24a81b4c152f86e795085d1b33c2e98d8ff9be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34067
x-xss-protection: 0
expires: Sat, 17 Apr 2021 03:10:40 GMT

GET
H/1.1 200
OK Cookie set style.css
chwdeal.com/a/a104/css/ 22 KB
5 KB 115ms
115ms Stylesheet
text/css 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://chwdeal.com/a/a104/css/style.css
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 4924c321dd2d97dc46c761a074d3ed206ec2e17b6cab04e942e44c4f5f76839f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: chwdeal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Cookie: ServerID=1030
Connection: keep-alive
Referer: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 03:10:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Apr 2020 00:32:10 GMT
Server: Apache
ETag: "4821a9-58f5-5a2e4dd2dd970"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Set-Cookie: ServerID=1030; path=/
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=119
Content-Length: 4918
Expires: Sat, 24 Apr 2021 03:10:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
868 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

586341b2e23993a5c8d45db157b5e2d287121303d207cddf4139a0e06c3b866d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 02:23:44 GMT
server: ESF
date: Sat, 17 Apr 2021 03:10:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Apr 2021 03:10:40 GMT

GET
H/1.1 200
OK Cookie set logo1.png
chwdeal.com/a/a104/images/ 7 KB
7 KB 330ms
118ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwdeal.com/a/a104/images/logo1.png
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 710f3a5cf8b8aca86421e63beb6346b53136465d6b9c5bef1ce929292cf61cc3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: chwdeal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Cookie: ServerID=1030
Connection: keep-alive
Referer: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 03:10:40 GMT
Last-Modified: Fri, 10 Apr 2020 00:32:11 GMT
Server: Apache
ETag: "48219f-1bbd-5a2e4dd429608"
Content-Type: image/png
Set-Cookie: ServerID=1030; path=/
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=118
Content-Length: 7101
Expires: Sat, 24 Apr 2021 03:10:40 GMT

GET
H/1.1 200
OK Cookie set icon1.png
chwdeal.com/a/a104/images/ 24 KB
24 KB 657ms
252ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwdeal.com/a/a104/images/icon1.png
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 7d8356d6af35a8d7dcded5eb78d8a6a2ae7774e23db1d5ce122355b7d1015e8a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: chwdeal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Cookie: ServerID=1030
Connection: keep-alive
Referer: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 03:10:41 GMT
Last-Modified: Fri, 24 Apr 2020 19:34:30 GMT
Server: Apache
ETag: "48219b-5fc5-5a40e74432869"
Content-Type: image/png
Set-Cookie: ServerID=1024; path=/
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=120
Content-Length: 24517
Expires: Sat, 24 Apr 2021 03:10:41 GMT

GET
H/1.1 200
OK Cookie set icon2.png
chwdeal.com/a/a104/images/ 15 KB
15 KB 656ms
251ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwdeal.com/a/a104/images/icon2.png
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 688aa4443fd103dd4eba9512fbd4a0ff2c47b8ebbd4b8c8d4aaef45f4e4f48b0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: chwdeal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Cookie: ServerID=1030
Connection: keep-alive
Referer: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 03:10:41 GMT
Last-Modified: Fri, 10 Apr 2020 00:32:11 GMT
Server: Apache
ETag: "48219c-3a92-5a2e4dd3f0010"
Content-Type: image/png
Set-Cookie: ServerID=1025; path=/
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=120
Content-Length: 14994
Expires: Sat, 24 Apr 2021 03:10:41 GMT

GET
H/1.1 200
OK Cookie set icon3.png
chwdeal.com/a/a104/images/ 21 KB
21 KB 670ms
264ms Image
image/png 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwdeal.com/a/a104/images/icon3.png
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: f30bf2284e7872587d6aa890cc2611f01e4be6a2fcfdc0003d63c6fa137745c7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: chwdeal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Cookie: ServerID=1030
Connection: keep-alive
Referer: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 03:10:41 GMT
Last-Modified: Fri, 10 Apr 2020 00:32:11 GMT
Server: Apache
ETag: "48219d-5233-5a2e4dd403c78"
Content-Type: image/png
Set-Cookie: ServerID=1024; path=/
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=120
Content-Length: 21043
Expires: Sat, 24 Apr 2021 03:10:41 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 85 KB
27 KB 32ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://chwdeal.com
Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 800006
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27277
cf-request-id: 097f6832010000dfcb0611c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3n7OLXpcbKncbEe4qsqaP68XTXssiSrNi7N7bFLlyZr7XAQNJdB%2BTYbtepdlinWGII9m%2FZRC7Z%2BWAauJtyQFSqkPsiIDdyHKrRTZGOhXRqE47NL8VXIq%2F74mzcEtolS%2FYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 641276300850dfcb-FRA
expires: Thu, 07 Apr 2022 03:10:40 GMT

GET
H/1.1 200
OK masked.min.js Show response
www.chwplan.com/jsinc/ 62 KB
19 KB 821ms
208ms Script
text/javascript 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chwplan.com/jsinc/masked.min.js
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: ee5e6f24e63a934667e065cf35fa4cdb9a1ec3391da17621c3994fdb63bb82ea

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 03:10:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 18:08:00 GMT
Server: Apache
ETag: "3e1541-f85d-568e1785f6000"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=120
Content-Length: 19485
Expires: Sat, 24 Apr 2021 03:10:41 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 43 KB
17 KB 40ms
18ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3788b383d339fafcf4a50db75b2f9fabc14e8a9f696fdf35a885e921c5aa6268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16601
x-xss-protection: 0
server: cafe
etag: 12266152133929636408
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Apr 2021 03:10:40 GMT

GET
H2 200 D24328ECFA2D48.js Show response
cdn.datasteam.io/js/ 66 KB
22 KB 101ms
45ms Script
application/x-javascript 99.84.156.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datasteam.io/js/D24328ECFA2D48.js
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-18.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6a5209f9aed9b080f3abafce3859f310b8f122437223d598697fac71175dddb

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 03:26:21 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 20:11:45 GMT
server: AmazonS3
age: 85460
etag: W/"a5d544adc89032892f6e37779b40c53d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 21b99afa310f2ff34977f80506fb1672.cloudfront.net (CloudFront)
cache-control: max-age=600,s-maxage=86400
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: k0Dq_mATXrtU02RjZBHwFQIfJrU4--FU5n9gd5OP3GokygpwKRhZjg==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 108ms
35ms Script
application/x-javascript 13.33.136.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.136.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-136-122.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 16:20:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 39027
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 66fb345923f3acbd40f99fbda8e88694.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: CPH50-C2
X-Amz-Cf-Id: FYBvvCOjN2h3C1uQnnhO-W5Ve7dSuu-29MnryJDuZxxfjfNojiG-Mw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6898183-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 1046
date: Sat, 17 Apr 2021 02:53:14 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sat, 17 Apr 2021 04:53:14 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1038983633&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6898183-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18f12a0e539c1f8f628e923f1c41221e2c5632d32df1827a61975b450d431f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34101
x-xss-protection: 0
expires: Sat, 17 Apr 2021 03:10:40 GMT

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 27ms
25ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1038983633

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13879
x-xss-protection: 0
server: cafe
etag: 4168474919333271250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Apr 2021 03:10:40 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 26ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=2112415898&t=pageview&_s=1&dl=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&ul=en-us&de=UTF-8&dt=Choice%20Home%20Warranty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=360484767&gjid=751030152&cid=501282871.1618629041&tid=UA-6898183-1&_gid=764870443.1618629041&_r=1&gtm=2ou472&z=980050971

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chwdeal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/ 2 KB
2 KB 34ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/?random=1618629040701&cv=9&fst=1618629040701&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&tiba=Choice%20Home%20Warranty&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24d224b588004112aea1d64499d54aea26c372227ea8d4933ae897680bf4304d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1100
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-6898183-1&cid=501282871.1618629041&jid=360484767&gjid=751030152&_gid=764870443.1618629041&_u=IEBAAUAAAAAAAC~&z=219423081

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 17 Apr 2021 03:10:40 GMT
content-type: text/plain
access-control-allow-origin: https://chwdeal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
505 B 36ms
16ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-6898183-1&cid=501282871.1618629041&jid=360484767&_u=IEBAAUAAAAAAAC~&z=794507549

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 35ms
16ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-6898183-1&cid=501282871.1618629041&jid=360484767&_u=IEBAAUAAAAAAAC~&z=794507549

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1038983633/ 42 B
154 B 37ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1038983633/?random=1618629040701&cv=9&fst=1618628400000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&tiba=Choice%20Home%20Warranty&async=1&fmt=3&is_vtc=1&random=77535366&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1038983633/ 42 B
154 B 33ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1038983633/?random=1618629040701&cv=9&fst=1618628400000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&tiba=Choice%20Home%20Warranty&async=1&fmt=3&is_vtc=1&random=77535366&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set bg4.jpg
chwdeal.com/a/a104/images/ 100 KB
100 KB 492ms
287ms Image
image/jpeg 146.20.84.216
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chwdeal.com/a/a104/images/bg4.jpg
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 01f57fe6a4dee7475d0519fa7ea45207cb90af4591df5e421406e2a3969a5ce8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: chwdeal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://chwdeal.com/a/a104/css/style.css
Cookie: ServerID=1030; _ga=GA1.2.501282871.1618629041; _gid=GA1.2.764870443.1618629041; _gat_gtag_UA_6898183_1=1
Connection: keep-alive
Referer: https://chwdeal.com/a/a104/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 03:10:41 GMT
Last-Modified: Fri, 10 Apr 2020 00:32:11 GMT
Server: Apache
ETag: "482197-18f63-5a2e4dd373010"
Content-Type: image/jpeg
Set-Cookie: ServerID=1024; path=/
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=120
Content-Length: 102243
Expires: Sat, 24 Apr 2021 03:10:41 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/ 2 KB
1 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/?random=1618629041594&cv=9&fst=1618629041594&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&tiba=Choice%20Home%20Warranty&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03b15edf50446c746fa7f9afe0912b8117c1bdca3eae87076348a4843353285d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 5345
date: Sat, 17 Apr 2021 01:41:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 17 Apr 2021 03:41:36 GMT

GET
H3-29

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1441157528&utmhn=chwdeal.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Choice%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6898183-1&cid=501282871.1618629041&jid=1125515074&_v=5.7.2&z=1441157528
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=501282871.1618629041&jid=1125515074&_v=5.7.2&z=1441157528
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=501282871.1618629041&jid=1125515074&_v=5.7.2&z=1441157528&slf_rd=1&random=152899272

42 B
63 B

17ms
17ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=501282871.1618629041&jid=1125515074&_v=5.7.2&z=1441157528&slf_rd=1&random=152899272

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=501282871.1618629041&jid=1125515074&_v=5.7.2&z=1441157528&slf_rd=1&random=152899272
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23963
x-fb-rlafr: 0
pragma: public
x-fb-debug: 4yE2f+G2kXaBPrJyFZojtBjIJI8yh+vfVUfdD5/Xkq7MSzcx6crMJJpC8JbPflnwuzCVKBSVUT4tbAiuFyVahw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 17 Apr 2021 03:10:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 29 KB
9 KB 47ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:40 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 18:16:38 GMT
x-msedge-ref: Ref A: ED21B230CC694AE6BD30A2E4F00046E1 Ref B: FRAEDGE1520 Ref C: 2021-04-17T03:10:41Z
etag: "0c77652ec27d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8885

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 64 KB
21 KB 459ms
402ms Script
text/javascript 99.84.154.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-154-9.txl52.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 55d3e896e33dc92bcb1a5b3eb9d2e8d2964cd93a918b0d32753bfadef1401462

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 03:10:42 GMT
Content-Encoding: gzip
X-AspNet-Version: 4.0.30319
X-ltk: 4/16/2021 12:53:07 AM
X-Powered-By: ASP.NET
X-Cache: RefreshHit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 20269
Last-Modified: Wed, 20 Jan 2021 17:02:01 GMT
Server: Microsoft-IIS/8.5
ETag: "ib2WJdIlje0F7Fjwihwxiw=="
Vary: Accept-encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: TXL52-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: smdiYyU3z67EWioRBNP7-3uJvMsUz0YLpe3rdyt1jrdUGBGCAnTq_w==
Expires: Sat, 17 Apr 2021 04:10:41 GMT

GET
H2

200

widget_async.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/
Redirect Chain

https://shop.pe/widget/widget_async.js
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

2 KB
1 KB

105ms
34ms

Script
application/javascript

143.204.245.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-118.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34327e80f6ada39a7570854e52bc2aae70f5c0deb2a6dd557fb075aa07c8f0aa

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 02:54:59 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 15:53:52 GMT
server: AmazonS3
age: 960
etag: "3473c2a4b76d7461828b3a56bc54f0c9"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 898
x-amz-cf-id: GFxYRYf2miFqH-qmLjWc5pc8QpzB54J2_OugLzD9clgV80lrgGJ_YA==
x-amz-meta-mtime: 1618329230.42

Redirect headers

content-security-policy: frame-ancestors none;
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
server: nginx
date: Sat, 17 Apr 2021 03:10:41 GMT
x-frame-options: deny
content-type: text/html
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 178

GET
H/1.1

200
OK

Cookie set iu3 Show response
s.amazon-adsystem.com/ Frame 610D
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3...

562 B
1 KB

125ms
125ms

Document
text/html

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=641952459557987700&dcc=t
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: 660b2272ed49397b790ee49ae66eb6e3778e08761ea41d26855c7630f9dd5404

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://chwdeal.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A_sH-7V8JUH7sEr1gj643GY|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://chwdeal.com/

Response headers

Server: Server
Date: Sat, 17 Apr 2021 03:10:42 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 431
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A_sH-7V8JUH7sEr1gj643GY; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 03:10:42 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 03:10:42 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sat, 17 Apr 2021 03:10:41 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=641952459557987700&dcc=t
Set-Cookie: ad-id=A_sH-7V8JUH7sEr1gj643GY|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 03:10:41 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1038983633/ 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1038983633/?random=1618629041594&cv=9&fst=1618628400000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&tiba=Choice%20Home%20Warranty&fmt=3&is_vtc=1&random=1642363199&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1038983633/ 42 B
64 B 28ms
26ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1038983633/?random=1618629041594&cv=9&fst=1618628400000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&tiba=Choice%20Home%20Warranty&fmt=3&is_vtc=1&random=1642363199&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 1374492936214348 Show response
connect.facebook.net/signals/config/ 40 KB
11 KB 69ms
69ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1374492936214348?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

622e3d717b7247790299d346a12c8dd2fd4e7311f873d99ae5fb3161127eb9ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: KLAYmDPp77hinblvkPhA0ZUI/TiWIdU/C3tBTis1nisI0WZ++c5UJlSM578KPaD3S0PIAPRg8iXkHp7O4MuvmQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Sat, 17 Apr 2021 03:10:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 28ms
27ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5223598&Ver=2&mid=ae3fa42c-9982-4626-8ddf-286f09737560&sid=7e0935a09f2a11eb938c038b45bc8914&vid=7e0940509f2a11eb924e9333457662db&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Choice%20Home%20Warranty&p=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&r=&lt=2093&evt=pageLoad&msclkid=N&sv=1&rn=8550
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 17 Apr 2021 03:10:40 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: BC8F69383A1D476F8594BA8F1B3E2D2B Ref B: FRAEDGE1520 Ref C: 2021-04-17T03:10:41Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1374492936214348&ev=PageView&dl=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&rl=&if=false&ts=1618629041735&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=28&fbp=fb.1.1618629041733.2050494128&it=1618629041655&coo=false&rqm=GET

Requested by

Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 17 Apr 2021 03:10:41 GMT

GET
H2 200 triggerRunner.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 10 KB
4 KB 34ms
34ms Script
application/javascript 143.204.245.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=865f0ae
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-118.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 172c47bbdc70db455d3bbbf4880333e63c7bbb42bfd54c068d4b5916bbdfd6d0

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 15:54:36 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 15:53:53 GMT
server: AmazonS3
age: 299766
etag: "3e806dadd7d5c356b92963cf8e8cd560"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 3705
x-amz-cf-id: 5Sozsm8ZFzFBNcEL4cLRJ7WmYpLbGu949_lDErkYVzdnuBXfZxC-Qw==
x-amz-meta-mtime: 1618329230.4

GET
H2 200 widget.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 172 KB
45 KB 38ms
37ms Script
application/javascript 143.204.245.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=3533081
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-118.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 320fe003399c70d8ac5d9d9dad382f6d1d87e01cf9fb9aed0ba6322fc49d2307

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 15:54:35 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 15:53:52 GMT
server: AmazonS3
age: 299767
etag: "e21daa2e7fef3422874b1d6c80460e22"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 45282
x-amz-cf-id: 705xPqhzRyTq4P9NMl2ZM0IVX5dG6ktMMmtxq4y6rm8Ua0qJVMpirg==
x-amz-meta-mtime: 1618329227.86

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 245D 5 KB
2 KB 107ms
107ms Document
text/html 72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=641952459557987700&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: 3b96d330871c5d6b7663dcb22f48734d4c71c1c93bdb9656b0a3f16c61983593

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=641952459557987700&dcc=t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A_sH-7V8JUH7sEr1gj643GY; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=641952459557987700&dcc=t

Response headers

Server: Server
Date: Sat, 17 Apr 2021 03:10:42 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 1552
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

GET
H2 200 getIds Show response
s1.listrakbi.com/3QgckfkNYGiq/session/ 175 B
1 KB 318ms
104ms Script
application/x-javascript 35.174.31.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/3QgckfkNYGiq/session/getIds?callback=ltkCallback8436&gsid=&_sid=&_tid=564543&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.31.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-31-79.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2d779740485f2e53e0aca11399516df0d03a7a552ca0aef6b4317b15e824a199

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:42 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
cache-control: no-cache
content-type: application/x-javascript; charset=utf-8
content-length: 175
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=164921103759000037000&ex=neustar.biz

43 B
344 B

201ms
108ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=164921103759000037000&ex=neustar.biz
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:42 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=164921103759000037000&ex=neustar.biz
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com
https://s.amazon-adsystem.com/ecm3?id=OPTOUT&ex=rhythmone.com

43 B
344 B

302ms
103ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=OPTOUT&ex=rhythmone.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=OPTOUT&ex=rhythmone.com
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=48a50162b6e2d7af28a332e71608141b

43 B
344 B

299ms
108ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=48a50162b6e2d7af28a332e71608141b
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=48a50162b6e2d7af28a332e71608141b
date: Sat, 17 Apr 2021 03:10:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=%2Bb3Dvx9999OSl7oQ

43 B
344 B

221ms
104ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=%2Bb3Dvx9999OSl7oQ
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=%2Bb3Dvx9999OSl7oQ
Date: Sat, 17 Apr 2021 03:10:42 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 26a2
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP7e5ed96b-9f2a-11eb-a026-06551156f9d2
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP7e5ed96b-9f2a-11eb-a026-06551156f9d2&verify=true
https://s.amazon-adsystem.com/ecm3?id=6e48fc24f4f19369c73c41e9cbfd0e469095ab77&ex=aoldisplay.com

43 B
344 B

230ms
100ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=6e48fc24f4f19369c73c41e9cbfd0e469095ab77&ex=aoldisplay.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?id=6e48fc24f4f19369c73c41e9cbfd0e469095ab77&ex=aoldisplay.com
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=acbf21e5-dc0f-4edc-95ee-9aa4b115991a

43 B
344 B

288ms
105ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=acbf21e5-dc0f-4edc-95ee-9aa4b115991a
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=acbf21e5-dc0f-4edc-95ee-9aa4b115991a
Date: Sat, 17 Apr 2021 03:10:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 245D 43 B
183 B 279ms
89ms Image
image/gif 2600:1f18:612b:4232:16e5:e760:b671:d648
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:16e5:e760:b671:d648 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:42 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 245D 0
0 107ms
33ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
spl.zeotap.com/ Frame 245D 731 B
731 B 50ms
28ms Image
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1353&env=mWeb&eventType=pageview&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%24_ZTP_UUID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 64127639ffbb1f41-FRA
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 097f68383b00001f41a7882000000001

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=6c4c42bdae9dd5aa123f37edac1d8e&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

108ms
108ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=6c4c42bdae9dd5aa123f37edac1d8e&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=6c4c42bdae9dd5aa123f37edac1d8e&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1618629040957082-157
Expires: Sat, 17 Apr 2021 03:10:42 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
344 B

194ms
105ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 17 Apr 2021 03:10:42 GMT
via: 1.1 1ebf52f5e79648444025879af65610d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: Server
x-amz-cf-pop: CPH50-C1
x-amz-rid: HGV7GQDXVMDRQPJKQYHB
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
content-security-policy-report-only: default-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com; script-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=HGV7GQDXVMDRQPJKQYHB:sn=www.imdb.com
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length: 0
x-xss-protection: 1; mode=block
x-amz-cf-id: 37e-Uiqfr2dbd6QWnJoz2fJUZiVnWsGJ8cCd56mh64AAsfhD83oNIw==

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 245D 0
263 B 413ms
102ms Image
text/plain 54.208.22.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.22.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-22-157.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: nginx/1.16.1
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=d64ad676d24fd3ba

43 B
344 B

106ms
106ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=d64ad676d24fd3ba
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=d64ad676d24fd3ba
date: Sat, 17 Apr 2021 03:10:42 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 93
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=lARcusbKQyOe_nRfE1NkPQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=lARcusbKQyOe_nRfE1NkPQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=35501636384438535750696791964897751319

43 B
344 B

104ms
104ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=35501636384438535750696791964897751319
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: /FfgtnJgT8Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=35501636384438535750696791964897751319
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=KGMHNb3BSvOIAwgUDzgmaw
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10827779404177933282&gdpr=&gdpr_consent=

43 B
344 B

151ms
101ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10827779404177933282&gdpr=&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:42 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10827779404177933282&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 245D 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4719829242195577490

43 B
344 B

101ms
100ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4719829242195577490
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:42 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4719829242195577490
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=7e9987a6-9f2a-11eb-ad56-1d37f49c3806
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=7e99875a-9f2a-11eb-ad56-1d37f49c3806

43 B
344 B

106ms
105ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=7e99875a-9f2a-11eb-ad56-1d37f49c3806
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=7e99875a-9f2a-11eb-ad56-1d37f49c3806
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 20
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2251881393-cbbd-425e-9367-be22b90a588d%22,%22Time%22:%2220210416T231042.513963%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=51881393-cbbd-425e-9367-be22b90a588d

43 B
344 B

105ms
105ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=51881393-cbbd-425e-9367-be22b90a588d
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:43 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=51881393-cbbd-425e-9367-be22b90a588d
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm=&ex=doubleclick.net&google_tc=
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEESCtNtWBFmwDsS-bN6WvZg&google_cver=1

43 B
344 B

105ms
105ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEESCtNtWBFmwDsS-bN6WvZg&google_cver=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEESCtNtWBFmwDsS-bN6WvZg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 245D
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=amzn
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

0
338 B

96ms
31ms

Image
text/plain

34.253.129.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.129.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-129-66.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:43 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1618629043
x-served-by: beacon-n023-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
date: Sat, 17 Apr 2021 03:10:42 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a012-ash-prod.krxd.net

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=c2912f22ff21da5280ee93300365ff2c

43 B
344 B

105ms
105ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=c2912f22ff21da5280ee93300365ff2c
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 17 Apr 2021 03:10:42 GMT
via: 1.1 a7ccb4d80699d116fa5cf39b77f68f2f.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=c2912f22ff21da5280ee93300365ff2c
content-length: 108
x-amz-cf-id: -LbvmJ7C_ZvDmrEKvsROQAOv_pMUUuKWiruL1oInN_n0baMXtmZ_jQ==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=6e0344aa-538e-c56a-1ade-44428423def5

43 B
344 B

102ms
101ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=6e0344aa-538e-c56a-1ade-44428423def5
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 17 Apr 2021 03:10:42 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=6e0344aa-538e-c56a-1ade-44428423def5
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&C=1
https://s.amazon-adsystem.com/ecm3?ex=index&id=KShmgnXAcOQpn6iFSiIdejc4dAE4ZgIC

43 B
344 B

105ms
105ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=index&id=KShmgnXAcOQpn6iFSiIdejc4dAE4ZgIC
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KShmgnXAcOQpn6iFSiIdejc4dAE4ZgIC
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 267
Expires: Sat, 17 Apr 2021 03:10:42 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=4463FD6DC8B1AFFD

43 B
344 B

130ms
105ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=4463FD6DC8B1AFFD
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:42 GMT
frontend-id: 4
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=4463FD6DC8B1AFFD
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=7500861174385313522&ex=appnexus.com

43 B
344 B

100ms
100ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=7500861174385313522&ex=appnexus.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid: bc476984-b452-4bde-99e6-d144ff676bb5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=7500861174385313522&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=SaylW8TSNx9pCeXCAeeONg&ex=rubiconproject.com&status=ok

43 B
344 B

101ms
100ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=SaylW8TSNx9pCeXCAeeONg&ex=rubiconproject.com&status=ok
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=SaylW8TSNx9pCeXCAeeONg&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=oEUnOiClSoCuY-9tw-cgnQ&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
344 B

105ms
105ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-56578a28-ecdd-4c83-a2bf-b2f799635876&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-56578a28-ecdd-4c83-a2bf-b2f799635876&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.co...
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-56578a28-ecdd-4c83-a2bf-b2f799635876

43 B
344 B

105ms
104ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-56578a28-ecdd-4c83-a2bf-b2f799635876
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:43 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 17 Apr 2021 03:10:42 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-56578a28-ecdd-4c83-a2bf-b2f799635876
alt-svc: clear
content-length: 0

GET
H2 204 /
loadus.exelator.com/load/ Frame 245D 0
324 B 45ms
14ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:42 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E79C4F2DB3517A60AF66E80402276B96

43 B
344 B

105ms
104ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E79C4F2DB3517A60AF66E80402276B96
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:43 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 17 Apr 2021 03:10:43 GMT
Server: openresty/1.15.8.2
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E79C4F2DB3517A60AF66E80402276B96
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Content-Length: 151
Expires: Sat, 17 Apr 2021 03:10:42 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-_X54dDd1l2M9YgVRjt6wWWbpcDJ1_w8-

43 B
344 B

105ms
105ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-_X54dDd1l2M9YgVRjt6wWWbpcDJ1_w8-
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-_X54dDd1l2M9YgVRjt6wWWbpcDJ1_w8-
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=fb2a80db744e28fc82b036a23c533c8c8524d9986cc055a78576a3201856ae34

43 B
344 B

106ms
105ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=fb2a80db744e28fc82b036a23c533c8c8524d9986cc055a78576a3201856ae34
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:42 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 03:10:42 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=fb2a80db744e28fc82b036a23c533c8c8524d9986cc055a78576a3201856ae34
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=D03D5AA4-B567-4596-8A3C-7489D3F42D2B

43 B
344 B

101ms
100ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=D03D5AA4-B567-4596-8A3C-7489D3F42D2B
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:43 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=D03D5AA4-B567-4596-8A3C-7489D3F42D2B
Date: Sat, 17 Apr 2021 03:10:43 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 245D
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=069e5c2c-cd5d-437c-bba5-48b8e9baaa48-tuct773d732

43 B
344 B

105ms
105ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=069e5c2c-cd5d-437c-bba5-48b8e9baaa48-tuct773d732
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oEUnOiClSoCuY-9tw-cgnQ&ep=9Ak23Qex84jETjgJJ-_Hq2rgzPeUpEbDUjATfwm0vxc4T1egbWuxbZASOkS_Z0OAySaFPnu38Td1NpUvmb3ujZrf_dVT13OE_comPnTZRtU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 03:10:43 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=069e5c2c-cd5d-437c-bba5-48b8e9baaa48-tuct773d732
tbl-x-upstream: 10.41.34.201:10213
date: Sat, 17 Apr 2021 03:10:42 GMT
server: nginx
x-fastly-to-nlb-rtt: 14030

GET
H2 200 update
sca1.listrakbi.com/3QgckfkNYGiq/cart/ 44 B
612 B 113ms
104ms Image
image/gif 35.174.31.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sca1.listrakbi.com/3QgckfkNYGiq/cart/update?gsid=721bd09f-f5a7-4ed2-a6c3-ebc10e2a23fa&_sid=2e5848d1-6118-469a-a598-7e345c9f7e14&_tid=564543&_uid=56A73AD8-BAC7-48A5-8217-DE6774FE126B&s_0=warranty-quote&q_0=1&p_0=1.00&n_0=Warranty%20Quote
Requested by: Host: chwdeal.com
URL: https://chwdeal.com/a/a104/index.php?utm_source=MADMFM&utm_campaign=162705_2_49765_2516236&token=596623832
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.31.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-31-79.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:42 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
cache-control: no-cache
content-type: image/gif
content-length: 44

GET
H2 200 3QgckfkNYGiq Show response
at1.listrakbi.com/activity/ 111 B
707 B 320ms
104ms Script
text/javascript 3.88.253.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/3QgckfkNYGiq
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.253.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-88-253-15.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: edb98fd444ddcd45460dee225eccdb6dbc6f257de7b86f5a2bc07ace30d5f405

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:42 GMT
cache-control: private
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 111
content-type: text/javascript; charset=utf-8

GET
H2 200 3QgckfkNYGiq Show response
at1.listrakbi.com/activity/ 111 B
709 B 104ms
104ms Script
text/javascript 3.88.253.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/3QgckfkNYGiq?vuid=36d76e4b-53c0-42de-a3ce-0f89b8575ec9&uid=6418D4DE-310F-4071-9E44-969A8BE49318&gsid=721bd09f-f5a7-4ed2-a6c3-ebc10e2a23fa&sid=2e5848d1-6118-469a-a598-7e345c9f7e14&_t_0=at&t_0=PageBrowse&k_0=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.253.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-88-253-15.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: edb98fd444ddcd45460dee225eccdb6dbc6f257de7b86f5a2bc07ace30d5f405

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:42 GMT
cache-control: private
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 111
content-type: text/javascript; charset=utf-8

GET
H2 200 3QgckfkNYGiq Show response
at1.listrakbi.com/activity/ 111 B
703 B 104ms
104ms Script
text/javascript 3.88.253.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/3QgckfkNYGiq?vuid=36d76e4b-53c0-42de-a3ce-0f89b8575ec9&uid=3AEE92D6-BE89-4F8D-AACC-0F0ACA9FFFD0&gsid=721bd09f-f5a7-4ed2-a6c3-ebc10e2a23fa&sid=2e5848d1-6118-469a-a598-7e345c9f7e14&_t_0=at&t_0=Identification&k_0=3&_t_1=at&t_1=Identification&k_1=4&_t_2=at&t_2=Identification&k_2=5
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.253.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-88-253-15.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: edb98fd444ddcd45460dee225eccdb6dbc6f257de7b86f5a2bc07ace30d5f405

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:42 GMT
cache-control: private
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 111
content-type: text/javascript; charset=utf-8

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 88F0 0
182 B 95ms
29ms Document
text/html 52.30.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=zl9kfqh1&ref=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&upid=7h0r1mr&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.2.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-2-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=zl9kfqh1&ref=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&upid=7h0r1mr&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://chwdeal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://chwdeal.com/

Response headers

date: Sat, 17 Apr 2021 03:10:43 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 params Show response
shop.pe/widget/main/init/ 239 B
743 B 116ms
115ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=5db99fcfbbddbd09cdf02f85&product=Choice%20Home%20Warranty&product_url=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&rand=25112&cookie=&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=3533081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

c308c5fb0aebf74e5d701d5c8a86d753f577836006507df90aa2749d1b4dcf6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:43 GMT
content-encoding: gzip
access-control-allow-origin: https://my.addshoppers.com
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: clear
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: deny
etag: W/"7eb98e299166997813425b4a6c50d18865100e16"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
via: 1.1 google
access-control-allow-credentials: true
content-security-policy: frame-ancestors none;
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H2 200 params Show response
shop.pe/widget/main/init/ 892 B
783 B 125ms
125ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=5db99fcfbbddbd09cdf02f85&product=Choice%20Home%20Warranty&product_url=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fchwdeal.com%2Fa%2Fa104%2Findex.php%3Futm_source%3DMADMFM%26utm_campaign%3D162705_2_49765_2516236%26token%3D596623832&callback=AddShoppersWidget.load_widget&rand=54886&cookie=2%7C1%3A0%7C10%3A1618629043%7C15%3Aaddshoppers.com%7C44%3AOGZlZjM3ZjM5ZDY1NDNlNGFmNzMxN2FjYTQ0NzFmZjU%3D%7Cab173d6199860409799b017214e9b9e83974a007de52b1634cf69280d5d81287&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=3533081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

1bc55393cadac2f3f7398f9b25e8443696f878e69c4d903b887488f027802c81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 03:10:43 GMT
content-encoding: gzip
access-control-allow-origin: https://my.addshoppers.com
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: clear
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: deny
etag: W/"94164977b31326598e0d411e8d422531e2100609"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
via: 1.1 google
access-control-allow-credentials: true
content-security-policy: frame-ancestors none;
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H2 200 input.js Show response
shopper.shop.pe/ 23 KB
24 KB 30ms
8ms Script
text/javascript 35.190.54.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper.shop.pe/input.js
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.54.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0a91f7cf777ed986216313f29f443456315f50bf1428eb17ba275df87c468280

Request headers

Referer: https://chwdeal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 02:50:46 GMT
age: 1197
x-guploader-uploadid: ABg5-UxJTBUKyM0H6aj2xFv-aRKjvIVRhP8jJRZ0pJaY_ukuxcaZcdRvgzveq1wkpnQdA2neGNJnX6oVouM27XBnwpaQVetxLw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 23672
last-modified: Wed, 27 Nov 2019 19:23:40 GMT
server: UploadServer
etag: "f960052c25dea0d4308c30fe905fc391"
x-goog-hash: crc32c=xBt02w==, md5=+WAFLCXeoNQwjDD+kF/DkQ==
x-goog-generation: 1574882620474968
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=3600
x-goog-stored-content-length: 23672
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 17 Apr 2021 03:50:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.chwdeal.com/	1970-01-20 02:22:45	Name: STSID564543 Value: 2e5848d1-6118-469a-a598-7e345c9f7e14
.chwdeal.com/	1970-01-23 09:16:01	Name: GSID3QgckfkNYGiq Value: 721bd09f-f5a7-4ed2-a6c3-ebc10e2a23fa
chwdeal.com/a/a104	1970-01-19 17:37:12	Name: _vuid Value: 36d76e4b-53c0-42de-a3ce-0f89b8575ec9

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=3533081(Line 18) Message: TypeError: Cannot read property 'removeItem' of null
console-api	log	URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=3533081(Line 17) Message: TypeError: Cannot read property 'addshoppers_last_fallback' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
amazon.partners.tremorhub.com
at1.listrakbi.com
bat.bing.com
beacon.krxd.net
bit.ly
bs.serving-sys.com
c1.adform.net
cdn.datasteam.io
cdn.listrakbi.com
cdnjs.cloudflare.com
chwdeal.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d3rr3d0n31t48m.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
googleads.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
labelstudy.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
odr.mookie1.com
pi.ispot.tv
pixel.advertising.com
pixel.placed.com
pixel.tapad.com
px.surveywall-api.survata.com
s.amazon-adsystem.com
s1.listrakbi.com
sb.scorecardresearch.com
sca1.listrakbi.com
shop.pe
shopper.shop.pe
spl.zeotap.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.1rx.io
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
www.chwplan.com
www.facebook.com
www.glyzpoed.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.imdb.com
x.bidswitch.net
px.surveywall-api.survata.com
13.33.136.122
141.226.228.48
142.250.185.130
142.250.185.194
143.204.243.222
143.204.245.118
143.204.245.56
143.204.245.61
146.20.84.216
151.101.14.132
18.132.239.61
18.156.0.31
18.195.172.223
18.198.69.109
18.210.140.68
184.30.21.112
185.33.220.145
185.64.190.78
185.94.180.126
212.129.34.68
212.82.100.182
213.19.147.151
23.218.208.246
23.45.110.176
2600:1f18:612b:4232:16e5:e760:b671:d648
2606:4700:10::ac43:db6
2606:4700::6810:125e
2620:1ec:c11::200
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c0c::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.158.103
3.211.199.159
3.88.253.15
34.253.129.66
34.98.67.61
35.174.31.79
35.190.54.17
35.227.244.1
35.227.248.159
35.244.159.8
37.157.3.28
45.148.9.118
45.79.156.231
52.28.254.214
52.30.2.3
54.208.22.157
54.80.70.38
63.32.152.233
67.199.248.11
69.173.144.165
72.21.206.140
77.243.60.138
80.252.91.52
99.84.154.9
99.84.156.18
01f57fe6a4dee7475d0519fa7ea45207cb90af4591df5e421406e2a3969a5ce8
03b15edf50446c746fa7f9afe0912b8117c1bdca3eae87076348a4843353285d
0a91f7cf777ed986216313f29f443456315f50bf1428eb17ba275df87c468280
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
172c47bbdc70db455d3bbbf4880333e63c7bbb42bfd54c068d4b5916bbdfd6d0
179480435f74026d8235d5038cf816c93f9655301a4667ec517347e569d45e6b
18f12a0e539c1f8f628e923f1c41221e2c5632d32df1827a61975b450d431f91
1bc55393cadac2f3f7398f9b25e8443696f878e69c4d903b887488f027802c81
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616
24d224b588004112aea1d64499d54aea26c372227ea8d4933ae897680bf4304d
2d779740485f2e53e0aca11399516df0d03a7a552ca0aef6b4317b15e824a199
320fe003399c70d8ac5d9d9dad382f6d1d87e01cf9fb9aed0ba6322fc49d2307
34327e80f6ada39a7570854e52bc2aae70f5c0deb2a6dd557fb075aa07c8f0aa
3788b383d339fafcf4a50db75b2f9fabc14e8a9f696fdf35a885e921c5aa6268
3a3450ac1ef2eef133edcd99b3ea536abbcb2923723d1dfbb7deb76ce5ed006c
3b96d330871c5d6b7663dcb22f48734d4c71c1c93bdb9656b0a3f16c61983593
3f68ac3475f7d8e30bac72bf0406031af2607a45d3094db2ece30cfccab7be8a
4924c321dd2d97dc46c761a074d3ed206ec2e17b6cab04e942e44c4f5f76839f
55d3e896e33dc92bcb1a5b3eb9d2e8d2964cd93a918b0d32753bfadef1401462
586341b2e23993a5c8d45db157b5e2d287121303d207cddf4139a0e06c3b866d
622e3d717b7247790299d346a12c8dd2fd4e7311f873d99ae5fb3161127eb9ec
660b2272ed49397b790ee49ae66eb6e3778e08761ea41d26855c7630f9dd5404
688aa4443fd103dd4eba9512fbd4a0ff2c47b8ebbd4b8c8d4aaef45f4e4f48b0
710f3a5cf8b8aca86421e63beb6346b53136465d6b9c5bef1ce929292cf61cc3
7d8356d6af35a8d7dcded5eb78d8a6a2ae7774e23db1d5ce122355b7d1015e8a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ad3ebbfe405d065af10490aee81faffb7e3629c2f4806d761479b1ca4ef38f54
bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c308c5fb0aebf74e5d701d5c8a86d753f577836006507df90aa2749d1b4dcf6c
d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a5209f9aed9b080f3abafce3859f310b8f122437223d598697fac71175dddb
e902e4c99eb69c83f3ed2429e24a81b4c152f86e795085d1b33c2e98d8ff9be6
edb98fd444ddcd45460dee225eccdb6dbc6f257de7b86f5a2bc07ace30d5f405
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee5e6f24e63a934667e065cf35fa4cdb9a1ec3391da17621c3994fdb63bb82ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30bf2284e7872587d6aa890cc2611f01e4be6a2fcfdc0003d63c6fa137745c7
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

chwdeal.com Open in urlscan Pro 146.20.84.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

87 Requests

98 %HTTPS

22 %IPv6

55 Domains

66 Subdomains

33 IPs

8 Countries

586 kBTransfer

1317 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

chwdeal.com Open in urlscan Pro
146.20.84.216 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

98 %
HTTPS

22 %
IPv6

55
Domains

66
Subdomains

33
IPs

8
Countries

586 kB
Transfer

1317 kB
Size

3
Cookies

87 HTTP transactions
0 data transactions