urlscan.io logo urlscan.io
SecurityTrails logo

chpromotion.com Open in urlscan Pro
146.20.84.216  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/3s1Yjpy
Effective URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Submission: On May 02 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 3 countries across 29 domains to perform 89 HTTP transactions. The main IP is 146.20.84.216, located in United States and belongs to RACKSPACE, US. The main domain is chpromotion.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 17th 2022. Valid for: a year.
This is the only time chpromotion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 1 162.221.187.148 33182 (DIMENOC)
1 51.15.154.82 12876 (Online SAS)
1 24 146.20.84.216 27357 (RACKSPACE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
2 142.250.72.98 15169 (GOOGLE)
1 2600:9000:210... 16509 (AMAZON-02)
1 13.225.213.78 16509 (AMAZON-02)
2 13.225.226.150 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 52.22.194.150 14618 (AMAZON-AES)
6 34.96.102.137 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 172.253.115.157 15169 (GOOGLE)
1 34.117.39.58 396982 (GOOGLE-CL...)
1 2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 198.145.13.12 2044 (DF-PTL01)
1 2 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 99.84.43.9 16509 (AMAZON-02)
1 4 35.227.244.1 15169 (GOOGLE)
3 54.230.102.8 16509 (AMAZON-02)
1 2 52.46.130.91 16509 (AMAZON-02)
6 104.18.7.244 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 5 52.223.40.198 16509 (AMAZON-02)
1 35.190.54.17 15169 (GOOGLE)
1 4 99.83.128.14 16509 (AMAZON-02)
2 2 44.197.25.138 14618 (AMAZON-AES)
1 1 104.76.100.229 16625 (AKAMAI-AS)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 13.226.31.28 16509 (AMAZON-02)
89 32
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    162.221.187.148 (United States)

ASN33182 (DIMENOC, US)
PTR: baleling.org.uk
xistpital.co.uk
1    51.15.154.82 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-154-82.rev.poneytelecom.eu
clearlifemind.com
24    146.20.84.216 (United States)

ASN27357 (RACKSPACE, US)
chpromotion.com
www.chwplan.com
4    2607:f8b0:4006:81c::2008 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:80f::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2607:f8b0:4006:806::2004 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    142.250.72.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
www.googleadservices.com
1    2600:9000:210b:8200:d:69b0:4e00:21 (United States)

ASN16509 (AMAZON-02, US)
d11tldh9zr4z08.cloudfront.net
1    13.225.213.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-213-78.ewr50.r.cloudfront.net
cdn.datasteam.io
2    13.225.226.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-226-150.jfk51.r.cloudfront.net
js.adsrvr.org
2    2607:f8b0:4006:820::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    52.22.194.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-194-150.compute-1.amazonaws.com
track.securedvisit.com
6    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
2    2607:f8b0:4006:81d::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4006:823::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    172.253.115.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f157.1e100.net
bid.g.doubleclick.net
1    34.117.39.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.39.117.34.bc.googleusercontent.com
www.upsellit.com
2    2607:f8b0:4006:81d::2008 (Staten Island, United States)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2607:f8b0:4006:80e::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    198.145.13.12 (Portland, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com
win.staticstuff.net
2    2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    99.84.43.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-43-9.ewr52.r.cloudfront.net
cdn.listrakbi.com
4    35.227.244.1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com
shop.pe
3    54.230.102.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-102-8.ewr53.r.cloudfront.net
d3rr3d0n31t48m.cloudfront.net
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    104.18.7.244 (None, )

ASN13335 (CLOUDFLARENET, US)
s1.listrakbi.com
at1.listrakbi.com
sca1.listrakbi.com
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
1    35.190.54.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com
shopper.shop.pe
4    99.83.128.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com
nytrng.com
2    44.197.25.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-25-138.compute-1.amazonaws.com
dpm.demdex.net
1    104.76.100.229 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-229.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    13.226.31.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-28.ewr53.r.cloudfront.net
cdn.nytrng.com
Apex Domain
Subdomains		 Transfer
23 chpromotion.com
chpromotion.com
1 MB
7 listrakbi.com
cdn.listrakbi.com — Cisco Umbrella Rank: 9483
s1.listrakbi.com — Cisco Umbrella Rank: 9835
at1.listrakbi.com — Cisco Umbrella Rank: 10547
sca1.listrakbi.com — Cisco Umbrella Rank: 34789
27 KB
7 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1414
insight.adsrvr.org — Cisco Umbrella Rank: 529
match.adsrvr.org — Cisco Umbrella Rank: 327
9 KB
6 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4834
90 KB
5 nytrng.com
nytrng.com — Cisco Umbrella Rank: 4237
cdn.nytrng.com — Cisco Umbrella Rank: 23876
9 KB
5 shop.pe
shop.pe — Cisco Umbrella Rank: 9728
shopper.shop.pe — Cisco Umbrella Rank: 11750
10 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
bid.g.doubleclick.net — Cisco Umbrella Rank: 469
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
4 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 5
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
ssl.google-analytics.com — Cisco Umbrella Rank: 272
37 KB
4 cloudfront.net
d11tldh9zr4z08.cloudfront.net
d3rr3d0n31t48m.cloudfront.net
57 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 55
165 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 337
12 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
221 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 201
2 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 271
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 133
37 KB
2 securedvisit.com
track.securedvisit.com — Cisco Umbrella Rank: 5426
25 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 105
32 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 320
913 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 444
846 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 103
397 B
1 staticstuff.net
win.staticstuff.net — Cisco Umbrella Rank: 77216
413 B
1 upsellit.com
www.upsellit.com — Cisco Umbrella Rank: 9442
11 KB
1 datasteam.io
cdn.datasteam.io — Cisco Umbrella Rank: 18034
66 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
642 B
1 chwplan.com
www.chwplan.com
63 KB
1 clearlifemind.com
clearlifemind.com
469 B
1 xistpital.co.uk
xistpital.co.uk
423 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4457
432 B
89 29
Domain Requested by
23 chpromotion.com 1 redirects clearlifemind.com
chpromotion.com
6 dev.visualwebsiteoptimizer.com chpromotion.com
dev.visualwebsiteoptimizer.com
5 www.google.com chpromotion.com
4 nytrng.com 1 redirects d3rr3d0n31t48m.cloudfront.net
cdn.nytrng.com
4 match.adsrvr.org js.adsrvr.org
4 at1.listrakbi.com cdn.listrakbi.com
4 shop.pe 1 redirects d3rr3d0n31t48m.cloudfront.net
shopper.shop.pe
4 www.googletagmanager.com chpromotion.com
www.googletagmanager.com
3 d3rr3d0n31t48m.cloudfront.net chpromotion.com
shop.pe
3 bat.bing.com chpromotion.com
bat.bing.com
2 dpm.demdex.net 2 redirects
2 s.amazon-adsystem.com 1 redirects chpromotion.com
2 connect.facebook.net chpromotion.com
connect.facebook.net
2 stats.g.doubleclick.net 1 redirects www.google-analytics.com
2 ssl.google-analytics.com 1 redirects chpromotion.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 fonts.gstatic.com fonts.googleapis.com
2 track.securedvisit.com chpromotion.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 js.adsrvr.org chpromotion.com
match.adsrvr.org
2 www.googleadservices.com chpromotion.com
www.googletagmanager.com
1 cdn.nytrng.com nytrng.com
1 pixel.rubiconproject.com 1 redirects
1 tags.bluekai.com 1 redirects
1 shopper.shop.pe shop.pe
1 insight.adsrvr.org 1 redirects
1 www.facebook.com chpromotion.com
1 sca1.listrakbi.com chpromotion.com
1 s1.listrakbi.com cdn.listrakbi.com
1 cdn.listrakbi.com chpromotion.com
1 win.staticstuff.net d11tldh9zr4z08.cloudfront.net
1 www.gstatic.com www.google.com
1 www.upsellit.com www.googletagmanager.com
1 bid.g.doubleclick.net www.googleadservices.com
1 cdn.datasteam.io chpromotion.com
1 d11tldh9zr4z08.cloudfront.net chpromotion.com
1 fonts.googleapis.com chpromotion.com
1 www.chwplan.com chpromotion.com
1 clearlifemind.com
1 xistpital.co.uk 1 redirects
1 bit.ly 1 redirects
89 41

This site contains links to these domains. Also see Links.

Domain
www.choicehomewarranty.com
Subject Issuer Validity Valid
clearlifemind.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-30 -
2022-09-21		 a year crt.sh
chwplan.com
Go Daddy Secure Certificate Authority - G2		 2022-03-17 -
2023-04-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
cdn.datasteam.io
Amazon		 2021-10-20 -
2022-11-17		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.upsellit.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-30 -
2022-11-01		 2 years crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
win.staticstuff.net
Sectigo RSA Domain Validation Secure Server CA		 2022-03-02 -
2022-11-04		 8 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-08 -
2022-05-09		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.listrakbi.com
Amazon		 2022-01-10 -
2023-02-06		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
listrakbi.com
Cloudflare Inc ECC CA-3		 2021-08-09 -
2022-08-08		 a year crt.sh
*.shop.pe
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-06 -
2022-09-06		 a year crt.sh
nytrng.com
Amazon		 2022-04-24 -
2023-05-23		 a year crt.sh
*.nytrng.com
Amazon		 2021-10-17 -
2022-11-14		 a year crt.sh

This page contains 8 frames:

Primary Page: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Frame ID: 8DD3F4148448AC18944CBBE6AD573CB2
Requests: 78 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 9103F0D43BB390F8A3152934242A9FD2
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=964389696365346200&dcc=t
Frame ID: AD49DA441152353254F4CBAB4C1FDF6C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=zl9kfqh1&ref=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&upid=7h0r1mr&upv=1.1.0
Frame ID: BD3713F57173C77B7494C2AE5394C827
Requests: 2 HTTP requests in this frame

Frame: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=e325844cd2854475bd8faee074a38756
Frame ID: 14B6BF27AB7B24F9DA8DF95EA1424B7F
Requests: 4 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Frame ID: 7A3ADFE548CFA3E2DE762E5142DD20D8
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
Frame ID: DEE4690753957F2A23399B83E3CB6EAD
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: F209DFF0C168A96442A1681DC002B39E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Choice Home Warranty

Page URL History Show full URLs

  1. http://bit.ly/3s1Yjpy HTTP 301
    http://xistpital.co.uk/rb5f3.php?32=1o22626bbdd9ad0c8_1m84.testP.A01e7cfzqtm1vuf7z9_iu2096.fzqtmMDk... HTTP 302
    https://clearlifemind.com/1761eedf4f712cb9800/ZOZ_223cpfk/_iu%7C096sg%7Cfzqtm%7Co22626bbdd9ad0c8_1m84%... Page URL
  2. http://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682 HTTP 302
    https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

89
Requests

97 %
HTTPS

35 %
IPv6

29
Domains

41
Subdomains

32
IPs

3
Countries

2141 kB
Transfer

3415 kB
Size

51
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/3s1Yjpy HTTP 301
    http://xistpital.co.uk/rb5f3.php?32=1o22626bbdd9ad0c8_1m84.testP.A01e7cfzqtm1vuf7z9_iu2096.fzqtmMDk2c2cxMTI2cjhw0m4NPa HTTP 302
    https://clearlifemind.com/1761eedf4f712cb9800/ZOZ_223cpfk/_iu%7C096sg%7Cfzqtm%7Co22626bbdd9ad0c8_1m84%7C1126r8p%7C87927%7C01e7cfzqtm%7CA%7Caoqmv9 Page URL
  2. http://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682 HTTP 302
    https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bit.ly/3s1Yjpy HTTP 301
  • http://xistpital.co.uk/rb5f3.php?32=1o22626bbdd9ad0c8_1m84.testP.A01e7cfzqtm1vuf7z9_iu2096.fzqtmMDk2c2cxMTI2cjhw0m4NPa HTTP 302
  • https://clearlifemind.com/1761eedf4f712cb9800/ZOZ_223cpfk/_iu%7C096sg%7Cfzqtm%7Co22626bbdd9ad0c8_1m84%7C1126r8p%7C87927%7C01e7cfzqtm%7CA%7Caoqmv9
Request Chain 52
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=150318786&utmhn=chpromotion.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Choice%20Home%20Warranty&utmhid=1379996036&utmr=-&utmp=%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&utmht=1651465833554&utmac=UA-6898183-1&utmcc=__utma%3D212881990.454021545.1651465833.1651465834.1651465834.1%3B%2B__utmz%3D212881990.1651465834.1.1.utmcsr%3Dspdlfm%7Cutmccn%3D690131%7Cutmcmd%3D(not%2520set)%3B&utmjid=2082197429&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6898183-1&cid=454021545.1651465833&jid=2082197429&_v=5.7.2&z=150318786 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=454021545.1651465833&jid=2082197429&_v=5.7.2&z=150318786
Request Chain 56
  • https://shop.pe/widget/widget_async.js HTTP 301
  • https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Request Chain 57
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=964389696365346200 HTTP 302
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=964389696365346200&dcc=t
Request Chain 74
  • https://insight.adsrvr.org/track/up?adv=zl9kfqh1&ref=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&upid=7h0r1mr&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=zl9kfqh1&ref=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&upid=7h0r1mr&upv=1.1.0
Request Chain 81
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=dbaa593b-8c52-47e8-9964-bf8028989934&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=dbaa593b-8c52-47e8-9964-bf8028989934&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Request Chain 82
  • https://tags.bluekai.com/site/5386?id=dbaa593b-8c52-47e8-9964-bf8028989934&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
Request Chain 83
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dbaa593b-8c52-47e8-9964-bf8028989934&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 86
  • https://nytrng.com/mper HTTP 301
  • https://nytrng.com/mper/f62f39eb161588b280844704a1840c4b

89 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
_iu%7C096sg%7Cfzqtm%7Co22626bbdd9ad0c8_1m84%7C1126r8p%7C87927%7C01e7cfzqtm%7CA%7Caoqmv9
clearlifemind.com/1761eedf4f712cb9800/ZOZ_223cpfk/
Redirect Chain
  • http://bit.ly/3s1Yjpy
  • http://xistpital.co.uk/rb5f3.php?32=1o22626bbdd9ad0c8_1m84.testP.A01e7cfzqtm1vuf7z9_iu2096.fzqtmMDk2c2cxMTI2cjhw0m4NPa
  • https://clearlifemind.com/1761eedf4f712cb9800/ZOZ_223cpfk/_iu%7C096sg%7Cfzqtm%7Co22626bbdd9ad0c8_1m84%7C1126r8p%7C87927%7C01e7cfzqtm%7CA%7Caoqmv9
156 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clearlifemind.com/1761eedf4f712cb9800/ZOZ_223cpfk/_iu%7C096sg%7Cfzqtm%7Co22626bbdd9ad0c8_1m84%7C1126r8p%7C87927%7C01e7cfzqtm%7CA%7Caoqmv9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.15.154.82 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-154-82.rev.poneytelecom.eu
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
NIT/atrax-1.0
accept-language
en-US,en;q=0.9
referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB

Response headers

Connection
close
Content-Length
156
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 May 2022 04:30:31 GMT
Server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
204
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 May 2022 04:30:30 GMT
Keep-Alive
timeout=5, max=100
Location
https://clearlifemind.com/1761eedf4f712cb9800/ZOZ_223cpfk/_iu|096sg|fzqtm|o22626bbdd9ad0c8_1m84|1126r8p|87927|01e7cfzqtm|A|aoqmv9
Server
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Primary Request index.php
chpromotion.com/a/a69/
Redirect Chain
  • http://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
  • https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
55 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Requested by
Host: clearlifemind.com
URL: https://clearlifemind.com/1761eedf4f712cb9800/ZOZ_223cpfk/_iu%7C096sg%7Cfzqtm%7Co22626bbdd9ad0c8_1m84%7C1126r8p%7C87927%7C01e7cfzqtm%7CA%7Caoqmv9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
272091531da7b501938c450b37c0deafda5310f5f9dddf6f0cd2ab49bfe14d5c

Request headers

Referer
https://clearlifemind.com/1761eedf4f712cb9800/ZOZ_223cpfk/_iu%7C096sg%7Cfzqtm%7Co22626bbdd9ad0c8_1m84%7C1126r8p%7C87927%7C01e7cfzqtm%7CA%7Caoqmv9
Upgrade-Insecure-Requests
1
User-Agent
NIT/atrax-1.0
accept-language
en-US,en;q=0.9
referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 May 2022 04:30:32 GMT
Keep-Alive
timeout=5, max=98
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Server
BigIP
js
www.googletagmanager.com/gtag/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-6898183-1
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e5eb9db958d00a80a0dae60a6e5d7696effb32a50df2d47cdf1a24069e979e90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38769
x-xss-protection
0
last-modified
Mon, 02 May 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 May 2022 04:30:32 GMT
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1038983633
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c2486b3980076f223deebfe8cf6a099283fdbe77c7b1b1ae5df96e07f98cd43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42280
x-xss-protection
0
last-modified
Mon, 02 May 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 May 2022 04:30:32 GMT
bootstrap.min.css
chpromotion.com/a/a69/bootstrap/css/ 		119 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chpromotion.com/a/a69/bootstrap/css/bootstrap.min.css
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
edd03ab3a1f8f4fee1f13400764eaa7de9b4ec3da31a2de7f2a5a40e2ea181a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:32 GMT
Last-Modified
Mon, 02 Apr 2018 18:07:58 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"1da10-568e17840db80"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
121360
font-awesome.css
chpromotion.com/a/a69/bootstrap/css/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chpromotion.com/a/a69/bootstrap/css/font-awesome.css
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
52b860bf171d4c3ddb8c50fe9b1cf48cd6337c07f0b111788d7ba34aad733299

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:32 GMT
Last-Modified
Mon, 02 Apr 2018 18:07:58 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"58b3-568e17840db80"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
22707
style.css
chpromotion.com/a/a69/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chpromotion.com/a/a69/css/style.css?1651465832
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
227b35c3379771751ba64874d186212b74b61206a15b8e7d63a4a56e895526d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:32 GMT
Last-Modified
Mon, 13 Jul 2020 15:28:59 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"a59-5aa5459882271"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
2649
jquery-1.11.1.min.js
chpromotion.com/a/a69/bootstrap/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chpromotion.com/a/a69/bootstrap/js/jquery-1.11.1.min.js
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:32 GMT
Last-Modified
Mon, 02 Apr 2018 18:07:58 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"1762a-568e17840db80"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
95786
masked.min.js
www.chwplan.com/jsinc/ 		62 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chwplan.com/jsinc/masked.min.js
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
ee5e6f24e63a934667e065cf35fa4cdb9a1ec3391da17621c3994fdb63bb82ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:32 GMT
Last-Modified
Mon, 02 Apr 2018 18:08:00 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"f85d-568e1785f6000"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
63581
css
fonts.googleapis.com/ 		724 B
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700,300
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
24a2d68ba9dba0183ffea93a52246f4017d6ec224c6a477ce916263eed8371ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 02 May 2022 04:30:32 GMT
gtm.js
www.googletagmanager.com/ 		120 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P69ZDD7
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e61425fc8bc114f0bd6047ff32d77bffdc5825d2c4110d0377df2fa1caa3cfdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45112
x-xss-protection
0
last-modified
Mon, 02 May 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 May 2022 04:30:33 GMT
logo2.png
chpromotion.com/a/a69/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/logo2.png
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
79270dfeec80a9831db892c6afa6203afcfcbe58fb78d76c6b610b9b79a45739

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Fri, 11 Mar 2022 19:40:49 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"3a67-5d9f68203227b"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
14951
spinner.gif
chpromotion.com/a/a69/ 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/spinner.gif
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
f0777ebcd83d90fcb23e1ddd319a4742e3af06e7e1953fe6f851df61ff3022ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
215
Content-Type
text/html; charset=iso-8859-1
icon1.png
chpromotion.com/a/a69/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/icon1.png
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
4540fe3d85b175ac7c0272025c164aee14f38b34d5515d35591fe752eeab7780

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Fri, 08 Oct 2021 21:02:18 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"3cf8-5cdddb1d6f352"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
15608
icon2.png
chpromotion.com/a/a69/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/icon2.png
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
688aa4443fd103dd4eba9512fbd4a0ff2c47b8ebbd4b8c8d4aaef45f4e4f48b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Fri, 10 Apr 2020 00:35:28 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"3a92-5a2e4e8f40270"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
14994
icon3.png
chpromotion.com/a/a69/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/icon3.png
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
f30bf2284e7872587d6aa890cc2611f01e4be6a2fcfdc0003d63c6fa137745c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Fri, 10 Apr 2020 00:35:28 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"5233-5a2e4e8f517c8"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21043
repair_b.png
chpromotion.com/a/a69/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/repair_b.png
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
55ce9fac6fd33806706c6ff4217d7b8f64cac5a01a254678c618653290246e14

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Wed, 22 Aug 2018 16:39:31 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"15b4-57408c96875b9"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
5556
replace_b.png
chpromotion.com/a/a69/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/replace_b.png
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
730c5d97e41062200f45c92eea2b08a6bc1e4eb8cbba2c6725c1a2c291fdbf9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Wed, 22 Aug 2018 16:39:31 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"1128-57408c96748f1"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
4392
24_b.png
chpromotion.com/a/a69/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/24_b.png
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
bf8b3266cbaee48fb45839db1e2517b1436e8adb3e134cbbe796ee1c4459183c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Wed, 22 Aug 2018 16:39:31 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"1265-57408c969ae39"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
4709
api.js
www.google.com/recaptcha/ 		850 B
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
142d7e946013c923e6530d5ac543354d09611339c9b8093282f5dcae721aaaff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
557
x-xss-protection
1; mode=block
expires
Mon, 02 May 2022 04:30:33 GMT
jquery.validate.js
chpromotion.com/a/a69/ 		38 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chpromotion.com/a/a69/jquery.validate.js
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
93f6ce56be9b5d1cc8f0462801eebf1f4612ed1c5e9e0a389072c7b3fabee5b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:32 GMT
Last-Modified
Mon, 02 Apr 2018 18:07:58 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"999b-568e17840db80"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
39323
conversion.js
www.googleadservices.com/pagead/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
6674896ccb1aea47c71591bef2bc25bfac1bee813a084ebc16b821167c7e4b8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17225
x-xss-protection
0
server
cafe
etag
4638559076780058889
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 02 May 2022 04:30:33 GMT
Accutrak.js
d11tldh9zr4z08.cloudfront.net/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11tldh9zr4z08.cloudfront.net/Accutrak.js
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:8200:d:69b0:4e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4 /
Resource Hash
5d5f9654fbf38d5d039ba2743bb47a0067a1e020a61ef5b43dd9c3059cd94424

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 03:17:47 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 23:25:55 GMT
server
Apache/2.4
age
4369
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-cache-info
caching
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
uKIQVYF8kJNQ8DCHzlFtOwAfyc_xeg6Zc-jyF-2lWyki5zfd8lByvg==
D24328ECFA2D48.js
cdn.datasteam.io/js/ 		66 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datasteam.io/js/D24328ECFA2D48.js
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.213.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-213-78.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28b08132faf772ccb6b98ecfb02a099582c5823b27e13c5c663e0142de89d634

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 01:37:37 GMT
via
1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jan 2022 21:45:54 GMT
server
AmazonS3
age
10377
etag
"d89d22e28d4dcdcffb56f904f07766fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=600,s-maxage=86400
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-length
67411
x-amz-cf-id
fVTHu6ebQFXfyJgkLc51rjW4bmfEedWSXJJskP10nhDeoThPrf7ctg==
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.226.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-226-150.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Sun, 01 May 2022 19:33:09 GMT
Via
1.1 ab95c5a0dcf51f52101ed4d59d15a2a2.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
32245
ETag
"98d98b3499058b76d58073cf8ede2f10"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
JFK51-C1
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
k3U0H6Lm5J7tVCgaep83ex3YMWrhikCunE3fgvZHbX0DQ6BdNRH-tQ==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6898183-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6397
date
Mon, 02 May 2022 02:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 02 May 2022 04:43:56 GMT
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1038983633&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6898183-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4bcce324596e1098e9544d244abd62384a1df54f54a23b8efee7a3db72604846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42290
x-xss-protection
0
last-modified
Mon, 02 May 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 May 2022 04:30:33 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1038983633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14897
x-xss-protection
0
server
cafe
etag
9926226332162747720
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 02 May 2022 04:30:33 GMT
sv.js
track.securedvisit.com/js/ 		61 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.securedvisit.com/js/sv.js
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.194.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-194-150.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
a723795e6fd1ba833ac856a4f53046a643c57d7ac5b8d13bb4f32ae25a9144e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:30:33 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 04:30:33 GMT
server
nginx/1.20.2
etag
W/"495a88c5195a6589bf957e39b51038c9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
proxy-revalidate, no-cache, private, must-revalidate, max-age=0
expires
Mon, 02 May 2022 04:30:33 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=547656&u=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&f=1&r=0.2243033916266246
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gsc1 /
Resource Hash
4be14a2da128616076611d6ed33a084f6301c2519ae51212bdeb0689c581974a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 04:30:33 GMT
via
1.1 google
server
gsc1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
promo_header.png
chpromotion.com/a/a69/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/promo_header.png
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
8dd9fbc4a01fb5d05354da7874afc87bbb88836b761a8146b5e830b22d8104f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Fri, 25 Mar 2022 14:23:57 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"4df9-5db0bb687af33"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
19961
bg3.jpg
chpromotion.com/a/a69/images/ 		693 KB
694 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/bg3.jpg
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
a96e4d881a42b49523b85ace2f5e83208ec216c8755869a80e3adcde1e801482

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Fri, 10 Apr 2020 00:32:08 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"ad5f7-5a2e4dd09cee0"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
710135
4iCv6KVjbNBYlgoCxCvjsGyI.ttf
fonts.gstatic.com/s/ubuntu/v20/ 		71 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyI.ttf
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8028af7c8cee2ac392a7c81755aadb2967e275bf63af64c1aae2a6667da3cd50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
Origin
https://chpromotion.com
accept-language
en-US,en;q=0.9
User-Agent
NIT/atrax-1.0

Response headers

date
Wed, 27 Apr 2022 21:07:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36778
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 21:07:40 GMT
4iCs6KVjbNBYlgoKfw7z.ttf
fonts.gstatic.com/s/ubuntu/v20/ 		79 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw7z.ttf
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,500,700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d647420bc8c9d42901303aed4a7b915ddaee0f67f74b0021d2d45d8f1a7bd1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
Origin
https://chpromotion.com
accept-language
en-US,en;q=0.9
User-Agent
NIT/atrax-1.0

Response headers

date
Wed, 27 Apr 2022 19:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42524
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 19:32:17 GMT
fontawesome-webfont.woff
chpromotion.com/a/a69/bootstrap/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://chpromotion.com/a/a69/bootstrap/fonts/fontawesome-webfont.woff?v=4.0.1
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/bootstrap/css/font-awesome.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
c151a7e68aedc7bd4d84cb2096e92ee2f055c16be01c2ba027acd38b6cc9d52a

Request headers

Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
Origin
https://chpromotion.com
accept-language
en-US,en;q=0.9
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Mon, 02 Apr 2018 18:07:58 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"adbc-568e17840db80"
Content-Type
font/woff
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
44476
Expires
Tue, 02 May 2023 04:30:33 GMT
espn.png
chpromotion.com/a/a69/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/espn.png
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
90dc1edaca43e2e886e6e556485fa4f2d9bbb86193f9d8d6b3b1b5b087bb140c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Thu, 12 Apr 2018 19:16:41 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"4586-569ab9873e645"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
17798
fox.png
chpromotion.com/a/a69/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/fox.png
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
d3573cda52041247cfe2bec3dd48b363196a581a5aa0686f6cd74a5f96bb090f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Thu, 12 Apr 2018 19:16:41 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"49cc-569ab9871986a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
18892
tvland.png
chpromotion.com/a/a69/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/tvland.png
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
10bef3f85822237893d33ac7eed079f59191bf1457d08309401afc43a1902d50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Thu, 12 Apr 2018 19:16:41 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"47a3-569ab9872bd64"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
18339
lifetime.png
chpromotion.com/a/a69/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/lifetime.png
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
6d97fccd01135ed97a465ce2d65e3d5993c7b240b06a7638b3fec90424f6252a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Thu, 12 Apr 2018 19:16:41 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"41bd-569ab98707759"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
16829
universalhd.png
chpromotion.com/a/a69/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chpromotion.com/a/a69/images/universalhd.png
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.84.216 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
ec286d9204d650f3688680ab7df9b05406c4baddb997cf762d2fedd7b5084365

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Last-Modified
Thu, 12 Apr 2018 19:16:41 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"49b3-569ab98750756"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
18867
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/?random=1651465833204&cv=9&fst=1651465833204&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&tiba=Choice%20Home%20Warranty&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe8a588b8478ba2e6da15c70eb20c0b0183fe66d7e211f98a3ed34b77fe0c9b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1039
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
bid.g.doubleclick.net/xbbe/ Frame 9103 		0
563 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chpromotion.com/
Upgrade-Insecure-Requests
1
User-Agent
NIT/atrax-1.0
accept-language
en-US,en;q=0.9
referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=ISO-8859-1
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 04:30:33 GMT
expires
Mon, 02 May 2022 04:30:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
choicehomewarranty.jsp
www.upsellit.com/active/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upsellit.com/active/choicehomewarranty.jsp
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P69ZDD7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.39.117.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d8fb139ed05fd87969b1996ac522beb739baee1206b0aa2d91e33548097f26db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
server
nginx
age
43600
date
Sun, 01 May 2022 16:23:53 GMT
vary
Accept-Encoding
content-type
application/x-javascript;charset=ISO-8859-1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11131
expires
Mon, 02 May 2022 16:23:53 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038983633/?random=1651465833238&cv=9&fst=1651465833238&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&tiba=Choice%20Home%20Warranty&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c84f7f78bd01feac8c299aa0a64ea7c97fae892d68217083db5d4669fedc032
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1067
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
accept-language
en-US,en;q=0.9
User-Agent
NIT/atrax-1.0
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6963
date
Mon, 02 May 2022 02:34:30 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 02 May 2022 04:34:30 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1379996036&t=pageview&_s=1&dl=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&ul=en-us&de=UTF-8&dt=Choice%20Home%20Warranty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1317178165&gjid=1737561590&cid=454021545.1651465833&tid=UA-6898183-1&_gid=197383341.1651465833&_r=1&gtm=2ou4r0&z=787397368
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
accept-language
en-US,en;q=0.9
User-Agent
NIT/atrax-1.0
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:30:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://chpromotion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.securedvisit.com/ 		43 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.securedvisit.com/?sv_dt=2022-05-02T04%3A30%3A33.346Z&sv_cid=2810_03958&sv_title=Choice%20Home%20Warranty&sv_referrer=&sv_url=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&sv_keywords=&sv_tzOffset=0000&sv_inframe=false&sv_ver=1.9.1&sv_session=038a45d94f4a88f78a5b0a3dffa45bad&sv_first=true&sv_px_domain_data=%7B%22sid_found%22%3Afalse%2C%22ver%22%3A%221.0.0%22%2C%22sid_val%22%3A%22YszMon0LRHFrpuObx3gDWJUQm%22%7D
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.194.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-194-150.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:30:33 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.20.2
content-length
43
content-type
image/gif
recaptcha__en.js
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ 		360 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1ac660767f0b902644fec786e9321a1fc2f2d50fac439eaaca062fb60d88124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
Origin
https://chpromotion.com
accept-language
en-US,en;q=0.9
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 01:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145349
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 04:02:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 May 2023 01:07:55 GMT
tag-446ada51520465c641c2a23635f50489.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 		167 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-446ada51520465c641c2a23635f50489.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=547656&u=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&f=1&r=0.2243033916266246
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gsc1 /
Resource Hash
a7d80f9db0ee943aa27a9798227bea64cf26b594e4ec942bd468e9edc0c4988e

Request headers

Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
Origin
https://chpromotion.com
accept-language
en-US,en;q=0.9
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:32 GMT
content-encoding
br
last-modified
Fri, 29 Apr 2022 15:44:27 GMT
server
gsc1
etag
"626c07db-bbfd"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48125
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=547656&d=chpromotion.com&u=D79ECE7B192E679FE7FE20996C2299560&h=9f5cb22b90c9058297c2f35bc52886f3&t=false&r=0.7066621308626582
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:30:33 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
/
www.google.com/pagead/1p-user-list/1038983633/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1038983633/?random=1651465833238&cv=9&fst=1651464000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&tiba=Choice%20Home%20Warranty&async=1&fmt=3&is_vtc=1&random=1017565580&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:30:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1038983633/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1038983633/?random=1651465833204&cv=9&fst=1651464000000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&tiba=Choice%20Home%20Warranty&fmt=3&is_vtc=1&random=569979296&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:30:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
in.php
win.staticstuff.net/ 		219 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win.staticstuff.net/in.php?site_id=101157556&type=pageview&href=%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&title=Choice%20Home%20Warranty&res=1600x1200&lang=en&jsuid=3636815720&mime=js&x=0.5625009518745507
Requested by
Host: d11tldh9zr4z08.cloudfront.net
URL: https://d11tldh9zr4z08.cloudfront.net/Accutrak.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.145.13.12 Portland, United States, ASN2044 (DF-PTL01, US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash
1f4e94b768ac65ed9500996927c1abb05f263a029afaf2c26436bec081b1ecf2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:33 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
ga-audiences
www.google.com/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=150318786&utmhn=chpromotion.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Choic...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6898183-1&cid=454021545.1651465833&jid=2082197429&_v=5.7.2&z=150318786
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=454021545.1651465833&jid=2082197429&_v=5.7.2&z=150318786
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=454021545.1651465833&jid=2082197429&_v=5.7.2&z=150318786
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H3
Server
2607:f8b0:4006:806::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:30:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 02 May 2022 04:30:33 GMT
location
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6898183-1&cid=454021545.1651465833&jid=2082197429&_v=5.7.2&z=150318786
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
366
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
vOUgQLScmcoxY1WQAvV7HSiJOt1rjHscTjbNycPgl8fhpWG+/5XnxPizXOF3Ry0wDlQmWE/cfIllbuS5QAPycg==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 02 May 2022 04:30:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 03570257B5694202AD84A9A769B76567 Ref B: MIAEDGE2809 Ref C: 2022-05-02T04:30:33Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Mon, 02 May 2022 04:30:33 GMT
accept-ranges
bytes
content-length
11333
script.js
cdn.listrakbi.com/scripts/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.43.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-43-9.ewr52.r.cloudfront.net
Software
cloudflare / ASP.NET
Resource Hash
013287593e02fd614cd411b1af14e40da412669bda9c8cac435947509bbee737

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Mon, 02 May 2022 04:30:33 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-AspNet-Version
4.0.30319
Age
48
X-Powered-By
ASP.NET
X-Cache
Hit from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection
keep-alive
Content-Length
23222
Last-Modified
Mon, 02 May 2022 04:03:10 GMT
Server
cloudflare
X-ltk
5/2/2022 12:09:07 AM
ETag
"M5J9mPiZQ9PtCMO5no1EHg=="
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 ba93d64cb248ed4a264c9ee401175456.cloudfront.net (CloudFront)
Cache-Control
public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop
EWR52-C4
Accept-Ranges
bytes
CF-RAY
704de651ed045752-IAD
X-Amz-Cf-Id
pI7qDLJTWeJ-zphtBWj9EEPMZt3YjlC6waxMTTcYDj7T0ox1HQdRIQ==
Expires
Mon, 02 May 2022 05:29:45 GMT
widget_async.js
d3rr3d0n31t48m.cloudfront.net/widget/
Redirect Chain
  • https://shop.pe/widget/widget_async.js
  • https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Server
54.230.102.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-8.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
230841fdf346d5e4e598d64d343459b6c71f68881e5eb3b4d1876e85746e7d6a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 03:51:30 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 13:50:48 GMT
server
AmazonS3
age
2344
etag
"c382b6092ad72b819bb4604375c70f99"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
905
x-amz-cf-id
7x85y11pfnHk7FT-2wu3KIx412TYsugIrjdpsfAqLOJ1HYBpInW-UQ==
x-amz-meta-mtime
1650549047.02

Redirect headers

content-security-policy
frame-ancestors none;
via
1.1 google
referrer-policy
no-referrer-when-downgrade
server
nginx
date
Mon, 02 May 2022 04:30:33 GMT
x-frame-options
deny
content-type
text/html
location
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
178
iu3
s.amazon-adsystem.com/ Frame AD49
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3...
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3...
65 B
686 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=964389696365346200&dcc=t
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://chpromotion.com/
Upgrade-Insecure-Requests
1
User-Agent
NIT/atrax-1.0
accept-language
en-US,en;q=0.9
referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
65
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 02 May 2022 04:30:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
KKWT66NADX25NHF9FAPF

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 02 May 2022 04:30:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D3b289a46-9b76-58a9-88f0-c89b1606534d%26type%3D82%26m%3D1&ex-fch=416613&ex-src=https://www.choicehomewarranty.com/&ex-hargs=v%3D1.0%3Bc%3D6293635390601%3Bp%3D3B289A46-9B76-58A9-88F0-C89B1606534D&cb=964389696365346200&dcc=t
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
40XX1ERBX2KN48ZVSDHA
collect
stats.g.doubleclick.net/j/ 		2 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6898183-1&cid=454021545.1651465833&jid=1317178165&gjid=1737561590&_gid=197383341.1651465833&_u=YEBAAUAAAAAAAC~&z=564355345
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
accept-language
en-US,en;q=0.9
User-Agent
NIT/atrax-1.0
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 02 May 2022 04:30:33 GMT
content-type
text/plain
access-control-allow-origin
https://chpromotion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag-06337d1e33a334413c00e03204d374d2.js
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-06337d1e33a334413c00e03204d374d2.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-446ada51520465c641c2a23635f50489.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gsc1 /
Resource Hash
56aacd395b7eeb72f218dd80a7e1bf54bb9817107a70ec13575bdceae190ade4

Request headers

Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
Origin
https://chpromotion.com
accept-language
en-US,en;q=0.9
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:33 GMT
content-encoding
br
last-modified
Fri, 29 Apr 2022 15:44:27 GMT
server
gsc1
etag
"626c07db-682e"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26670
via
1.1 google
settings.js
dev.visualwebsiteoptimizer.com/ 		2 KB
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=547656&settings_type=1&vn=7.0&r=0.8998515572597374&exc=17|48
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-446ada51520465c641c2a23635f50489.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gsc1 /
Resource Hash
7cbb01f94a09b22659ac64255cbc8b2b9a3c73a74cfe41b7a344e340a62a3c84

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:33 GMT
via
1.1 google
server
gsc1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
worker-70faafffa0475802f5ee03ca5ff74179.js
dev.visualwebsiteoptimizer.com/analysis/ 		47 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-446ada51520465c641c2a23635f50489.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gsc1 /
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:33 GMT
content-encoding
br
last-modified
Fri, 29 Apr 2022 15:44:27 GMT
server
gsc1
etag
"626c07db-351f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13599
via
1.1 google
5223598.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5223598.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CB920D648A5D4C7EA4D1D6C73788B150 Ref B: MIAEDGE2809 Ref C: 2022-05-02T04:30:33Z
date
Mon, 02 May 2022 04:30:33 GMT
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5223598&Ver=2&mid=97b43267-8c12-48af-a9fb-6bd7767d7ba1&sid=9b4761c0c9d011ec851a67948129c798&vid=9b4782f0c9d011ec9e8b2d25c9147172&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Choice%20Home%20Warranty&p=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&r=&lt=1580&evt=pageLoad&msclkid=N&sv=1&rn=497859
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C3FE22EBCAF34E99983CB18977D3D5BF Ref B: MIAEDGE2809 Ref C: 2022-05-02T04:30:33Z
date
Mon, 02 May 2022 04:30:33 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6898183-1&cid=454021545.1651465833&jid=1317178165&_u=YEBAAUAAAAAAAC~&z=1199664131
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:30:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getIds
s1.listrakbi.com/3QgckfkNYGiq/session/ 		175 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.listrakbi.com/3QgckfkNYGiq/session/getIds?callback=ltkCallback7379&gsid=&_sid=&_tid=564543&ps=null&dps=true
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dd6a1d28cc754f572d15e95ff3afc77cf92ca7f6c61961abbb541bdb289db6a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

pragma
no-cache
date
Mon, 02 May 2022 04:30:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache
cf-ray
704e05b61de809f6-MIA
expires
-1
1374492936214348
connect.facebook.net/signals/config/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1374492936214348?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a3e8569cdb67ea0a9b9d936f6abe68a0a2c70e893de739bcf7d0c85348c7793
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
10709
x-xss-protection
0
pragma
public
x-fb-debug
h+BFZ8s1+kFvxqsy3JQo7OHAWgr2RL/p/3OkOVMXWGBg6akpI5YtXB/5ImuRSfDyYLPY+PKe83YhUpeGc4kUQw==
x-frame-options
DENY
date
Mon, 02 May 2022 04:30:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
triggerRunner.js
d3rr3d0n31t48m.cloudfront.net/widget/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c2be5aa
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-8.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
380ef284cc9c44f82f786f246a822011a779932c9cd2ee34c451182ec2952468

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Thu, 21 Apr 2022 13:51:23 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 13:50:50 GMT
server
AmazonS3
age
916751
etag
"9019e123fd9c272f560bda9cec9f17df"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
3759
x-amz-cf-id
rlgIS9qzD3c-8hz--e3oIH5_znxH_Sm0Z5mr7VnBZ0njgPEDnirrqw==
x-amz-meta-mtime
1650549046.9
widget.js
d3rr3d0n31t48m.cloudfront.net/widget/ 		180 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4e31456
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-8.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33a309871cd723df6e7010d500cdcbc67ad1f8094e2fc9b0774836c0349aa7ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Thu, 21 Apr 2022 13:51:23 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 13:50:49 GMT
server
AmazonS3
age
916752
etag
"19899c0ce41dbb93b46df4cd8b5b7cbd"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
47187
x-amz-cf-id
xH2rrRmlHQC9JEyvHnFPipMcI-trlhDH8dgUpMFjfsuveuZOgwI0vg==
x-amz-meta-mtime
1650549044.09
3QgckfkNYGiq
at1.listrakbi.com/activity/ 		111 B
622 B 		Script
General
Check archive.org
Download Go to
Full URL
https://at1.listrakbi.com/activity/3QgckfkNYGiq
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
404864db1fed091044ca377a56215e06967149d12ee857d00f932bbefd517a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/javascript; charset=utf-8
cache-control
private
cf-ray
704e05b6dec809f6-MIA
update
sca1.listrakbi.com/3QgckfkNYGiq/cart/ 		44 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sca1.listrakbi.com/3QgckfkNYGiq/cart/update?gsid=8d649651-de71-4f82-89b5-e9243e213cd6&_sid=57d387f1-0a6c-4399-b861-003b81e1e418&_tid=564543&_uid=E21B2243-D8ED-4DD8-ADE1-2825F115B959&s_0=warranty-quote&q_0=1&p_0=1.00&n_0=Warranty%20Quote
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/gif
cache-control
no-cache
cf-ray
704e05b6dec509f6-MIA
content-length
44
/
www.facebook.com/tr/ 		44 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1374492936214348&ev=PageView&dl=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&rl=&if=false&ts=1651465834049&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=28&fbp=fb.1.1651465834047.948857628&it=1651465833893&coo=false&exp=p0&rqm=GET
Requested by
Host: chpromotion.com
URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 02 May 2022 04:30:34 GMT
3QgckfkNYGiq
at1.listrakbi.com/activity/ 		111 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://at1.listrakbi.com/activity/3QgckfkNYGiq?vuid=67147cb9-1a3f-414a-8d29-ced6cb3bcd84&uid=D37DAD61-7593-4310-9379-D1388A08CB90&gsid=8d649651-de71-4f82-89b5-e9243e213cd6&sid=57d387f1-0a6c-4399-b861-003b81e1e418&_t_0=at&t_0=ProductBrowse&k_0=warranty-quote
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
404864db1fed091044ca377a56215e06967149d12ee857d00f932bbefd517a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/javascript; charset=utf-8
cache-control
private
cf-ray
704e05b77f7709f6-MIA
3QgckfkNYGiq
at1.listrakbi.com/activity/ 		111 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://at1.listrakbi.com/activity/3QgckfkNYGiq?vuid=67147cb9-1a3f-414a-8d29-ced6cb3bcd84&uid=76CD1607-1F47-4519-B6FC-0634FBACA285&gsid=8d649651-de71-4f82-89b5-e9243e213cd6&sid=57d387f1-0a6c-4399-b861-003b81e1e418&_t_0=at&t_0=Identification&k_0=3&_t_1=at&t_1=Identification&k_1=4&_t_2=at&t_2=Identification&k_2=5
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
404864db1fed091044ca377a56215e06967149d12ee857d00f932bbefd517a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/javascript; charset=utf-8
cache-control
private
cf-ray
704e05b77f7909f6-MIA
/
match.adsrvr.org/track/upb/ Frame BD37
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=zl9kfqh1&ref=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&upid=7h0r1mr&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=zl9kfqh1&ref=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&upid=7h0r1mr&upv=1.1.0
947 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=zl9kfqh1&ref=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&upid=7h0r1mr&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
783fa28792c8e43a37eebe30530d859d959678740b061cb5049bcbd22800c2dc

Request headers

Referer
https://chpromotion.com/
Upgrade-Insecure-Requests
1
User-Agent
NIT/atrax-1.0
accept-language
en-US,en;q=0.9
referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 04:30:34 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 04:30:34 GMT
location
https://match.adsrvr.org/track/upb/?adv=zl9kfqh1&ref=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&upid=7h0r1mr&upv=1.1.0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
params
shop.pe/widget/main/init/ 		260 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.pe/widget/main/init/params?siteid=5db99fcfbbddbd09cdf02f85&product=Choice%20Home%20Warranty&product_url=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&rand=62049&cookie=&referer=
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4e31456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b2cb2bfc4c838ca14a5b99a96ddc98b252967074cf81310b6ae190fe895546a0
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:34 GMT
content-encoding
gzip
access-control-allow-origin
https://my.addshoppers.com
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced
false
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
deny
etag
W/"080aa8498c201528c70ffd1f32897cc6e1608d40"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
via
1.1 google
access-control-allow-credentials
true
content-security-policy
frame-ancestors none;
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
3QgckfkNYGiq
at1.listrakbi.com/activity/ 		111 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://at1.listrakbi.com/activity/3QgckfkNYGiq?vuid=67147cb9-1a3f-414a-8d29-ced6cb3bcd84&uid=EEC7B0DF-01D8-4BBF-855C-9C80D57B2C85&gsid=8d649651-de71-4f82-89b5-e9243e213cd6&sid=57d387f1-0a6c-4399-b861-003b81e1e418&_t_0=at&t_0=PageBrowse&k_0=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=3QgckfkNYGiq&v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
404864db1fed091044ca377a56215e06967149d12ee857d00f932bbefd517a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/javascript; charset=utf-8
cache-control
private
cf-ray
704e05b8c8d409f6-MIA
params
shop.pe/widget/main/init/ 		892 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.pe/widget/main/init/params?siteid=5db99fcfbbddbd09cdf02f85&product=Choice%20Home%20Warranty&product_url=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&callback=AddShoppersWidget.load_widget&rand=18347&cookie=2%7C1%3A0%7C10%3A1651465834%7C15%3Aaddshoppers.com%7C44%3AZTMyNTg0NGNkMjg1NDQ3NWJkOGZhZWUwNzRhMzg3NTY%3D%7Cff66aca26f22f5ea05d8e422b29eb564d091318803000b24b57fff2f44697ed4&referer=
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4e31456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
884f431329b1024d8eddb62fb84733c624034c7485de08492a38336c3768eccb
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:34 GMT
content-encoding
gzip
access-control-allow-origin
https://my.addshoppers.com
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced
false
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
deny
etag
W/"12305892ae4b530c51e4cf38fe16c4253ec11cf5"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
via
1.1 google
access-control-allow-credentials
true
content-security-policy
frame-ancestors none;
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
input.js
shopper.shop.pe/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shopper.shop.pe/input.js
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.54.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bc1f719ad8a9fb36c5f164463ae53ad79a27e84143b027da42c6ee08021ff399

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 00:36:53 GMT
content-encoding
gzip
age
14021
x-guploader-uploadid
ADPycds8E8VMBrXaRgis2OXdpqXCRXsJQM7ItSE_GheX4YljFFqR7zDBk7f6gAtZ_e-eOpJftMTL7h2FZ9_9Waoupt_uG2b3n5E0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8883
last-modified
Thu, 21 Apr 2022 13:54:28 GMT
server
UploadServer
etag
"59ca2c390b4a140196dd06ead7968dd5"
vary
Accept-Encoding
x-goog-hash
crc32c=BLS7fA==, md5=WcosOQtKFAGW3Qbq15aN1Q==
x-goog-generation
1650549267910243
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=14400
x-goog-stored-content-length
8883
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Mon, 02 May 2022 04:36:53 GMT
iframe
nytrng.com/ Frame 14B6 		414 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=e325844cd2854475bd8faee074a38756
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4e31456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.128.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a954c1fc80b8251dc.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
8f850325052ad8ecda56cd41349052f47a3e61dcf1f816ca71584b588d827b02

Request headers

Referer
https://chpromotion.com/
Upgrade-Insecure-Requests
1
User-Agent
NIT/atrax-1.0
accept-language
en-US,en;q=0.9
referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB

Response headers

content-length
414
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 04:30:34 GMT
server
gunicorn
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame BD37 		487 B
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=zl9kfqh1&ref=https%3A%2F%2Fchpromotion.com%2Fa%2Fa69%2Findex.php%3Futm_source%3Dspdlfm%26utm_campaign%3D690131%26token%3D1260438682&upid=7h0r1mr&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.226.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-226-150.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

Date
Sun, 01 May 2022 06:24:34 GMT
Via
1.1 ab95c5a0dcf51f52101ed4d59d15a2a2.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
Age
79561
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
JFK51-C1
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
cPwkUrWtDWAER5eVJG96-qAZpkWHZsRDlBKW4SmSWIrSGvhBZGoMxA==
generic
match.adsrvr.org/track/cmf/ Frame 7A3A
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=dbaa593b-8c52-47e8-9964-bf8028989934&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=dbaa593b-8c52-47e8-9964-bf8028989934&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
70 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
NIT/atrax-1.0
accept-language
en-US,en;q=0.9
referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 02 May 2022 04:30:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
DCS
dcs-prod-va6-1-v031-074ddee15.edge-va6.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ejeWUWxHSvc=
generic
match.adsrvr.org/track/cmf/ Frame DEE4
Redirect Chain
  • https://tags.bluekai.com/site/5386?id=dbaa593b-8c52-47e8-9964-bf8028989934&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
70 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
NIT/atrax-1.0
accept-language
en-US,en;q=0.9
referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 02 May 2022 04:30:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

BK-Server
61fb
Connection
keep-alive
Content-Length
0
Date
Mon, 02 May 2022 04:30:34 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
rubicon
match.adsrvr.org/track/cmf/ Frame F209
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dbaa593b-8c52-47e8-9964-bf8028989934&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
NIT/atrax-1.0
accept-language
en-US,en;q=0.9
referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 02 May 2022 04:30:34 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
content-length
0
consent
shop.pe/query/datareg/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shop.pe/query/datareg/consent
Requested by
Host: shopper.shop.pe
URL: https://shopper.shop.pe/input.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:34 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
data-regulation-gdpr-enforced
false
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
deny
etag
"da39a3ee5e6b4b0d3255bfef95601890afd80709"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
HEAD, GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Data-Regulation-Gdpr-Enforced
content-security-policy
frame-ancestors none;
access-control-allow-headers
X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced
pl.2.2.min.js
cdn.nytrng.com/ Frame 14B6 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.nytrng.com/pl.2.2.min.js
Requested by
Host: nytrng.com
URL: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=e325844cd2854475bd8faee074a38756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-28.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d49d2a6dc89c60b16d37b5c050c401a95e54b48865c33518d11aa49f4aef01aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

x-amz-version-id
8orrD9zEZlFOFms3PR7pDugsAN7irKg0
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jul 2021 10:09:45 GMT
server
AmazonS3
age
1612278
etag
"1ba5d1971ac96b0ca46300a7cb63b363"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Wed, 13 Apr 2022 12:39:18 GMT
x-amz-cf-pop
EWR53-C2
accept-ranges
bytes
content-length
7518
x-amz-cf-id
1RGThoOF-3qO5ZG05Em6Ek-G5fCzcyGspfhEpEUqcK3v_MzhWwOJ6A==
f62f39eb161588b280844704a1840c4b
nytrng.com/mper/ Frame 14B6
Redirect Chain
  • https://nytrng.com/mper
  • https://nytrng.com/mper/f62f39eb161588b280844704a1840c4b
58 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nytrng.com/mper/f62f39eb161588b280844704a1840c4b
Protocol
H2
Server
99.83.128.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a954c1fc80b8251dc.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
69b2951814ee65944a56f57b38bf1dfa012750e89faeb88f75f85183f6a8dc9f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
User-Agent
NIT/atrax-1.0

Response headers

date
Mon, 02 May 2022 04:30:35 GMT
server
gunicorn
content-length
58
content-type
application/json

Redirect headers

location
https://nytrng.com/mper/f62f39eb161588b280844704a1840c4b
date
Mon, 02 May 2022 04:30:35 GMT
server
gunicorn
content-length
318
content-type
text/html; charset=utf-8
lst
nytrng.com/ Frame 14B6 		207 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nytrng.com/lst
Requested by
Host: cdn.nytrng.com
URL: https://cdn.nytrng.com/pl.2.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.128.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a954c1fc80b8251dc.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
485bd1faad7fe16f91dc062fb46203e0d8d9d9f551ee547c8653989d26b1a0a3

Request headers

Referer
https://mail.google.com/mail/u/0/#spam/WhctKKXXFslgBMswnQfHSgVbPgcmHPVhHwWkGqrxCfzZTbbNwwCtslsMlVbbSMcgpTqRdsB
accept-language
en-US,en;q=0.9
User-Agent
NIT/atrax-1.0
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 02 May 2022 04:30:35 GMT
server
gunicorn
vary
Origin
p3p
CP="NOI OUR BUS UNI COM NAV"
access-control-allow-origin
https://nytrng.com
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
207
expires
Mon, 02 May 2022 04:30:36 GMT

Verdicts & Comments Add Verdict or Comment

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| analytics_tag object| dataLayer function| adwords_tag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| PopIt function| UnPopIt object| _svq number| settings_timer number| _vwo_settings_timer object| _vwo_code function| doTrk function| doCalculate function| doCalculate2 object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| google_trackConversion object| GooglebQhCsO object| Accutrak_obj object| Accutrak object| Accutrak_custom object| Accutrak_site_ids object| _genericStats object| _genericStatsCustom string| gaJsHost object| gaplugins object| gaGlobal object| gaData object| sv_px object| _svData object| _svt function| hasOwnProperty object| usi_commons object| usi_cookies object| usi_url object| usi_dom boolean| usi_cookieless object| usi_app object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid number| _vwo_library_timer string| _vis_opt_file string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| _vwo_pa object| VWOOmni string| _vwo_worker_cb object| _gat object| _gaq object| pageTracker function| fbq function| _fbq object| uetq function| ttd_dom_ready function| TTDUniversalPixelApi string| biJsHost object| AddShoppersWidgetOptions object| js object| _pix string| protocol number| a function| numbersOnly function| _MGX_LU function| _MGX_LG object| MGX object| __MGX__ object| MGX_API object| MGX_DATA function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| __nls number| ___vwo function| UET function| UET_init function| UET_push object| ueto_af66e34b0b object| recaptcha function| _Utilities function| AsyncManager function| AsyncCall function| Identity function| LTK function| _Order function| _TRKT function| _Product function| _Customer function| _Client function| _Assembler function| _LTKClick function| _LTKSubscriber function| _Profile function| _ProfileItem function| _LTKSignup function| isWatermark function| SessionTracker function| SCAItem function| getCookieDomain function| _Session object| OnescriptAuthClassRegistry function| initializeOnescriptAuthIntegration function| CustomEventsClassRegistry function| initializeCustomEventsIntegration function| CustomEventsApi function| CustomEventsHttpClient function| tapToJoinHandler string| _protocol object| _ltk_util object| match string| _ltkwmt object| _ltk object| customEventsClassRegistry object| customEvent object| jQueryLoadCall number| _jQueryLoadInterval object| ltkLoadCall number| _ltkLoadInterval number| c_start string| ua object| matched object| browser object| lists function| setCookie function| getCookie object| AddShoppersLoader function| AddShoppersTriggerRunner function| as_cleanse_field function| as_detect_cc function| as_gaPageView function| as_gaSocial function| as_gaEvent function| as_gaSet function| as_logMessage function| as_logError object| _mag object| AddShoppersWidget function| AddShoppersWidget_plus_one object| SchemaParser object| _add number| ieVer object| obj number| AddShoppersWidgetLoaded object| AddShoppersWidgetLang number| c_end object| result boolean| _iml boolean| is_mocked

51 Cookies

Domain/Path Name / Value
.at1.listrakbi.com/activity/3QgckfkNYGiq Name: _vuid
Value: 67147cb9-1a3f-414a-8d29-ced6cb3bcd84
.listrakbi.com/3QgckfkNYGiq Name: gsid
Value: 4acUrr%2bYunk0iGHYTQfwP%2b1TePLs7oKH2XSoezOFbQZfTqeG%2fooJeLwYCGdytGBQankMhFZC5bY%3d
.listrakbi.com/3QgckfkNYGiq Name: scasid
Value: 57d387f1-0a6c-4399-b861-003b81e1e418
chpromotion.com/a/a69 Name: _vuid
Value: 67147cb9-1a3f-414a-8d29-ced6cb3bcd84
.bit.ly/ Name: _bit
Value: m424ut-6d8c5019d153fe97a1-00v
clearlifemind.com/ Name: uid30857
Value: 1260438682-20220502003031-b914c473f7e65d2ca9754e73a464cf23-
chpromotion.com/ Name: COOKIE
Value: !AeJSw+Oof6FT0G/uUVyM9dLmp2wyxKp8uWrr9vTU0n0yBYlZNkVztwru1Vk9b+aFWvmJ3pZgbdkhxw==
.chpromotion.com/ Name: _gcl_au
Value: 1.1.779614234.1651465833
.chpromotion.com/ Name: _ga
Value: GA1.2.454021545.1651465833
.chpromotion.com/ Name: _gid
Value: GA1.2.197383341.1651465833
.chpromotion.com/ Name: _gat_gtag_UA_6898183_1
Value: 1
.chpromotion.com/ Name: _svsid
Value: 038a45d94f4a88f78a5b0a3dffa45bad
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.chpromotion.com/ Name: _vwo_uuid_v2
Value: D79ECE7B192E679FE7FE20996C2299560|9f5cb22b90c9058297c2f35bc52886f3
.chpromotion.com/ Name: _first_pageview
Value: 1
.chpromotion.com/ Name: _jsuid
Value: 3636815720
.chpromotion.com/ Name: __utma
Value: 212881990.454021545.1651465833.1651465834.1651465834.1
.chpromotion.com/ Name: __utmc
Value: 212881990
.chpromotion.com/ Name: __utmz
Value: 212881990.1651465834.1.1.utmcsr=spdlfm|utmccn=690131|utmcmd=(not%20set)
.chpromotion.com/ Name: __utmt
Value: 1
.chpromotion.com/ Name: __utmb
Value: 212881990.1.10.1651465834
.chpromotion.com/ Name: _vis_opt_s
Value: 1%7C
.chpromotion.com/ Name: _vis_opt_test_cookie
Value: 1
.chpromotion.com/ Name: _vwo_uuid
Value: D79ECE7B192E679FE7FE20996C2299560
.chpromotion.com/ Name: _vwo_sn
Value: 0%3A1
.chpromotion.com/ Name: _vwo_ds
Value: 3%3At_0%2Ca_0%3A-1%241651465833%3A26.72526148%3A%3A%3A48_0%2C17_0%3A0
.bing.com/ Name: MUID
Value: 3B6E372C53BF67CF2C2B26B452D36608
.bat.bing.com/ Name: MR
Value: 0
.chpromotion.com/ Name: _uetsid
Value: 9b4761c0c9d011ec851a67948129c798
.chpromotion.com/ Name: _uetvid
Value: 9b4782f0c9d011ec9e8b2d25c9147172
chpromotion.com/ Name: _ltkpdtb
Value: 1
s1.listrakbi.com/ Name: AWSALBCORS
Value: e6GP1psHmFuNtR8EO3gOcs1KmHNU58RX0uFd98zS5GWA9SlWo9x9c2b+EEglIE79GTUI25DWX9+bEI6/01DCrjpIrWQMZKplBtrMR/T3b9MsSsG/xlz+jxn0GEVo
.listrakbi.com/ Name: usid
Value: b74f482535b640708ead5ff01b0366c4
.chpromotion.com/ Name: GSID3QgckfkNYGiq
Value: 8d649651-de71-4f82-89b5-e9243e213cd6
.chpromotion.com/ Name: STSID564543
Value: 57d387f1-0a6c-4399-b861-003b81e1e418
.chpromotion.com/ Name: _fbp
Value: fb.1.1651465834047.948857628
sca1.listrakbi.com/ Name: AWSALBCORS
Value: bdaR0eQgRkxTvlK3HwDiIILgFDuTNnt/Xew7sY7EexaQ8vQ7hH5Y50ZhwJK6XxnKo5bLwJ8J8iytsl2HAbyyrJcq6olZ3trh4/Y2ZiIJMhznC8/8wTYLV/KvVS0u
at1.listrakbi.com/ Name: AWSALBCORS
Value: W1siJxyo7/5BUxsiifTEnG0CL71oDVsjGyHGV/KiWkSEx6hx8rfK1MTmqvHqb7cA0mWpnuoCHeYd4IosPf1W+CgXTOncDkC328zyrESSDLRjng8uUb8AivN7ZVJk
shop.pe/ Name: addshoppers
Value: "2|1:0|10:1651465834|11:addshoppers|44:ZTMyNTg0NGNkMjg1NDQ3NWJkOGZhZWUwNzRhMzg3NTY=|fadf7ff26100675b0feeae524ee1c30a794a655ff6e9be6305ab2790f5ce993d"
chpromotion.com/ Name: addshoppers.com
Value: 2%7C1%3A0%7C10%3A1651465834%7C15%3Aaddshoppers.com%7C44%3AZTMyNTg0NGNkMjg1NDQ3NWJkOGZhZWUwNzRhMzg3NTY%3D%7Cff66aca26f22f5ea05d8e422b29eb564d091318803000b24b57fff2f44697ed4
.adsrvr.org/ Name: TDID
Value: dbaa593b-8c52-47e8-9964-bf8028989934
.demdex.net/ Name: demdex
Value: 13269527420829243143654630978701124653
.rubiconproject.com/ Name: khaos
Value: L2O849LR-1Q-EB9
.rubiconproject.com/ Name: audit
Value: 1|5b4guqW6AYAPH05IbETD2T7C0sEHtzUOuhkvTq9AGlQ8fCYmOTvXg6lunwmcLtyRUf/g3cXiKNtw0S94mtzOH0pB9H8pjytykCdHvyxZSdb82WpllqF4V/12P5glSrdcflNzznJMceK4Q2jftyssV4RwM2Sdy6NYi8N7BAmaQgdJt49mPrPRUFyo1mMSXCQ85kHVXO4iITS/uI9Aj+Yjkr7KKI+4mJy3oGirqm5gUhh8KMm0j6uXBGY3KwFBcKEE94+z9/eToJrLtHkR71fkUv/JTzblBZm7jOq1oSpaE+yma+WVcS1g3g==
.dpm.demdex.net/ Name: dpm
Value: 13269527420829243143654630978701124653
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJy5iWWvQp9x9aXEqNWhSoBeAWnhs8JAPyNVej++l22xssjQZCyjZ6cozRoQyELlsmVkeA17Iy53SzpRufd3++BssbwbSGBW+FN7Y4KPXVJqWD/Arpm7nBHE5cwC5OpttAsZn2DlqVDhrUYDC71+lFOYiAsGZHZVaWsGkl2dXcehOXbb1vD=
.bluekai.com/ Name: bku
Value: YCD99soKqtnj7l/o
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIruOHhNH_1ToQBRIWCgdibHVla2FpEgsIruOHhNH_1ToQBRIWCgdydWJpY29uEgsIruOHhNH_1ToQBRgFIAEoAzILCK7birHn_9U6EAU4AUIEIgIIAVoIemw5a2ZxaDFgAQ..
nytrng.com/ Name: vcnpxid
Value: f62f39eb161588b280844704a1840c4b
nytrng.com/ Name: vcnpxst
Value: w5p4w5XDlcOmw4HDk8Kfw5LCu8OUw5rClsKIf3HClcKLwqDCoMKqwoPCl3PClMKCwo_CjsOiw4PDjMKiw4TDiMOOw5vDmsKtw5LCpcOEw4TCkcKmwpR_w5w

4 Console Messages

Source Level URL
Text
network error URL: https://chpromotion.com/a/a69/spinner.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682(Line 1018)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://chpromotion.com/a/a69/index.php?utm_source=spdlfm&utm_campaign=690131&token=1260438682(Line 1018)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at1.listrakbi.com
bat.bing.com
bid.g.doubleclick.net
bit.ly
cdn.datasteam.io
cdn.listrakbi.com
cdn.nytrng.com
chpromotion.com
clearlifemind.com
connect.facebook.net
d11tldh9zr4z08.cloudfront.net
d3rr3d0n31t48m.cloudfront.net
dev.visualwebsiteoptimizer.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
nytrng.com
pixel.rubiconproject.com
s.amazon-adsystem.com
s1.listrakbi.com
sca1.listrakbi.com
shop.pe
shopper.shop.pe
ssl.google-analytics.com
stats.g.doubleclick.net
tags.bluekai.com
track.securedvisit.com
win.staticstuff.net
www.chwplan.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.upsellit.com
xistpital.co.uk
104.18.7.244
104.76.100.229
13.225.213.78
13.225.226.150
13.226.31.28
142.250.72.98
146.20.84.216
162.221.187.148
172.253.115.157
198.145.13.12
2600:9000:210b:8200:d:69b0:4e00:21
2607:f8b0:4004:c08::9c
2607:f8b0:4006:806::2004
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80f::200a
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81d::2008
2607:f8b0:4006:820::200e
2607:f8b0:4006:823::2002
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
34.117.39.58
34.96.102.137
35.190.54.17
35.227.244.1
44.197.25.138
51.15.154.82
52.22.194.150
52.223.40.198
52.46.130.91
54.230.102.8
67.199.248.11
8.43.72.97
99.83.128.14
99.84.43.9
013287593e02fd614cd411b1af14e40da412669bda9c8cac435947509bbee737
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
10bef3f85822237893d33ac7eed079f59191bf1457d08309401afc43a1902d50
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
142d7e946013c923e6530d5ac543354d09611339c9b8093282f5dcae721aaaff
1f4e94b768ac65ed9500996927c1abb05f263a029afaf2c26436bec081b1ecf2
227b35c3379771751ba64874d186212b74b61206a15b8e7d63a4a56e895526d8
230841fdf346d5e4e598d64d343459b6c71f68881e5eb3b4d1876e85746e7d6a
24a2d68ba9dba0183ffea93a52246f4017d6ec224c6a477ce916263eed8371ff
272091531da7b501938c450b37c0deafda5310f5f9dddf6f0cd2ab49bfe14d5c
28b08132faf772ccb6b98ecfb02a099582c5823b27e13c5c663e0142de89d634
33a309871cd723df6e7010d500cdcbc67ad1f8094e2fc9b0774836c0349aa7ab
380ef284cc9c44f82f786f246a822011a779932c9cd2ee34c451182ec2952468
404864db1fed091044ca377a56215e06967149d12ee857d00f932bbefd517a36
4540fe3d85b175ac7c0272025c164aee14f38b34d5515d35591fe752eeab7780
485bd1faad7fe16f91dc062fb46203e0d8d9d9f551ee547c8653989d26b1a0a3
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
4bcce324596e1098e9544d244abd62384a1df54f54a23b8efee7a3db72604846
4be14a2da128616076611d6ed33a084f6301c2519ae51212bdeb0689c581974a
4d647420bc8c9d42901303aed4a7b915ddaee0f67f74b0021d2d45d8f1a7bd1b
52b860bf171d4c3ddb8c50fe9b1cf48cd6337c07f0b111788d7ba34aad733299
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55ce9fac6fd33806706c6ff4217d7b8f64cac5a01a254678c618653290246e14
56aacd395b7eeb72f218dd80a7e1bf54bb9817107a70ec13575bdceae190ade4
5c2486b3980076f223deebfe8cf6a099283fdbe77c7b1b1ae5df96e07f98cd43
5d5f9654fbf38d5d039ba2743bb47a0067a1e020a61ef5b43dd9c3059cd94424
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6674896ccb1aea47c71591bef2bc25bfac1bee813a084ebc16b821167c7e4b8c
688aa4443fd103dd4eba9512fbd4a0ff2c47b8ebbd4b8c8d4aaef45f4e4f48b0
69b2951814ee65944a56f57b38bf1dfa012750e89faeb88f75f85183f6a8dc9f
6a3e8569cdb67ea0a9b9d936f6abe68a0a2c70e893de739bcf7d0c85348c7793
6d97fccd01135ed97a465ce2d65e3d5993c7b240b06a7638b3fec90424f6252a
730c5d97e41062200f45c92eea2b08a6bc1e4eb8cbba2c6725c1a2c291fdbf9a
783fa28792c8e43a37eebe30530d859d959678740b061cb5049bcbd22800c2dc
79270dfeec80a9831db892c6afa6203afcfcbe58fb78d76c6b610b9b79a45739
7cbb01f94a09b22659ac64255cbc8b2b9a3c73a74cfe41b7a344e340a62a3c84
8028af7c8cee2ac392a7c81755aadb2967e275bf63af64c1aae2a6667da3cd50
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
884f431329b1024d8eddb62fb84733c624034c7485de08492a38336c3768eccb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd9fbc4a01fb5d05354da7874afc87bbb88836b761a8146b5e830b22d8104f5
8f850325052ad8ecda56cd41349052f47a3e61dcf1f816ca71584b588d827b02
90dc1edaca43e2e886e6e556485fa4f2d9bbb86193f9d8d6b3b1b5b087bb140c
93f6ce56be9b5d1cc8f0462801eebf1f4612ed1c5e9e0a389072c7b3fabee5b7
9c84f7f78bd01feac8c299aa0a64ea7c97fae892d68217083db5d4669fedc032
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ac660767f0b902644fec786e9321a1fc2f2d50fac439eaaca062fb60d88124
a723795e6fd1ba833ac856a4f53046a643c57d7ac5b8d13bb4f32ae25a9144e5
a7d80f9db0ee943aa27a9798227bea64cf26b594e4ec942bd468e9edc0c4988e
a96e4d881a42b49523b85ace2f5e83208ec216c8755869a80e3adcde1e801482
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb2bfc4c838ca14a5b99a96ddc98b252967074cf81310b6ae190fe895546a0
bc1f719ad8a9fb36c5f164463ae53ad79a27e84143b027da42c6ee08021ff399
bf8b3266cbaee48fb45839db1e2517b1436e8adb3e134cbbe796ee1c4459183c
c151a7e68aedc7bd4d84cb2096e92ee2f055c16be01c2ba027acd38b6cc9d52a
d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a
d3573cda52041247cfe2bec3dd48b363196a581a5aa0686f6cd74a5f96bb090f
d49d2a6dc89c60b16d37b5c050c401a95e54b48865c33518d11aa49f4aef01aa
d8fb139ed05fd87969b1996ac522beb739baee1206b0aa2d91e33548097f26db
dd6a1d28cc754f572d15e95ff3afc77cf92ca7f6c61961abbb541bdb289db6a3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eb9db958d00a80a0dae60a6e5d7696effb32a50df2d47cdf1a24069e979e90
e61425fc8bc114f0bd6047ff32d77bffdc5825d2c4110d0377df2fa1caa3cfdd
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ec286d9204d650f3688680ab7df9b05406c4baddb997cf762d2fedd7b5084365
edd03ab3a1f8f4fee1f13400764eaa7de9b4ec3da31a2de7f2a5a40e2ea181a7
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee5e6f24e63a934667e065cf35fa4cdb9a1ec3391da17621c3994fdb63bb82ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0777ebcd83d90fcb23e1ddd319a4742e3af06e7e1953fe6f851df61ff3022ac
f30bf2284e7872587d6aa890cc2611f01e4be6a2fcfdc0003d63c6fa137745c7
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
fe8a588b8478ba2e6da15c70eb20c0b0183fe66d7e211f98a3ed34b77fe0c9b0