urlscan.io logo urlscan.io
SecurityTrails logo

chwplan.com Open in urlscan Pro
146.20.84.216  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.topicaplus.com/clicktrack.cgi?cid=32840&url=http%3A%2F%2Ftas7.com%2Fea832d179c0f9e800%2F2052%2FMA-ELM-2%2F&u=84...
Effective URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Submission: On November 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 4 countries across 24 domains to perform 68 HTTP transactions. The main IP is 146.20.84.216, located in San Antonio, United States and belongs to RACKSPACE - Rackspace Hosting, US. The main domain is chwplan.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 8th 2019. Valid for: 2 years.
This is the only time chwplan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.118.105.83 16509 (AMAZON-02)
1 1 54.198.74.114 14618 (AMAZON-AES)
1 12 146.20.84.216 27357 (RACKSPACE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:e980:25::28 19551 (INCAPSULA)
1 13.225.78.64 16509 (AMAZON-02)
1 52.222.173.62 16509 (AMAZON-02)
2 172.217.16.162 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.112.217 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 143.204.103.8 16509 (AMAZON-02)
1 2 54.246.153.43 16509 (AMAZON-02)
1 143.204.97.29 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 54.93.156.161 16509 (AMAZON-02)
3 34.196.190.133 14618 (AMAZON-AES)
1 35.193.67.164 15169 (GOOGLE)
2 54.172.11.27 14618 (AMAZON-AES)
3 52.54.216.58 14618 (AMAZON-AES)
2 34.203.119.106 14618 (AMAZON-AES)
10 52.222.168.89 16509 (AMAZON-02)
5 52.216.224.107 16509 (AMAZON-02)
1 18.232.79.119 14618 (AMAZON-AES)
68 30
1    74.118.105.83 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
app.topicaplus.com
1    54.198.74.114 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-198-74-114.compute-1.amazonaws.com
tas7.com
12    146.20.84.216 (San Antonio, United States)

ASN27357 (RACKSPACE - Rackspace Hosting, US)
chwplan.com
www.chwplan.com
2    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a02:e980:25::28 (United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
www.chwplans.com
1    13.225.78.64 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-64.fra2.r.cloudfront.net
cdn.datasteam.io
1    52.222.173.62 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-173-62.fra54.r.cloudfront.net
js.adsrvr.org
2    172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
4    2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
player.vimeo.com
2    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ssl.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
1    143.204.103.8 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-103-8.fra50.r.cloudfront.net
cdn.listrakbi.com
2    54.246.153.43 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-153-43.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
1    143.204.97.29 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-97-29.fra50.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    54.93.156.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-93-156-161.eu-central-1.compute.amazonaws.com
aa.agkn.com
3    34.196.190.133 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-196-190-133.compute-1.amazonaws.com
api.datasteam.io
1    35.193.67.164 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 164.67.193.35.bc.googleusercontent.com
p.alcmpn.com
2    54.172.11.27 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-172-11-27.compute-1.amazonaws.com
s1.listrakbi.com
sca1.listrakbi.com
3    52.54.216.58 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-54-216-58.compute-1.amazonaws.com
at1.listrakbi.com
2    34.203.119.106 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-203-119-106.compute-1.amazonaws.com
vagnt.com
10    52.222.168.89 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-168-89.fra54.r.cloudfront.net
d1wnfwven39x82.cloudfront.net
5    52.216.224.107 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    18.232.79.119 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-232-79-119.compute-1.amazonaws.com
prf.vagnt.com
Domain Requested by
10 d1wnfwven39x82.cloudfront.net vagnt.com
d1wnfwven39x82.cloudfront.net
9 chwplan.com 1 redirects chwplan.com
5 s3.amazonaws.com d1wnfwven39x82.cloudfront.net
4 www.google.de chwplan.com
4 www.google.com 2 redirects chwplan.com
3 at1.listrakbi.com cdn.listrakbi.com
3 api.datasteam.io cdn.datasteam.io
3 www.chwplan.com chwplan.com
2 vagnt.com chwplan.com
d1wnfwven39x82.cloudfront.net
2 insight.adsrvr.org 1 redirects js.adsrvr.org
2 bat.bing.com chwplan.com
2 connect.facebook.net chwplan.com
connect.facebook.net
2 ssl.google-analytics.com 1 redirects chwplan.com
2 fonts.gstatic.com chwplan.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 stats.g.doubleclick.net 2 redirects
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 www.googleadservices.com chwplan.com
www.googletagmanager.com
2 www.googletagmanager.com chwplan.com
1 prf.vagnt.com d1wnfwven39x82.cloudfront.net
1 sca1.listrakbi.com chwplan.com
1 s1.listrakbi.com cdn.listrakbi.com
1 p.alcmpn.com chwplan.com
1 aa.agkn.com cdn.datasteam.io
1 www.facebook.com chwplan.com
1 d1eoo1tco6rr5e.cloudfront.net chwplan.com
1 cdn.listrakbi.com chwplan.com
1 player.vimeo.com chwplan.com
1 js.adsrvr.org chwplan.com
1 cdn.datasteam.io chwplan.com
1 www.chwplans.com chwplan.com
1 fonts.googleapis.com chwplan.com
1 tas7.com 1 redirects
1 app.topicaplus.com 1 redirects
68 34

This site contains links to these domains. Also see Links.

Domain
www.choicehomewarranty.com
choicehomewarranty.com
Subject Issuer Validity Valid
chwplan.com
Go Daddy Secure Certificate Authority - G2		 2019-10-08 -
2021-05-14		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-08-14 -
2020-01-07		 5 months crt.sh
cdn.datasteam.io
Amazon		 2019-01-14 -
2020-02-14		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
www.googleadservices.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
*.vimeo.com
DigiCert SHA2 Secure Server CA		 2018-08-24 -
2020-04-02		 2 years crt.sh
*.google.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-09-22 -
2019-12-20		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.listrakbi.com
Amazon		 2019-02-05 -
2020-03-05		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2018-06-21 -
2020-09-16		 2 years crt.sh
*.alcmpn.com
Let's Encrypt Authority X3		 2019-09-26 -
2019-12-25		 3 months crt.sh
vagnt.com
Thawte RSA CA 2018		 2019-10-18 -
2020-10-24		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-09-06 -
2020-12-02		 a year crt.sh

This page contains 4 frames:

Primary Page: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Frame ID: 78C51BF06C53145CEC1B3B2E41408FFD
Requests: 67 HTTP requests in this frame

Frame: https://player.vimeo.com/video/196763683?autoplay=0&title=0&byline=0&portrait=0
Frame ID: 4971A3F4B463E0BA975E33E01AFCEDFE
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/zl9kfqh1/pd2ov1h2/iframe
Frame ID: 4A080B54BB395981862B521D4BBB6B0F
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=zl9kfqh1&ref=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&upid=7h0r1mr&upv=1.1.0
Frame ID: C4610B1B7DD1CF5169E512E5BDD66755
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://app.topicaplus.com/clicktrack.cgi?cid=32840&url=http%3A%2F%2Ftas7.com%2Fea832d179c0f9e800%2F205... HTTP 303
    http://tas7.com/ea832d179c0f9e800/2052/MA-ELM-2/?utm_source=TopicaPlus&utm_campaign=ChoiceHo... HTTP 302
    http://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374 HTTP 301
    https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

68
Requests

100 %
HTTPS

41 %
IPv6

24
Domains

34
Subdomains

30
IPs

4
Countries

944 kB
Transfer

1803 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.topicaplus.com/clicktrack.cgi?cid=32840&url=http%3A%2F%2Ftas7.com%2Fea832d179c0f9e800%2F2052%2FMA-ELM-2%2F&u=845734&utm_source=TopicaPlus&utm_campaign=ChoiceHomeWarranty+20191005&utm_medium=email HTTP 303
    http://tas7.com/ea832d179c0f9e800/2052/MA-ELM-2/?utm_source=TopicaPlus&utm_campaign=ChoiceHomeWarranty%2020191005&utm_medium=email HTTP 302
    http://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374 HTTP 301
    https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=578540822&t=pageview&_s=1&dl=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&ul=en-us&de=UTF-8&dt=Choice%20Home%20Warranty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1638855802&gjid=1257965330&cid=1509698691.1573568086&tid=UA-6898183-1&_gid=1888900618.1573568086&_r=1&gtm=2oaav3&z=1918997653 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6898183-1&cid=1509698691.1573568086&jid=1638855802&_gid=1888900618.1573568086&gjid=1257965330&_v=j79&z=1918997653 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=1509698691.1573568086&jid=1638855802&_v=j79&z=1918997653 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=1509698691.1573568086&jid=1638855802&_v=j79&z=1918997653&slf_rd=1&random=1918900182
Request Chain 27
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1692980312&utmhn=chwplan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Choice%20Home%20Warranty&utmhid=578540822&utmr=-&utmp=%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&utmht=1573568086197&utmac=UA-6898183-1&utmcc=__utma%3D136185571.1509698691.1573568086.1573568086.1573568086.1%3B%2B__utmz%3D136185571.1573568086.1.1.utmcsr%3Dppmfm%7Cutmccn%3D270374%7Cutmcmd%3D(not%2520set)%3B&utmjid=388248001&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6898183-1&cid=1509698691.1573568086&jid=388248001&_v=5.7.2&z=1692980312 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=1509698691.1573568086&jid=388248001&_v=5.7.2&z=1692980312 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=1509698691.1573568086&jid=388248001&_v=5.7.2&z=1692980312&slf_rd=1&random=1634103362
Request Chain 32
  • https://insight.adsrvr.org/tags/zl9kfqh1/pd2ov1h2/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/zl9kfqh1/pd2ov1h2/iframe

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set index.php
chwplan.com/a/a73/
Redirect Chain
  • http://app.topicaplus.com/clicktrack.cgi?cid=32840&url=http%3A%2F%2Ftas7.com%2Fea832d179c0f9e800%2F2052%2FMA-ELM-2%2F&u=845734&utm_source=TopicaPlus&utm_campaign=ChoiceHomeWarranty+20191005&utm_med...
  • http://tas7.com/ea832d179c0f9e800/2052/MA-ELM-2/?utm_source=TopicaPlus&utm_campaign=ChoiceHomeWarranty%2020191005&utm_medium=email
  • http://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
  • https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
791849ab3db8ae9ae67fdc441149d5e3d6e75e9081a11dacf8aa1db98e494939

Request headers

Host
chwplan.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Cookie
ServerID=1027
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Set-Cookie
ServerID=1029; path=/
Date
Tue, 12 Nov 2019 14:14:45 GMT
Server
Apache
Cache-Control
max-age=604800
Expires
Tue, 19 Nov 2019 14:14:45 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
7184
Keep-Alive
timeout=15, max=120
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Set-Cookie
ServerID=1027; path=/
Date
Tue, 12 Nov 2019 14:14:45 GMT
Server
Apache
Location
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Cache-Control
max-age=604800
Expires
Tue, 19 Nov 2019 14:14:45 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
236
Connection
close
Content-Type
text/html; charset=iso-8859-1
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-6898183-1
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e414dbe9a9f84028f16078e02a7c8b58a837095cb05dadf2c12982d7729f6947
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 14:14:45 GMT
content-encoding
br
last-modified
Tue, 12 Nov 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27628
x-xss-protection
0
expires
Tue, 12 Nov 2019 14:14:45 GMT
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1038983633
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c811ab7d78e9fd8795f162dbf91399df124c0c95e4e24ac859c4b0cbace2a2b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 14:14:45 GMT
content-encoding
br
last-modified
Tue, 12 Nov 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27629
x-xss-protection
0
expires
Tue, 12 Nov 2019 14:14:45 GMT
css
fonts.googleapis.com/ 		2 KB
482 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Serif:400,700,400italic,700italic
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
68e357769305fcf03ea23213551ea1a6c3aac4a059e83834ca14e7d81a768e09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 12 Nov 2019 14:14:45 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 12 Nov 2019 14:14:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 12 Nov 2019 14:14:45 GMT
jquery.js
www.chwplans.com/ 		146 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chwplans.com/jquery.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:25::28 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
6c82c413c824d6e39062aa3e29825179ae6cfc4f48bc6a14deb3fe6d4b7be415

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 14:14:45 GMT
content-encoding
gzip
last-modified
Mon, 02 Apr 2018 18:08:01 GMT
x-cdn
Incapsula
etag
"3c1397-4508e-568e1786ea240"
content-type
text/javascript
status
200
x-iinfo
5-186521599-186501548 2CNN RT(1573568085488 0) q(0 0 0 1) r(0 0) U18
cache-control
max-age=537342, public
content-length
42101
expires
Mon, 18 Nov 2019 19:30:27 GMT
LP_01.jpg
chwplan.com/a/a73/images/desktop/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chwplan.com/a/a73/images/desktop/LP_01.jpg
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
693d765de24ad53c2c9ca5d3d6ab104db293569dafad730485f1f4b05e7d1f0d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:47 GMT
Last-Modified
Mon, 02 Apr 2018 18:07:58 GMT
Server
Apache
ETag
"4601f1-d726-568e17840db80"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=119
Content-Length
55078
Expires
Tue, 19 Nov 2019 14:14:47 GMT
button_a.png
chwplan.com/a/a73/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chwplan.com/a/a73/images/button_a.png
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
bb17d1b8f3f76cea69eddd9cb8c5521295e1433f16596f54ca33058fe6e05377

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:47 GMT
Last-Modified
Mon, 02 Apr 2018 18:07:58 GMT
Server
Apache
ETag
"4601ef-5b4a-568e17840db80"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=118
Content-Length
23370
Expires
Tue, 19 Nov 2019 14:14:47 GMT
LP_02.jpg
chwplan.com/a/a73/images/desktop/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chwplan.com/a/a73/images/desktop/images/LP_02.jpg
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
3fa8ed08c9838c79230801c7a35afe5e77ec75dec36e0bfee98e0d328df8428f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:48 GMT
Last-Modified
Mon, 02 Apr 2018 18:07:58 GMT
Server
Apache
ETag
"460205-fbfd-568e17840db80"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=117
Content-Length
64509
Expires
Tue, 19 Nov 2019 14:14:48 GMT
LP_06.jpg
chwplan.com/a/a73/images/desktop/images/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chwplan.com/a/a73/images/desktop/images/LP_06.jpg
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
f200d53858566b96964c9657627604480d94e1c75844ebc357512a570208d5f2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:48 GMT
Last-Modified
Tue, 08 Oct 2019 17:00:32 GMT
Server
Apache
ETag
"460212-acf2-594691b347d31"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=116
Content-Length
44274
Expires
Tue, 19 Nov 2019 14:14:48 GMT
jquery.min.js
www.chwplan.com/jsinc/ 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chwplan.com/jsinc/jquery.min.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
fb05e40bf1ca9682c6736a1bfeff728cb405aa918ac36f2596539efc8a5a7a0a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Apr 2018 18:08:00 GMT
Server
Apache
ETag
"3e153b-1a3bc-568e1785f6000"
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=120
Content-Length
37083
Expires
Tue, 19 Nov 2019 14:14:46 GMT
jquery.validate.min.js
www.chwplan.com/jsinc/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chwplan.com/jsinc/jquery.validate.min.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
ec206f320603391154a71449dc03d962f3265aa99b160f2b6f1f5619d9a1cfe5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Apr 2018 18:08:00 GMT
Server
Apache
ETag
"3e153d-560e-568e1785f6000"
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=120
Content-Length
7022
Expires
Tue, 19 Nov 2019 14:14:46 GMT
masked.min.js
www.chwplan.com/jsinc/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chwplan.com/jsinc/masked.min.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
ee5e6f24e63a934667e065cf35fa4cdb9a1ec3391da17621c3994fdb63bb82ea

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Apr 2018 18:08:00 GMT
Server
Apache
ETag
"3e1541-f85d-568e1785f6000"
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=119
Content-Length
19485
Expires
Tue, 19 Nov 2019 14:14:46 GMT
D24328ECFA2D48.js
cdn.datasteam.io/js/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datasteam.io/js/D24328ECFA2D48.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.64 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af0cbe127816e2ae98a2890fe0b612e905e8f1a0febe6531a70a12c03404943f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 10 Nov 2019 21:55:46 GMT
content-encoding
gzip
last-modified
Sun, 27 Oct 2019 18:30:11 GMT
server
AmazonS3
age
58006
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=600,s-maxage=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
5-IHFlJZFTb6oPKf0KWFlAWpgwSxJFgxwzuOEiKfW8l19v4YezSyUA==
via
1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
up_loader.1.1.0.js
js.adsrvr.org/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.173.62 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-173-62.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e98e381189d908e1981b6e535bcdd7f3edceafdb0e7095f3e04292e8aac6a0c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 11 Nov 2019 19:08:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2019 18:26:10 GMT
Server
AmazonS3
Age
68961
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 d12467f4c051603df707c4dfa0fee85d.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA54
X-Amz-Cf-Id
jq1PU9g4Y0-q06j94Yk2P03cp5TH0b_WOQT3omufo8ErBgkbZyfWxw==
conversion.js
www.googleadservices.com/pagead/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
82878030740e152540b07059621887535cd6675c5ccf9eb6efe8ed400ac94ef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 14:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9522
x-xss-protection
0
server
cafe
etag
5594088036234773195
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Nov 2019 14:14:45 GMT
homebg.jpg
chwplan.com/a/a73/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chwplan.com/a/a73/images/homebg.jpg
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:46 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=604800
Connection
close
Content-Length
6040
Expires
Tue, 19 Nov 2019 14:14:46 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1038983633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6069
date
Tue, 12 Nov 2019 12:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Tue, 12 Nov 2019 14:33:37 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1038983633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
7ec65e6b8658f1c3135879a549aecce8d97cedd75ad300a42ccd52e833aff73d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 14:14:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9566
x-xss-protection
0
server
cafe
etag
6111496166162376315
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Nov 2019 14:14:46 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=578540822&t=pageview&_s=1&dl=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&ul=en-us&de=UTF-8&d...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6898183-1&cid=1509698691.1573568086&jid=1638855802&_gid=1888900618.1573568086&gjid=1257965330&_v=j79&z=1918997653
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=1509698691.1573568086&jid=1638855802&_v=j79&z=1918997653
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=1509698691.1573568086&jid=1638855802&_v=j79&z=1918997653&slf_rd=1&random=1918900182
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=1509698691.1573568086&jid=1638855802&_v=j79&z=1918997653&slf_rd=1&random=1918900182
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Nov 2019 14:14:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Nov 2019 14:14:46 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=1509698691.1573568086&jid=1638855802&_v=j79&z=1918997653&slf_rd=1&random=1918900182
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/?random=1573568086050&cv=9&fst=1573568086050&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaav3&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&tiba=Choice%20Home%20Warranty&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
08b0b3845923651c4fe4cee3888d8391b0a7dac384af05eb2c5023d7bbba08e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Nov 2019 14:14:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
994
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
196763683
player.vimeo.com/video/ Frame 4971 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/196763683?autoplay=0&title=0&byline=0&portrait=0
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Wed, 13 Nov 2019 14:14:38 GMT
Via
1.1 varnish 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-10
X-Vimeo-DC
ge
Content-Length
8000
Accept-Ranges
bytes
Date
Tue, 12 Nov 2019 14:14:47 GMT
Age
0
Connection
keep-alive
X-Served-By
cache-hhn4049-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1573568087.212310,VS0,VE94
Vary
Accept-Encoding
LP_04.jpg
chwplan.com/a/a73/images/desktop/images/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chwplan.com/a/a73/images/desktop/images/LP_04.jpg
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
65244734f0efd4307bd80a3a19480e22802d0682bc584f9c6bf5a74f2f18c88b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:49 GMT
Last-Modified
Mon, 02 Apr 2018 18:07:58 GMT
Server
Apache
ETag
"46020d-11ba0-568e17840db80"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=115
Content-Length
72608
Expires
Tue, 19 Nov 2019 14:14:49 GMT
homebgform.png
chwplan.com/a/a73/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chwplan.com/a/a73/images/homebgform.png
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
146.20.84.216 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:47 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=15, max=120
Content-Length
6040
Expires
Tue, 19 Nov 2019 14:14:47 GMT
tDbI2oqRg1oM3QBjjcaDkOr9rAXWGQyH.woff2
fonts.gstatic.com/s/droidserif/v10/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v10/tDbI2oqRg1oM3QBjjcaDkOr9rAXWGQyH.woff2
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c91e2af7df1a9d8a403108592949a68b78ccbb50c38561aeb4cd1d107ebed276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Droid+Serif:400,700,400italic,700italic
Origin
https://chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 16:02:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:18:22 GMT
server
sffe
age
943962
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12560
x-xss-protection
0
expires
Sat, 31 Oct 2020 16:02:04 GMT
tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwGtT0rU.woff2
fonts.gstatic.com/s/droidserif/v10/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v10/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwGtT0rU.woff2
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e6663a15ba588e2aefc9628eaa5755e740f7a31c3caff63430d14248f53281ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Droid+Serif:400,700,400italic,700italic
Origin
https://chwplan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 02:40:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:18:10 GMT
server
sffe
age
992034
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13096
x-xss-protection
0
expires
Sat, 31 Oct 2020 02:40:52 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2453
date
Tue, 12 Nov 2019 13:33:53 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17168
expires
Tue, 12 Nov 2019 15:33:53 GMT
/
www.google.com/pagead/1p-user-list/1038983633/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1038983633/?random=1573568086050&cv=9&fst=1573567200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaav3&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&tiba=Choice%20Home%20Warranty&async=1&fmt=3&is_vtc=1&random=3066461097&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Nov 2019 14:14:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1038983633/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1038983633/?random=1573568086050&cv=9&fst=1573567200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaav3&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&tiba=Choice%20Home%20Warranty&async=1&fmt=3&is_vtc=1&random=3066461097&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Nov 2019 14:14:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1692980312&utmhn=chwplan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Choice%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6898183-1&cid=1509698691.1573568086&jid=388248001&_v=5.7.2&z=1692980312
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=1509698691.1573568086&jid=388248001&_v=5.7.2&z=1692980312
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=1509698691.1573568086&jid=388248001&_v=5.7.2&z=1692980312&slf_rd=1&random=1634103362
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=1509698691.1573568086&jid=388248001&_v=5.7.2&z=1692980312&slf_rd=1&random=1634103362
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Nov 2019 14:14:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Nov 2019 14:14:46 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=1509698691.1573568086&jid=388248001&_v=5.7.2&z=1692980312&slf_rd=1&random=1634103362
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		122 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
981be39924f4c8320f4daa8b8cdd7468455e46a30bd0cfef24ba5c74c2a6b12d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
27377
x-xss-protection
0
pragma
public
x-fb-debug
23EgyCiFCo3TuGf83hP0Eqjm/mPWER8u9ETAXj8BIen5Pybh4k6djCHgb7mibLVD+/sae1hWoeE/HhKamCDMpw==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Tue, 12 Nov 2019 14:14:47 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 14:14:46 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref
Ref A: CFC3A3FF641749E1AEBD0788C26A33D2 Ref B: VIEEDGE0317 Ref C: 2019-11-12T14:14:47Z
status
200
etag
"09c5197968d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7148
script.js
cdn.listrakbi.com/scripts/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.103.8 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-103-8.fra50.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1613890d858a3f18b1a4f266ed83987d1af1adf330470787679fbe2c424ff65f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 07 Nov 2019 16:48:10 GMT
Content-Encoding
gzip
X-AspNet-Version
4.0.30319
X-ltk
11/7/2019 11:48:10 AM
X-Powered-By
ASP.NET
X-Cache
Hit from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection
keep-alive
Content-Length
19512
Last-Modified
Thu, 26 Sep 2019 14:36:26 GMT
Server
Microsoft-IIS/8.5
ETag
"OumWFU6g6ZIkReVipbRSHg=="
Vary
Accept-encoding
Content-Type
text/javascript
Via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
Cache-Control
public, no-transform, max-age=3600, s-maxage=600, no-cache="set-cookie"
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
9pQsyYoMRIeEIBmmW1KjnvSU-xQ6Vre3eB5qDFwwtWL3NkSh7Dwjww==
Expires
Thu, 07 Nov 2019 17:48:10 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/?random=1573568087165&cv=9&fst=1573568087165&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&tiba=Choice%20Home%20Warranty&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
b1d4643bee1763db9b3d22e41170905626df0ccc9bee6ea31750f329ecfb050c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Nov 2019 14:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
952
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe
d1eoo1tco6rr5e.cloudfront.net/zl9kfqh1/pd2ov1h2/ Frame 4A08
Redirect Chain
  • https://insight.adsrvr.org/tags/zl9kfqh1/pd2ov1h2/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/zl9kfqh1/pd2ov1h2/iframe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/zl9kfqh1/pd2ov1h2/iframe
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-97-29.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
d1eoo1tco6rr5e.cloudfront.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374

Response headers

Content-Type
text/html
Content-Length
135
Connection
keep-alive
Date
Tue, 12 Nov 2019 08:42:26 GMT
Last-Modified
Wed, 30 Oct 2013 19:09:20 GMT
ETag
"4132126ad99223740c7569ea79a38c21"
Accept-Ranges
bytes
Server
AmazonS3
X-Cache
Hit from cloudfront
Via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
ngVvSkXrDRw3ho4oOCUcJqraxritFjf06CcYy26RpIOIzKhp25ttbQ==
Age
19952

Redirect headers

status
303
date
Tue, 12 Nov 2019 14:14:58 GMT
content-type
text/html; charset=UTF-8
content-length
185
location
https://d1eoo1tco6rr5e.cloudfront.net/zl9kfqh1/pd2ov1h2/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
1374492936214348
connect.facebook.net/signals/config/ 		56 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1374492936214348?v=2.9.11&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
db7367cc98a1090c49f94250d651d4d03e7bb1edf00169ccaf36d19ec1b7196e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
13472
x-xss-protection
0
pragma
public
x-fb-debug
fy9IzAegKiSpdOe6H0fL4DaZ+ugcvY5B81BDKunC0WR9Rg+7m6q4CYq3Ur9j5mBIU83ExifaL7caGv8Llnv8Iw==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Tue, 12 Nov 2019 14:14:47 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1038983633/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1038983633/?random=1573568087165&cv=9&fst=1573567200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&tiba=Choice%20Home%20Warranty&fmt=3&is_vtc=1&random=3622481318&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Nov 2019 14:14:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1038983633/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1038983633/?random=1573568087165&cv=9&fst=1573567200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&tiba=Choice%20Home%20Warranty&fmt=3&is_vtc=1&random=3622481318&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Nov 2019 14:14:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1374492936214348&ev=PageView&dl=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&rl=&if=false&ts=1573568087207&sw=1600&sh=1200&v=2.9.11&r=stable&ec=0&o=28&fbp=fb.1.1573568087206.1960983229&it=1573568087190&coo=false&rqm=GET
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 14:14:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Tue, 12 Nov 2019 14:14:47 GMT
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5223598&Ver=2&mid=ce8f8781-2702-a26d-e595-890ae61c9a64&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Choice%20Home%20Warranty&p=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&r=&lt=10797&evt=pageLoad&msclkid=N&rn=145118
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Tue, 12 Nov 2019 14:14:46 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: B47D44B1D9584A688F0AC1B7B3A3478D Ref B: VIEEDGE0317 Ref C: 2019-11-12T14:14:47Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.jsonp
aa.agkn.com/adscores/ 		82 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=B7CC46-8A6B1A35-60B2-4BCA-864D-8D58C0FA8DAB
Requested by
Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D24328ECFA2D48.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.156.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-93-156-161.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
9e446e75dc20b6dc693b247aaf7704112e55ef434588368aa0761fc76b3a29a5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Nov 2019 14:14:51 GMT
server
AAWebServer
p3p
policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
application/json
content-length
82
expires
0
4328ECFA2D48
api.datasteam.io/v1/C/RawData/ 		208 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.datasteam.io/v1/C/RawData/4328ECFA2D48?v=8a6b1a35-60b2-4bca-864d-8d58c0fa8dab&m=64b7384d-d00d-4bba-b4aa-cdc1da4f05dd&se=2756c898-1dce-4002-9cab-c076fa548a50&d=eyJ2IjoiOGE2YjFhMzUtNjBiMi00YmNhLTg2NGQtOGQ1OGMwZmE4ZGFiIiwibSI6IjY0YjczODRkLWQwMGQtNGJiYS1iNGFhLWNkYzFkYTRmMDVkZCIsImNzaSI6MTg1NDQ2MTQzNiwic2UiOiIyNzU2Yzg5OC0xZGNlLTQwMDItOWNhYi1jMDc2ZmE1NDhhNTAiLCJuIjoxLCJwIjoiZDA2MjYzYmUtZmI5Yy00MmJhLTgyNDgtNzFiYmU3NTdlZmZjIiwidSI6Imh0dHBzOi8vY2h3cGxhbi5jb20vYS9hNzMvaW5kZXgucGhwP3V0bV9zb3VyY2U9cHBtZm0mdXRtX2NhbXBhaWduPTI3MDM3NCIsInBuIjoiL2EvYTczL2luZGV4LnBocCIsInIiOiIiLCJ0IjoiQ2hvaWNlIEhvbWUgV2FycmFudHkiLCJjIjoiaHR0cHM6Ly9jaHdwbGFuLmNvbS9hL2E3My9pbmRleC5waHA%2FdXRtX3NvdXJjZT1wcG1mbSZ1dG1fY2FtcGFpZ249MjcwMzc0IiwicHIiOiJCN0NDNDYiLCJ1dG1fcyI6InBwbWZtIiwidXRtX2MiOiIyNzAzNzQiLCJzIjoxLCJ2cyI6MSwibCI6IlBhZ2VMb2FkIn0%3D&callback=cbbc7d81dee43e5
Requested by
Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D24328ECFA2D48.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.190.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-196-190-133.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0e1a6823ab6b6239a6a32236af598213825edebc88faa0e7d7cc41397d8d3556

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:47 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private
Connection
keep-alive
Content-Length
296
idr.gif
p.alcmpn.com/idr/ven/1012/ 		32 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.alcmpn.com/idr/ven/1012/idr.gif?fpid=B7CC46-8A6B1A35-60B2-4BCA-864D-8D58C0FA8DAB
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.193.67.164 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
164.67.193.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 14:14:51 GMT
last-modified
Wed, 14 Aug 2019 13:15:59 GMT
server
nginx
etag
"5d54098f-20"
strict-transport-security
max-age=31536000;
content-type
image/gif
status
200
accept-ranges
bytes
content-length
32
getIds
s1.listrakbi.com/3QgckfkNYGiq/session/ 		175 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.listrakbi.com/3QgckfkNYGiq/session/getIds?callback=ltkCallback9398&gsid=&_sid=&_tid=564543&ps=null&dps=true
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.11.27 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-172-11-27.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
87038be25375526343b4727e9cadc388cb0a840ea1b59b31d2e37b7a7d5893b9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 14:14:53 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control
no-cache, no-cache="set-cookie"
Connection
keep-alive
Content-Type
application/x-javascript; charset=utf-8
Content-Length
175
Expires
-1
4328ECFA2D48
api.datasteam.io/v1/C/RawData/ 		208 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.datasteam.io/v1/C/RawData/4328ECFA2D48?v=8a6b1a35-60b2-4bca-864d-8d58c0fa8dab&m=64b7384d-d00d-4bba-b4aa-cdc1da4f05dd&se=2756c898-1dce-4002-9cab-c076fa548a50&d=eyJ2IjoiOGE2YjFhMzUtNjBiMi00YmNhLTg2NGQtOGQ1OGMwZmE4ZGFiIiwibSI6IjY0YjczODRkLWQwMGQtNGJiYS1iNGFhLWNkYzFkYTRmMDVkZCIsImNzaSI6MTg1NDQ2MTQzNiwic2UiOiIyNzU2Yzg5OC0xZGNlLTQwMDItOWNhYi1jMDc2ZmE1NDhhNTAiLCJwIjoiZDA2MjYzYmUtZmI5Yy00MmJhLTgyNDgtNzFiYmU3NTdlZmZjIiwidSI6Imh0dHBzOi8vY2h3cGxhbi5jb20vYS9hNzMvaW5kZXgucGhwP3V0bV9zb3VyY2U9cHBtZm0mdXRtX2NhbXBhaWduPTI3MDM3NCIsInBuIjoiL2EvYTczL2luZGV4LnBocCIsInIiOiIiLCJ0IjoiQ2hvaWNlIEhvbWUgV2FycmFudHkiLCJjIjoiaHR0cHM6Ly9jaHdwbGFuLmNvbS9hL2E3My9pbmRleC5waHA%2FdXRtX3NvdXJjZT1wcG1mbSZ1dG1fY2FtcGFpZ249MjcwMzc0IiwicHIiOiJCN0NDNDYiLCJlaWQiOiJuc19zZWdfMDAwIiwidXRtX3MiOiJwcG1mbSIsInV0bV9jIjoiMjcwMzc0IiwicyI6MiwidnMiOjEsImwiOiJBY3Rpb24iLCJ2MDEiOiJFaWQiLCJ2MDIiOiJuc19zZWdfMDAwIn0%3D&callback=cb81b5824b9d5a3
Requested by
Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D24328ECFA2D48.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.190.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-196-190-133.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
980059b033bc2433ccb7baefffced69f8585c3e2f1a1a48367bf9577ac934ba3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:51 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private
Connection
keep-alive
Content-Length
297
4328ECFA2D48
api.datasteam.io/v1/C/RawData/ 		207 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.datasteam.io/v1/C/RawData/4328ECFA2D48?v=8a6b1a35-60b2-4bca-864d-8d58c0fa8dab&m=64b7384d-d00d-4bba-b4aa-cdc1da4f05dd&se=2756c898-1dce-4002-9cab-c076fa548a50&d=eyJ2IjoiOGE2YjFhMzUtNjBiMi00YmNhLTg2NGQtOGQ1OGMwZmE4ZGFiIiwibSI6IjY0YjczODRkLWQwMGQtNGJiYS1iNGFhLWNkYzFkYTRmMDVkZCIsImNzaSI6MTg1NDQ2MTQzNiwic2UiOiIyNzU2Yzg5OC0xZGNlLTQwMDItOWNhYi1jMDc2ZmE1NDhhNTAiLCJwIjoiZDA2MjYzYmUtZmI5Yy00MmJhLTgyNDgtNzFiYmU3NTdlZmZjIiwidSI6Imh0dHBzOi8vY2h3cGxhbi5jb20vYS9hNzMvaW5kZXgucGhwP3V0bV9zb3VyY2U9cHBtZm0mdXRtX2NhbXBhaWduPTI3MDM3NCIsInBuIjoiL2EvYTczL2luZGV4LnBocCIsInIiOiIiLCJ0IjoiQ2hvaWNlIEhvbWUgV2FycmFudHkiLCJjIjoiaHR0cHM6Ly9jaHdwbGFuLmNvbS9hL2E3My9pbmRleC5waHA%2FdXRtX3NvdXJjZT1wcG1mbSZ1dG1fY2FtcGFpZ249MjcwMzc0IiwicHIiOiJCN0NDNDYiLCJlaWQiOiJuc19zZWdfMDAwIiwidXRtX3MiOiJwcG1mbSIsInV0bV9jIjoiMjcwMzc0IiwicyI6MywidnMiOjEsImwiOiJBY3Rpb24iLCJ2MDEiOiJFczEifQ%3D%3D&callback=cb2b42db4473e2
Requested by
Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D24328ECFA2D48.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.190.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-196-190-133.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
009eec71fc2ee308c7d0e259f29ed1a4f5a45828a8b0809209dc4091266a0a44

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:51 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private
Connection
keep-alive
Content-Length
295
3QgckfkNYGiq
at1.listrakbi.com/activity/ 		111 B
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://at1.listrakbi.com/activity/3QgckfkNYGiq
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.216.58 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-54-216-58.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f40db726ef2878fb5fedfcc92b7631fa3635b49401b05ccbfa09858d59c7e3a5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:54 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Cache-Control
private, no-cache="set-cookie"
Connection
keep-alive
Content-Length
111
update
sca1.listrakbi.com/3QgckfkNYGiq/cart/ 		44 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sca1.listrakbi.com/3QgckfkNYGiq/cart/update?gsid=bd02bec1-b2fc-467a-aa17-266830f4c7a0&_sid=f0263ce2-18cc-45b9-8fbb-07265188e381&_tid=564543&_uid=FF0D65E5-D24B-41E8-861F-557B785D64DE&s_0=warranty-quote&q_0=1&p_0=1.00&n_0=Warranty%20Quote
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.11.27 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-172-11-27.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:53 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control
no-cache, no-cache="set-cookie"
Connection
keep-alive
Content-Type
image/gif
Content-Length
44
3QgckfkNYGiq
at1.listrakbi.com/activity/ 		111 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://at1.listrakbi.com/activity/3QgckfkNYGiq?vuid=7d1b89f7-68ba-49a8-bfa9-5510d6601daa&uid=CEC62CDF-D904-4FF7-A917-1FCE6434E361&gsid=bd02bec1-b2fc-467a-aa17-266830f4c7a0&_t_0=at&t_0=PageBrowse&k_0=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.216.58 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-54-216-58.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f40db726ef2878fb5fedfcc92b7631fa3635b49401b05ccbfa09858d59c7e3a5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:54 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Cache-Control
private
Connection
keep-alive
Content-Length
111
3QgckfkNYGiq
at1.listrakbi.com/activity/ 		111 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://at1.listrakbi.com/activity/3QgckfkNYGiq?vuid=7d1b89f7-68ba-49a8-bfa9-5510d6601daa&uid=821276E0-8DB9-4395-8FFA-423B3961A05F&gsid=bd02bec1-b2fc-467a-aa17-266830f4c7a0&_t_0=at&t_0=Identification&k_0=3&_t_1=at&t_1=Identification&k_1=4&_t_2=at&t_2=Identification&k_2=5
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.216.58 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-54-216-58.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f40db726ef2878fb5fedfcc92b7631fa3635b49401b05ccbfa09858d59c7e3a5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:14:54 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Cache-Control
private
Connection
keep-alive
Content-Length
111
/
vagnt.com/sd/ 		275 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vagnt.com/sd/?siteid=1550
Requested by
Host: chwplan.com
URL: https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.119.106 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-203-119-106.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9962df56ce3d8582fd3c8a4d4b3ab77d862676bc284884054240b05a5f5d2fd6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 14:14:58 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0
content-length
275
up
insight.adsrvr.org/track/ Frame C461 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=zl9kfqh1&ref=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&upid=7h0r1mr&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.153.43 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-246-153-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=zl9kfqh1&ref=https%3A%2F%2Fchwplan.com%2Fa%2Fa73%2Findex.php%3Futm_source%3Dppmfm%26utm_campaign%3D270374&upid=7h0r1mr&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374

Response headers

status
200
date
Tue, 12 Nov 2019 14:14:58 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
common.js
d1wnfwven39x82.cloudfront.net/Scripts/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.16018163492488124
Requested by
Host: vagnt.com
URL: https://vagnt.com/sd/?siteid=1550
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-89.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ead2f94ffec313d8735ab47fd1f6656ddf4dafe56b8d3398344809e15872713e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Sep 2019 21:05:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2019 11:26:04 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA54
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
x-amz-version-id
null
Via
1.1 e4a44efc4b3241dc23019df63a1f645c.cloudfront.net (CloudFront)
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
X-Amz-Cf-Id
8r7oDmdSv2wtdi5it7I9kbHIvKEY61iixnBu8PLis7Suvnf9Bhzgng==
1550.js
s3.amazonaws.com/chat.tsa/SiteSettings/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/chat.tsa/SiteSettings/1550.js?rnd=0.32870833111689457
Requested by
Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.16018163492488124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.224.107 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c8b163027ae091d4a6cd2ab7372c3bbe1900d927d5b44b70d112a4249e9d3e42

Request headers

Sec-Fetch-Mode
cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:15:00 GMT
Last-Modified
Tue, 12 Nov 2019 08:05:56 GMT
Server
AmazonS3
x-amz-request-id
78BADB671A93145F
ETag
"b737545ded4d30564a36449cb6e06f2e"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
x-amz-version-id
null
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
1468
x-amz-id-2
JIkWiCDl0v86eEsAGaL4fSA+VzuHBJA0auhXcjJRn3iF7MpOwLTDZjwo4bUfs+n8Drm1CJohZ+A=
SitePerformance
prf.vagnt.com/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prf.vagnt.com/SitePerformance
Requested by
Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.16018163492488124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
18.232.79.119 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-232-79-119.compute-1.amazonaws.com
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 14:14:57 GMT
Server
Microsoft-IIS/8.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Expires
-1
6712.html
s3.amazonaws.com/chat.tsa/Templates/ 		206 KB
207 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/chat.tsa/Templates/6712.html?rnd=0.34340657797079355
Requested by
Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.16018163492488124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.224.107 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7f91627115cf52f7af3c3df874557af7ddd7275964031c4529771bb44d3a56b4

Request headers

Sec-Fetch-Mode
cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 14:15:01 GMT
Last-Modified
Fri, 08 Nov 2019 21:17:17 GMT
Server
AmazonS3
x-amz-request-id
A3ECD3274240D374
ETag
"f7ac942fef4ed20be9cd89dc6137cb27"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
x-amz-version-id
null
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
211344
x-amz-id-2
mc2ljQoO5HHZv5W0CGs0oeq0Il0iffGv11tsvmXJVcUti2sAyRuDU+x3Oyx5z75phHZV6rbC1jw=
chatWindow.js
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/chatWindow.js?rnd=0.45631151978081075
Requested by
Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.16018163492488124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-89.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0b87248500a6a4f9628f96eb43b527e2f329ac3dced38b57c9e155f2ca2e620

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 22:38:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Mar 2019 11:49:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA54
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
x-amz-version-id
null
Via
1.1 e4a44efc4b3241dc23019df63a1f645c.cloudfront.net (CloudFront)
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
X-Amz-Cf-Id
quX1nOagzGZSX_vTNcLowEKCRmPNy9nyQVzD1Bz7sDyaWm6XsxDisA==
chat.js
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/chat.js?rnd=0.521242934412999
Requested by
Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.16018163492488124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-89.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9efa92e4154aaed45dc7157b4f800c0d3e34e126eec403888f564777d95bff8a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 22:38:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Feb 2019 11:27:19 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA54
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
x-amz-version-id
null
Via
1.1 efed2d5ffeb697060f4a3aa73bdf068f.cloudfront.net (CloudFront)
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
X-Amz-Cf-Id
nw_XSUwh1nAbWEKGC_BaSJQUavQJFLjj2Jr5V9fklvaV6AcphPe6pQ==
cssFix.js
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 		905 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/cssFix.js?rnd=0.20015856745356198
Requested by
Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.16018163492488124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-89.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf53413df26feb4603f0dfc4ef8cf04c83e3d92306025255cde6945f5209a06c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 02:20:42 GMT
Via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Apr 2017 15:04:48 GMT
Server
AmazonS3
Age
49717
ETag
"6cebb7812fa6f9ec25e691fbe76cdfca"
X-Cache
Hit from cloudfront
x-amz-version-id
null
Connection
keep-alive
X-Amz-Cf-Pop
FRA54
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
905
X-Amz-Cf-Id
Bz0YaywbppbcaoUpy_IqDd-PNK2dErXxfRVfYf7W0voNL-THiJdReg==
chatForm.js
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/chatForm.js?rnd=0.11399718159198846
Requested by
Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.16018163492488124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-89.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1cbe211a9a816a4d68f23aaa536667e90844c08fd68af944aed40e8a5f7b96f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Last-Modified
Tue, 25 Sep 2018 11:11:43 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA54
Date
Sun, 10 Nov 2019 22:56:03 GMT
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
application/javascript
Via
1.1 b7e7cd319ec31b533acb1e9e4b737331.cloudfront.net (CloudFront)
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
4oDAtMlNdP7GPYbdyzAbTNioWIdkWpqwes-6rNuFLsJTp08eJenggw==
messages.js
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/messages.js?rnd=0.8920687187018521
Requested by
Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.16018163492488124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-89.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d87e16a3d15ad946f44aeb696da2bbb405c2f20f60e783dba59e1bda86af5323

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
Via
1.1 6e8dd39e00d9a5c1a31d69ffa2821a5e.cloudfront.net (CloudFront)
Last-Modified
Wed, 19 Apr 2017 10:04:43 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA54
ETag
"563930b4aaa5d8e88b51cc51eb3b00fd"
X-Cache
Hit from cloudfront
Content-Type
binary/octet-stream
Date
Sun, 10 Nov 2019 08:51:42 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5392
X-Amz-Cf-Id
ikoMO-Hiii9362w2ukIJPJhRVAgiJsi3PBoxKGXKsHuAVy9_cCiLng==
predictiveLaunch.js
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/predictiveLaunch.js?rnd=0.08626496018677865
Requested by
Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.16018163492488124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-89.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cf0798f17765f370a864a3b672cc969c2fb38810e64ce262d40459b5ca417a7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Last-Modified
Wed, 03 Feb 2016 13:17:27 GMT
Server
AmazonS3
Age
81277
Date
Mon, 11 Nov 2019 15:40:24 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 6e8dd39e00d9a5c1a31d69ffa2821a5e.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA54
X-Amz-Cf-Id
HeAbF-HrmnysnyxZPulFWRuChzku6x2oBHEmX2oXMlkBPXxie-zU6Q==
back.js
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/back.js?rnd=0.7000758952703869
Requested by
Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.16018163492488124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-89.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46915b78e8042edf5ed5d09577a1ae0d62e4063f6a0d25ec953eb23363c978be

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 05:36:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Feb 2016 13:17:29 GMT
Server
AmazonS3
Age
53512
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
x-amz-version-id
null
Via
1.1 6e8dd39e00d9a5c1a31d69ffa2821a5e.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA54
Content-Type
application/x-javascript
X-Amz-Cf-Id
Rrq84EA1R1Qh_tsbfMAT1o2LrlFRo6Izor-ZfvQRMu75oewG7hXctA==
sound.js
d1wnfwven39x82.cloudfront.net/Scripts/Modules/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/sound.js?rnd=0.40724120169396705
Requested by
Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/common.js?rnd=0.16018163492488124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-89.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8a2637df75d0915a637369294b573d79fb8b6f43cc9571222421a1cb7a2bed7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Last-Modified
Tue, 26 Jul 2016 10:15:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA54
Date
Sat, 09 Nov 2019 23:17:19 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 6e8dd39e00d9a5c1a31d69ffa2821a5e.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
DYXu4sDIP7a4-hABIbV3bWf_kGU4asWHCqwvcPlpY6HXSPGaEPMwAg==
reset.css
d1wnfwven39x82.cloudfront.net/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1wnfwven39x82.cloudfront.net/reset.css?rnd=0.8479274522568596
Requested by
Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/cssFix.js?rnd=0.20015856745356198
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-89.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03a6106e4bc9f8d4a3f1607830f777e780ab4644bc4df86c9394b5bbc0f41886

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 02:20:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Dec 2016 16:53:55 GMT
Server
AmazonS3
Age
51041
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
x-amz-version-id
null
Via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA54
Content-Type
text/css
X-Amz-Cf-Id
6bLdcVR7ebeNabl3j8izk5l2o9OYZuhjD7Agpxj-UV97uzTMOK0fdQ==
ChatLaunch.mp3
s3.amazonaws.com/chat.tsa/Sounds/ 		23 KB
24 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/chat.tsa/Sounds/ChatLaunch.mp3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.224.107 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
aae1695ddc586c17ce282027b177678a490e6cea85744105227546f3ce36a29d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 12 Nov 2019 14:15:01 GMT
Last-Modified
Mon, 27 Jun 2016 13:40:23 GMT
Server
AmazonS3
x-amz-request-id
85D1A94A6E120D45
ETag
"c1a8fd251f0c91a81d270b2fe716cab5"
Content-Type
audio/mpeg
Content-Range
bytes 0-23712/23713
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
23713
x-amz-id-2
i5luS9QhOHbqN5W+srnJqII6wHxnDPJcmbQs5sid3h+N/s/6SwNhOBehp8qkREgdo7HCmEcoth8=
MessageSend.mp3
s3.amazonaws.com/chat.tsa/Sounds/ 		10 KB
10 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/chat.tsa/Sounds/MessageSend.mp3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.224.107 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
84f09b200d2070df37bc956d32f06d3af244cd8c015011372cc3d15a57721e56

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 12 Nov 2019 14:15:01 GMT
Last-Modified
Mon, 27 Jun 2016 13:58:28 GMT
Server
AmazonS3
x-amz-request-id
892BBDB51026E316
ETag
"29d062f40725895ffeac106e04e3bbf0"
Content-Type
audio/mpeg
Content-Range
bytes 0-9930/9931
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
9931
x-amz-id-2
PWqj08Bv1tYNs5ckRpeX0cNedi7LRcHLX0mlGoap9axfdOUjea5NP9OFU4XymW91Dp/CdfTgrFo=
MessageReceive.mp3
s3.amazonaws.com/chat.tsa/Sounds/ 		26 KB
27 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/chat.tsa/Sounds/MessageReceive.mp3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.224.107 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9261845027162e376ab28b6c9d10ae601a8433de42e543db3705fb99dd5ebff9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 12 Nov 2019 14:15:01 GMT
Last-Modified
Mon, 27 Jun 2016 14:06:41 GMT
Server
AmazonS3
x-amz-request-id
01A4B7B324533898
ETag
"f6bbdd93b0ce0e432a9524bd2884287e"
Content-Type
audio/mpeg
Content-Range
bytes 0-27105/27106
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
27106
x-amz-id-2
IpJiIQXhffBcm2WQzcwylhoQXA/4EPk+Z0IQglexJgOLYDIf4yb16gnQd+4TLjzDUa/DGn7MdWs=
/
vagnt.com/api/Chat/ 		480 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vagnt.com/api/Chat/?rnd=0.6146306710089349
Requested by
Host: d1wnfwven39x82.cloudfront.net
URL: https://d1wnfwven39x82.cloudfront.net/Scripts/Modules/chat.js?rnd=0.521242934412999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.119.106 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-203-119-106.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4a5310be09010bf42d948a9780b848c6872472899def8297f5b95878925e5411

Request headers

Accept
application/json
Referer
https://chwplan.com/a/a73/index.php?utm_source=ppmfm&utm_campaign=270374
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 12 Nov 2019 14:15:00 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
content-length
480
expires
-1
truncated
/ 		113 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad101875e70a3dd339c004f2b194c0f162d221c8bf0acc76828cc70c847cd1e3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		38 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa87cdf1481fad2305926d29649f7f749ab73ff5cf002fdc214f05edf92acc3a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| analytics_tag object| dataLayer function| adwords_tag object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| $ function| jQuery function| PopIt function| UnPopIt string| gaJsHost object| _gat object| _gaq object| pageTracker function| vagnt_load string| vagntCampaignId string| vagntLinkInfo function| fbq function| _fbq object| uetq function| ttd_dom_ready function| TTDUniversalPixelApi string| biJsHost object| google_conversion_id object| google_custom_params object| google_remarketing_only function| _MGX_LU function| _MGX_LG object| MGX object| __MGX__ object| MGX_API object| MGX_DATA object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params function| UET function| neustarResponse boolean| __MGX_E__ undefined| cbbc7d81dee43e5 function| _Utilities function| AsyncManager function| AsyncCall function| Identity function| LTK function| _Order function| _TRKT function| _Product function| _Customer function| _Client function| _Assembler function| _LTKClick function| _LTKSubscriber function| _Profile function| _ProfileItem function| _LTKSignup function| isWatermark function| SessionTracker function| SCAItem function| getCookieDomain function| _Session string| _protocol object| _ltk_util object| match string| _ltkwmt object| _ltk object| customEvent object| jQueryLoadCall number| _jQueryLoadInterval object| ltkLoadCall number| _ltkLoadInterval number| c_start string| ua object| matched object| browser object| lists undefined| cb81b5824b9d5a3 undefined| cb2b42db4473e2 number| c_end object| tsaScript object| TSA object| _charencoder function| _memcpyin function| _memcpyout

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
api.datasteam.io
app.topicaplus.com
at1.listrakbi.com
bat.bing.com
cdn.datasteam.io
cdn.listrakbi.com
chwplan.com
connect.facebook.net
d1eoo1tco6rr5e.cloudfront.net
d1wnfwven39x82.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
p.alcmpn.com
player.vimeo.com
prf.vagnt.com
s1.listrakbi.com
s3.amazonaws.com
sca1.listrakbi.com
ssl.google-analytics.com
stats.g.doubleclick.net
tas7.com
vagnt.com
www.chwplan.com
www.chwplans.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.225.78.64
143.204.103.8
143.204.97.29
146.20.84.216
151.101.112.217
172.217.16.162
18.232.79.119
2620:1ec:c11::200
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:818::2003
2a00:1450:4001:81b::2002
2a00:1450:4001:81b::2008
2a00:1450:4001:825::2004
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9d
2a02:e980:25::28
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.196.190.133
34.203.119.106
35.193.67.164
52.216.224.107
52.222.168.89
52.222.173.62
52.54.216.58
54.172.11.27
54.198.74.114
54.246.153.43
54.93.156.161
74.118.105.83
009eec71fc2ee308c7d0e259f29ed1a4f5a45828a8b0809209dc4091266a0a44
03a6106e4bc9f8d4a3f1607830f777e780ab4644bc4df86c9394b5bbc0f41886
08b0b3845923651c4fe4cee3888d8391b0a7dac384af05eb2c5023d7bbba08e6
0c811ab7d78e9fd8795f162dbf91399df124c0c95e4e24ac859c4b0cbace2a2b
0e1a6823ab6b6239a6a32236af598213825edebc88faa0e7d7cc41397d8d3556
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1613890d858a3f18b1a4f266ed83987d1af1adf330470787679fbe2c424ff65f
1cf0798f17765f370a864a3b672cc969c2fb38810e64ce262d40459b5ca417a7
3fa8ed08c9838c79230801c7a35afe5e77ec75dec36e0bfee98e0d328df8428f
46915b78e8042edf5ed5d09577a1ae0d62e4063f6a0d25ec953eb23363c978be
4a5310be09010bf42d948a9780b848c6872472899def8297f5b95878925e5411
65244734f0efd4307bd80a3a19480e22802d0682bc584f9c6bf5a74f2f18c88b
68e357769305fcf03ea23213551ea1a6c3aac4a059e83834ca14e7d81a768e09
693d765de24ad53c2c9ca5d3d6ab104db293569dafad730485f1f4b05e7d1f0d
6c82c413c824d6e39062aa3e29825179ae6cfc4f48bc6a14deb3fe6d4b7be415
791849ab3db8ae9ae67fdc441149d5e3d6e75e9081a11dacf8aa1db98e494939
7e98e381189d908e1981b6e535bcdd7f3edceafdb0e7095f3e04292e8aac6a0c
7ec65e6b8658f1c3135879a549aecce8d97cedd75ad300a42ccd52e833aff73d
7f91627115cf52f7af3c3df874557af7ddd7275964031c4529771bb44d3a56b4
82878030740e152540b07059621887535cd6675c5ccf9eb6efe8ed400ac94ef1
84f09b200d2070df37bc956d32f06d3af244cd8c015011372cc3d15a57721e56
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
87038be25375526343b4727e9cadc388cb0a840ea1b59b31d2e37b7a7d5893b9
9261845027162e376ab28b6c9d10ae601a8433de42e543db3705fb99dd5ebff9
980059b033bc2433ccb7baefffced69f8585c3e2f1a1a48367bf9577ac934ba3
981be39924f4c8320f4daa8b8cdd7468455e46a30bd0cfef24ba5c74c2a6b12d
9962df56ce3d8582fd3c8a4d4b3ab77d862676bc284884054240b05a5f5d2fd6
9e446e75dc20b6dc693b247aaf7704112e55ef434588368aa0761fc76b3a29a5
9efa92e4154aaed45dc7157b4f800c0d3e34e126eec403888f564777d95bff8a
aa87cdf1481fad2305926d29649f7f749ab73ff5cf002fdc214f05edf92acc3a
aae1695ddc586c17ce282027b177678a490e6cea85744105227546f3ce36a29d
ad101875e70a3dd339c004f2b194c0f162d221c8bf0acc76828cc70c847cd1e3
af0cbe127816e2ae98a2890fe0b612e905e8f1a0febe6531a70a12c03404943f
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b1d4643bee1763db9b3d22e41170905626df0ccc9bee6ea31750f329ecfb050c
bb17d1b8f3f76cea69eddd9cb8c5521295e1433f16596f54ca33058fe6e05377
c8a2637df75d0915a637369294b573d79fb8b6f43cc9571222421a1cb7a2bed7
c8b163027ae091d4a6cd2ab7372c3bbe1900d927d5b44b70d112a4249e9d3e42
c91e2af7df1a9d8a403108592949a68b78ccbb50c38561aeb4cd1d107ebed276
cf53413df26feb4603f0dfc4ef8cf04c83e3d92306025255cde6945f5209a06c
d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a
d1cbe211a9a816a4d68f23aaa536667e90844c08fd68af944aed40e8a5f7b96f
d87e16a3d15ad946f44aeb696da2bbb405c2f20f60e783dba59e1bda86af5323
db7367cc98a1090c49f94250d651d4d03e7bb1edf00169ccaf36d19ec1b7196e
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e414dbe9a9f84028f16078e02a7c8b58a837095cb05dadf2c12982d7729f6947
e6663a15ba588e2aefc9628eaa5755e740f7a31c3caff63430d14248f53281ff
ead2f94ffec313d8735ab47fd1f6656ddf4dafe56b8d3398344809e15872713e
ec206f320603391154a71449dc03d962f3265aa99b160f2b6f1f5619d9a1cfe5
ee5e6f24e63a934667e065cf35fa4cdb9a1ec3391da17621c3994fdb63bb82ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b87248500a6a4f9628f96eb43b527e2f329ac3dced38b57c9e155f2ca2e620
f200d53858566b96964c9657627604480d94e1c75844ebc357512a570208d5f2
f40db726ef2878fb5fedfcc92b7631fa3635b49401b05ccbfa09858d59c7e3a5
fb05e40bf1ca9682c6736a1bfeff728cb405aa918ac36f2596539efc8a5a7a0a