www.protectionplans.co.uk Open in urlscan Pro
77.68.29.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://l.linklyhq.com/l/1L90x?site
Effective URL:
https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=...
Submission: On September 19 via api (September 19th 2023, 2:50:25 pm UTC) from CA — Scanned from CA

Summary HTTP 61 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 18 domains to perform 61 HTTP transactions. The main IP is 77.68.29.139, located in Kilbirnie, United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is www.protectionplans.co.uk.
TLS certificate: Issued by R3 on July 23rd 2023. Valid for: 3 months.

This is the only time www.protectionplans.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.226.132.161 35.226.132.161	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.252.8.20 34.252.8.20	16509 (AMAZON-02) (AMAZON-02)
16	77.68.29.139 77.68.29.139	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
6	172.253.63.97 172.253.63.97	15169 (GOOGLE) (GOOGLE)
1	142.251.16.95 142.251.16.95	15169 (GOOGLE) (GOOGLE)
1	172.253.63.95 172.253.63.95	15169 (GOOGLE) (GOOGLE)
2	104.16.125.175 104.16.125.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.251.16.103 142.251.16.103	15169 (GOOGLE) (GOOGLE)
2	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
5	23.33.180.211 23.33.180.211	16625 (AKAMAI-AS) (AKAMAI-AS)
4	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
3	172.253.115.102 172.253.115.102	15169 (GOOGLE) (GOOGLE)
2	13.107.226.40 13.107.226.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
1	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
2	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	141.226.124.48 141.226.124.48	200478 (TABOOLA-AS) (TABOOLA-AS)
61	20

1 35.226.132.161 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.132.226.35.bc.googleusercontent.com

l.linklyhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.8.20 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-8-20.eu-west-1.compute.amazonaws.com

leadsensesecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 77.68.29.139 (Kilbirnie, United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: mail.bestcompare.com

www.protectionplans.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.125.175 (None, )

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.16.103 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.33.180.211 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-33-180-211.deploy.static.akamaitechnologies.com

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.115.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.226.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	protectionplans.co.uk www.protectionplans.co.uk	139 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1262 trc.taboola.com — Cisco Umbrella Rank: 907 pips.taboola.com — Cisco Umbrella Rank: 1909 cds.taboola.com — Cisco Umbrella Rank: 2514 trc-events.taboola.com — Cisco Umbrella Rank: 2331	32 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1290 t.clarity.ms — Cisco Umbrella Rank: 9754 c.clarity.ms — Cisco Umbrella Rank: 2092	22 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	427 KB
5	google.com www.google.com — Cisco Umbrella Rank: 11	48 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1031	2 KB
3	gstatic.com www.gstatic.com	387 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	239 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1150	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	168 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 1425	6 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113 ajax.googleapis.com — Cisco Umbrella Rank: 720	32 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 481	762 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 8716	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	2 KB
1	leadsensesecure.com 1 redirects leadsensesecure.com	903 B
1	linklyhq.com 1 redirects l.linklyhq.com — Cisco Umbrella Rank: 494178	270 B
61	18

	Domain	Requested by
16	www.protectionplans.co.uk	www.protectionplans.co.uk
6	www.googletagmanager.com	www.protectionplans.co.uk www.googletagmanager.com
5	www.google.com	www.protectionplans.co.uk www.gstatic.com www.google.com
3	ct.pinterest.com	s.pinimg.com www.protectionplans.co.uk
3	www.gstatic.com	www.google.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	cdn.taboola.com	www.protectionplans.co.uk cdn.taboola.com
2	trc-events.taboola.com	cdn.taboola.com
2	c.clarity.ms	1 redirects
2	t.clarity.ms	www.clarity.ms
2	www.facebook.com	www.protectionplans.co.uk
2	www.clarity.ms	www.protectionplans.co.uk www.clarity.ms
2	s.pinimg.com	www.protectionplans.co.uk s.pinimg.com
2	connect.facebook.net	www.protectionplans.co.uk connect.facebook.net
2	unpkg.com	www.protectionplans.co.uk
1	c.bing.com	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	trc.taboola.com	cdn.taboola.com
1	www.google.ca	www.protectionplans.co.uk
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	ajax.googleapis.com	www.protectionplans.co.uk
1	fonts.googleapis.com	www.protectionplans.co.uk
1	leadsensesecure.com	1 redirects
1	l.linklyhq.com	1 redirects
61	25

This site contains links to these domains. Also see Links.

Domain
nhswaitlist.lcp.uk.com
www.theguardian.com

Subject Issuer	Validity	Valid
protectionplans.co.uk R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-28` - `2023-09-26`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Frame ID: D123580197E0EDD2C60654302618B12C
Requests: 55 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfSgnkaAAAAAJQpqnBMS77opm9FIU8y5FZFx7Iw&co=aHR0cHM6Ly93d3cucHJvdGVjdGlvbnBsYW5zLmNvLnVrOjQ0Mw..&hl=en&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=hnzbnsnjw4vf
Frame ID: FC4A2CEFFCA6B253E8EFEAFF3F86D955
Requests: 5 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: EF9430E27C6A13299F4FFA7F55B08CCF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Advertorial Health Native 3 | Protection Plans

Page URL History Show full URLs

https://l.linklyhq.com/l/1L90x?site HTTP 302
https://leadsensesecure.com/?a=494&c=296&s1=&s2=%7Bclick_id%7D&s3=&s4=&s5=&site=&src=Taboola HTTP 302
https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bc... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

61
Requests

98 %
HTTPS

0 %
IPv6

18
Domains

25
Subdomains

20
IPs

4
Countries

1306 kB
Transfer

3568 kB
Size

27
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://nhswaitlist.lcp.uk.com/
Title: (1) https://nhswaitlist.lcp.uk.com/

Search URL Search Domain Scan URL

URL: https://www.theguardian.com/society/2022/mar/03/staffing-crisis-deepens-in-nhs-england-with-110000-posts-unfilled
Title: (2) https://www.theguardian.com/society/2022/mar/03/staffing-crisis-deepens-in-nhs-england-with-110000-posts-unfilled

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://l.linklyhq.com/l/1L90x?site HTTP 302
https://leadsensesecure.com/?a=494&c=296&s1=&s2=%7Bclick_id%7D&s3=&s4=&s5=&site=&src=Taboola HTTP 302
https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7DF102155E1A4598B38CB7BCD9EF57AA&RedC=c.clarity.ms&MXFR=01635B4B6B636C4900BC48DA6F63626A HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7DF102155E1A4598B38CB7BCD9EF57AA&MUID=1F3787FD47126866306D946C466C69C8

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.protectionplans.co.uk/advertorial-health-native-3/
Redirect Chain

https://l.linklyhq.com/l/1L90x?site
https://leadsensesecure.com/?a=494&c=296&s1=&s2=%7Bclick_id%7D&s3=&s4=&s5=&site=&src=Taboola
https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

30 KB
8 KB

585ms
228ms

Document
text/html

77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash: 21b703a773c01137c0718938eef677e8c60d96f62b1cbc56b4a5af9a31e35314

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 19 Sep 2023 14:50:18 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.protectionplans.co.uk/wp-json/>; rel="https://api.w.org/", <https://www.protectionplans.co.uk/wp-json/wp/v2/pages/195>; rel="alternate"; type="application/json", <https://www.protectionplans.co.uk/?p=195>; rel=shortlink
pragma: no-cache
server: nginx
x-powered-by: PHP/7.4.33 PleskLin

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 306
Content-Type: text/html; charset=utf-8
Date: Tue, 19 Sep 2023 14:50:18 GMT
Location: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
79 KB 125ms
51ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11319637826

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d0876eaedcb6329c2264f1466a5f08a2eb5804ebbbf965ba78daf2d1a7743b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80444
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Sep 2023 14:50:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 154ms
81ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-148990709-3

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d16dcd758cf9652174a41772257fb3cebe6fb56daefd380ca47150eee53a6b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64634
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Sep 2023 14:50:18 GMT

GET
H2 200 styles.css
www.protectionplans.co.uk/wp-content/themes/protection-plans/assets/css/ 37 KB
7 KB 110ms
109ms Stylesheet
text/css 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectionplans.co.uk/wp-content/themes/protection-plans/assets/css/styles.css
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: a161aca35d3234aa554050445d5d60faec593f5da6d39666fb24b380731a6dbd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:18 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2023 09:25:09 GMT
server: nginx
etag: W/"63da2ff5-94af"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
89 KB 66ms
60ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1VF4R8YTZZ

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4ef74f6d182c582a0b53016d9eb361637f8965e69cbfd199a2d3f71a07d9ee2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Sep 2023 14:50:19 GMT

GET
H2 200 styles.css
www.protectionplans.co.uk/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1013 B 202ms
200ms Stylesheet
text/css 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectionplans.co.uk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:18 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 09:53:20 GMT
server: nginx
etag: W/"6450dd90-b2b"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 style.css
www.protectionplans.co.uk/wp-content/plugins/uk-cookie-consent/assets/css/ 5 KB
1 KB 202ms
201ms Stylesheet
text/css 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectionplans.co.uk/wp-content/plugins/uk-cookie-consent/assets/css/style.css?ver=6.3.1
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: 34513f6e62e1b5dedbea61d6f79455a5df46097096913bbf1d154ac86b9d9fb5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:18 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2023 09:25:09 GMT
server: nginx
etag: W/"63da2ff5-1230"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 5 KB
935 B 123ms
47ms Stylesheet
text/css 142.251.16.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f95.1e100.net

Software

ESF /

Resource Hash

45d897e085005dcf35c82aee31d4f145f7921af6c85c57560f8d90f390c03970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Sep 2023 14:50:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 14:28:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Sep 2023 14:50:18 GMT

GET
H2 200 jquery.min.js Show response
www.protectionplans.co.uk/wp-includes/js/jquery/ 85 KB
29 KB 194ms
193ms Script
application/javascript 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectionplans.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:18 GMT
content-encoding: br
last-modified: Tue, 08 Aug 2023 22:20:16 GMT
server: nginx
etag: W/"64d2bfa0-155ba"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
www.protectionplans.co.uk/wp-includes/js/jquery/ 13 KB
5 KB 202ms
202ms Script
application/javascript 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectionplans.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:18 GMT
content-encoding: br
last-modified: Tue, 08 Aug 2023 22:20:16 GMT
server: nginx
etag: W/"64d2bfa0-3509"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 logo-pp-new.png
www.protectionplans.co.uk/wp-content/uploads/2022/09/ 5 KB
5 KB 126ms
119ms Image
image/png 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.protectionplans.co.uk/wp-content/uploads/2022/09/logo-pp-new.png
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: 1db266d6ed8f9767be29720410caf42c4fdec0e167c690e79aae32be0c70d2ef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
last-modified: Wed, 01 Feb 2023 09:25:10 GMT
server: nginx
etag: "63da2ff6-1252"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 4690

GET
H2 200 protection-health-native-3.jpg
www.protectionplans.co.uk/wp-content/themes/protection-plans/assets/images/ 52 KB
52 KB 127ms
121ms Image
image/jpeg 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.protectionplans.co.uk/wp-content/themes/protection-plans/assets/images/protection-health-native-3.jpg
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: cfe93bd6df37476ecbf56930d5d0e09cd24233fedaa499619228a7866b1c62fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
last-modified: Fri, 24 Mar 2023 17:41:52 GMT
server: nginx
etag: "641de0e0-d053"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 53331

GET
H2 200 adv-health-providers.png
www.protectionplans.co.uk/wp-content/themes/protection-plans/assets/images/ 12 KB
12 KB 204ms
198ms Image
image/png 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.protectionplans.co.uk/wp-content/themes/protection-plans/assets/images/adv-health-providers.png
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: 4e65f7793bf9e72911c9e84c27f90230d5d235ce14e7052b731965e77f318e9f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
last-modified: Fri, 24 Mar 2023 17:41:40 GMT
server: nginx
etag: "641de0d4-2fea"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 12266

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 116ms
38ms Script
text/javascript 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 06:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Sep 2024 06:40:19 GMT

GET
H2 200 aos.js Show response
unpkg.com/aos@2.3.1/dist/ 14 KB
5 KB 69ms
27ms Script
application/javascript 104.16.125.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.js

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.125.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 19662618
last-modified: Thu, 17 May 2018 22:11:13 GMT
fly-request-id: 01GRCYZX9E0V3GW2EM2DTTW2YE-yyz
server: cloudflare
etag: W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8092a3edfe4b36ae-YYZ

GET
H2 200 aos.css
unpkg.com/aos@2.3.1/dist/ 25 KB
2 KB 69ms
29ms Stylesheet
text/css 104.16.125.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.css

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.125.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 20438727
last-modified: Thu, 17 May 2018 22:11:13 GMT
fly-request-id: 01GQNTTYDSCHX3VRA403JBKRZZ-yyz
server: cloudflare
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8092a3edfe4d36ae-YYZ

GET
H2 200 index.js Show response
www.protectionplans.co.uk/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 114ms
106ms Script
application/javascript 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectionplans.co.uk/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 09:53:20 GMT
server: nginx
etag: W/"6450dd90-2801"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 index.js Show response
www.protectionplans.co.uk/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 118ms
110ms Script
application/javascript 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectionplans.co.uk/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 09:53:20 GMT
server: nginx
etag: W/"6450dd90-328f"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 uk-cookie-consent-js.js Show response
www.protectionplans.co.uk/wp-content/plugins/uk-cookie-consent/assets/js/ 2 KB
730 B 116ms
108ms Script
application/javascript 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectionplans.co.uk/wp-content/plugins/uk-cookie-consent/assets/js/uk-cookie-consent-js.js?ver=2.3.0
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: 2e52aa532594524ce54ab7f748eb9828e2285b705ba1da5fe5b4c0f4ada6ce1a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2023 09:25:09 GMT
server: nginx
etag: W/"63da2ff5-62d"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 143ms
53ms Script
text/javascript 142.251.16.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfSgnkaAAAAAJQpqnBMS77opm9FIU8y5FZFx7Iw&ver=3.0

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f103.1e100.net

Software

GSE /

Resource Hash

5ea8dd28547ac191c4f80546d110d70e50afd09614f5b0f9febaa617ad7431f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 862
x-xss-protection: 1; mode=block
expires: Tue, 19 Sep 2023 14:50:19 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
www.protectionplans.co.uk/wp-includes/js/dist/vendor/ 8 KB
2 KB 120ms
113ms Script
application/javascript 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectionplans.co.uk/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: br
last-modified: Wed, 29 Mar 2023 22:21:47 GMT
server: nginx
etag: W/"6424b9fb-1feb"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 regenerator-runtime.min.js Show response
www.protectionplans.co.uk/wp-includes/js/dist/vendor/ 6 KB
2 KB 124ms
116ms Script
application/javascript 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectionplans.co.uk/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: br
last-modified: Wed, 29 Mar 2023 22:21:47 GMT
server: nginx
etag: W/"6424b9fb-19cf"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 wp-polyfill.min.js Show response
www.protectionplans.co.uk/wp-includes/js/dist/vendor/ 16 KB
6 KB 125ms
117ms Script
application/javascript 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectionplans.co.uk/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: br
last-modified: Tue, 08 Aug 2023 22:20:16 GMT
server: nginx
etag: W/"64d2bfa0-3f12"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 index.js Show response
www.protectionplans.co.uk/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
615 B 125ms
118ms Script
application/javascript 77.68.29.139
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectionplans.co.uk/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.6
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.68.29.139 Kilbirnie, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: mail.bestcompare.com
Software: nginx / PleskLin
Resource Hash: 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 09:53:20 GMT
x-accel-version: 0.01
server: nginx
etag: W/"3e7-5fab2e8d5700d"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 128ms
40ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 19 Sep 2023 14:50:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53155
x-xss-protection: 0
pragma: public
x-fb-debug: ROcaSubUJcZOaZHfD2BRHwdQAkO9oxgYHHhyRmPL1nn/Q9bRPZ/oDgJZpjIxe7e2K0+QIddcAi0A9p5N2tf+Gw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
43 KB 55ms
50ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TSR55QL

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

406eaa1fa5d52dfb96236081493af899c3147ff6ab58cfc50e889331eb621bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44304
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Sep 2023 14:50:19 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 160ms
56ms Script
application/javascript 23.33.180.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.180.211 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-33-180-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: df822e44efc31160c2e2cff9d29435159054bcceb67fa2512c3899f02dfb7557

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "d27ea869d7ce22e300e4a4a927526193"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1473

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1506110/ 65 KB
20 KB 188ms
140ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1506110/tfa.js
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfcca40c9fd90571d54a1b9094cbf7d0d02164b941dbb5e7b9cb8d23c7babfae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: Vx2yJPNF4Fm8S9vzf1Xq7KOFpIGc5c9U
content-encoding: gzip
via: 1.1 varnish
date: Tue, 19 Sep 2023 14:50:19 GMT
x-amz-request-id: 6QEKBYED8FC6EREE
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-amz-replication-status: COMPLETED
content-length: 19991
x-amz-id-2: qI6H+5wJZnOdmNnD2m2UBsdqK9afXNLguSBIZ/U17bdccEYQU9DLXHUIxwHBmLv4yiSpTjgHbKs=
x-served-by: cache-yyz4544-YYZ
last-modified: Tue, 19 Sep 2023 07:58:52 GMT
server: AmazonS3
x-timer: S1695135019.207945,VS0,VE122
etag: "1e4af5c1b947dc139aab6be930e0f801"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 30
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11319637826/ 3 KB
2 KB 207ms
115ms Script
text/javascript 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11319637826/?random=1695135019098&cv=11&fst=1695135019098&bg=ffffff&guid=ON&async=1&gtm=45be39d0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.protectionplans.co.uk%2Fadvertorial-health-native-3%2F%3Fclickid%3D3363258%26coff%3D111%26caff%3D494%26cs1%3D%26cs2%3D%257bclick_id%257d%26cs3%3D%26cs4%3D%26cs5%3D%26site%3D%26src%3DTaboola&hn=www.googleadservices.com&frm=0&tiba=Advertorial%20Health%20Native%203%20%7C%20Protection%20Plans&auid=1826989047.1695135019&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11319637826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

2b8ba26bff38d695045993726f9895554903a7a64dcd498a5bb32a6e9c3b26bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1425
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 57ms
52ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-148990709-3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11319637826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

97cff39490dd673868330d6125a3800f4266fc8398ba943d023129d93c6b5cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64660
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Sep 2023 14:50:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
89 KB 61ms
57ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1VF4R8YTZZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11319637826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

93833cbc59016cbaf5ebf3c01d762bbfd6bd92b39208a0e0d816116d35e3ffdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91019
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Sep 2023 14:50:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
36ms Script
text/javascript 172.253.115.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-148990709-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 14:04:11 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2768
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 19 Sep 2023 16:04:11 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
178 B 54ms
53ms Ping
text/plain 172.253.115.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1VF4R8YTZZ&gtm=45je39d0&_p=1004528812&cid=1904944424.1695135019&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695135019&sct=1&seg=0&dl=https%3A%2F%2Fwww.protectionplans.co.uk%2Fadvertorial-health-native-3%2F%3Fclickid%3D3363258%26coff%3D111%26caff%3D494%26cs1%3D%26cs2%3D%257bclick_id%257d%26cs3%3D%26cs4%3D%26cs5%3D%26site%3D%26src%3DTaboola&dt=Advertorial%20Health%20Native%203%20%7C%20Protection%20Plans&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1VF4R8YTZZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f102.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 14:50:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.protectionplans.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gf28p3jjlr Show response
www.clarity.ms/tag/ 650 B
1016 B 198ms
92ms Script
application/x-javascript 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gf28p3jjlr
Requested by: Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 840a6d0ea4293bf056bf92b38fa463c3ecab9ec471e3e04fb55b6ab470d5c59b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
date: Tue, 19 Sep 2023 14:50:18 GMT
x-azure-ref: 0K7UJZQAAAAAMi2ElLMelTYaw2h9gjclJQ0gxQUEyMDIwNjA2MDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 650
expires: -1

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ 453 KB
182 KB 123ms
38ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfSgnkaAAAAAJQpqnBMS77opm9FIU8y5FZFx7Iw&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

a36746585bd5af117aff1cfeec39c2a810d6d9c601ca083d132786abf09d01b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.protectionplans.co.uk/
Origin: https://www.protectionplans.co.uk
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185696
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 14:47:24 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 46ms
46ms XHR
text/plain 172.253.115.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1004528812&t=pageview&_s=1&dl=https%3A%2F%2Fwww.protectionplans.co.uk%2Fadvertorial-health-native-3%2F%3Fclickid%3D3363258%26coff%3D111%26caff%3D494%26cs1%3D%26cs2%3D%257bclick_id%257d%26cs3%3D%26cs4%3D%26cs5%3D%26site%3D%26src%3DTaboola&ul=en-us&de=UTF-8&dt=Advertorial%20Health%20Native%203%20%7C%20Protection%20Plans&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=607783047&gjid=495607954&cid=1904944424.1695135019&tid=UA-148990709-3&_gid=2114517480.1695135019&_r=1&gtm=457e39d0&jsscut=1&z=1228125564

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.protectionplans.co.uk/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 14:50:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.protectionplans.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 407737224304666 Show response
connect.facebook.net/signals/config/ 420 KB
115 KB 103ms
102ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/407737224304666?v=2.9.127&r=stable&domain=www.protectionplans.co.uk

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

ea37d4f7394c25f3e483c31edd43020a9ee44143c0533af9b905488dc46f1b13

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 19 Sep 2023 14:50:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 2eXvr2cDmnkz4FJKCLRbOa+A2n7Cs+8W3RtelUm6iN1Bq2rIWfWgEOXQAVx14ZS2Cx9WIM+rzWGhjjq8ZbyBfQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.b4887131.js Show response
s.pinimg.com/ct/lib/ 63 KB
18 KB 91ms
90ms Script
application/javascript 23.33.180.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.b4887131.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.180.211 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-33-180-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7dbb99afa2ca46884692f7772146d6f3f7c4f1ba928babc0f490f3e7ba62114e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "aa7df97ef17cd5e7b3b0e69ee5fe57f8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18175

GET
H2 200 /
www.google.com/pagead/1p-user-list/11319637826/ 42 B
327 B 49ms
49ms Image
image/gif 142.251.16.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11319637826/?random=1695135019098&cv=11&fst=1695132000000&bg=ffffff&guid=ON&async=1&gtm=45be39d0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.protectionplans.co.uk%2Fadvertorial-health-native-3%2F%3Fclickid%3D3363258%26coff%3D111%26caff%3D494%26cs1%3D%26cs2%3D%257bclick_id%257d%26cs3%3D%26cs4%3D%26cs5%3D%26site%3D%26src%3DTaboola&frm=0&tiba=Advertorial%20Health%20Native%203%20%7C%20Protection%20Plans&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=533362069&rmt_tld=0&ipr=y

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 14:50:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/11319637826/ 42 B
455 B 149ms
49ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/11319637826/?random=1695135019098&cv=11&fst=1695132000000&bg=ffffff&guid=ON&async=1&gtm=45be39d0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.protectionplans.co.uk%2Fadvertorial-health-native-3%2F%3Fclickid%3D3363258%26coff%3D111%26caff%3D494%26cs1%3D%26cs2%3D%257bclick_id%257d%26cs3%3D%26cs4%3D%26cs5%3D%26site%3D%26src%3DTaboola&frm=0&tiba=Advertorial%20Health%20Native%203%20%7C%20Protection%20Plans&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=533362069&rmt_tld=1&ipr=y

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 14:50:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1506110/trc/3/ 3 KB
2 KB 58ms
51ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1506110/trc/3/json?tim=1695135019494&data=%7B%22id%22%3A25%2C%22ii%22%3A%22%2Fadvertorial-health-native-3%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1695135019480%2C%22cv%22%3A%2220230918-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.protectionplans.co.uk%2Fadvertorial-health-native-3%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fclickid%3D3363258%26coff%3D111%26caff%3D494%26cs1%3D%26cs2%3D%257bclick_id%257d%26cs3%3D%26cs4%3D%26cs5%3D%26site%3D%26src%3DTaboola%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dleadsense-healthinsurance2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1695135019492%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.protectionplans.co.uk%2Fadvertorial-health-native-3%2F%3Fclickid%3D3363258%26coff%3D111%26caff%3D494%26cs1%3D%26cs2%3D%257bclick_id%257d%26cs3%3D%26cs4%3D%26cs5%3D%26site%3D%26src%3DTaboola%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1506110/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e6b7afd899d0aac7f022ad551fe77027c7a0d127ed9abd29157cc2141acd452

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-vcl-time-ms: 32
date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 15661
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-yyz4544-YYZ
x-log-content-encoding: gzip
server: nginx
x-timer: S1695135020.511254,VS0,VE32
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 29ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1506110/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Tue, 19 Sep 2023 14:50:19 GMT
x-amz-request-id: 345CDBWW70P2J4KQ
age: 1815
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: RXZ9eF1pCd0CDN+zmZsBdUvWy9zP/THQYOkdE0w5cIOOD+5zdquMw/vB8dFwYkBREq+fn3ZvR+o=
x-served-by: cache-yyz4544-YYZ
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1695135020.586666,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 16
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 2784

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 26ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1506110/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Tue, 19 Sep 2023 14:50:19 GMT
x-amz-request-id: F0ERNPAEKW73Z8P2
age: 13314
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: plsZvdnyCt2i8Bpor4XZ/Hw8FQ82hV+hAUU7z72e8PcCioobdkLHvDkUimb10ggYrfGsRVEk5hI=
x-served-by: cache-yyz4544-YYZ
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1695135020.586822,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 0
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2639840

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
20 KB 43ms
41ms Script
application/javascript 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gf28p3jjlr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:18 GMT
content-encoding: br
last-modified: Mon, 18 Sep 2023 19:28:23 GMT
x-azure-ref-originshield: 0+HQJZQAAAAD/M8G7kkDBRpNATBHpvqc+RE0yQUExMDkxMjA4MDQ3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DBB87D6C4CE56B"
x-azure-ref: 0K7UJZQAAAACeT9lx2WdSRaElxGBhThL4Q0gxQUEyMDIwNjA2MDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 395b24e0-301e-003f-53e2-eae678000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 / Show response
ct.pinterest.com/user/ 569 B
911 B 53ms
48ms XHR
application/json 23.33.180.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613701314964&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1695135019600&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b4887131.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.33.180.211 Sterling, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-33-180-211.deploy.static.akamaitechnologies.com

Software

Resource Hash

8fc4aa58eba36944f49a93d645f69635e8d5643cde97ac4ab14c025d2a4d70bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.a5f93017.1695135019.5c84ab0
x-envoy-upstream-service-time: 2
content-length: 386
x-pinterest-rid: 1294287629370440
pin-unauth: dWlkPVl6ZG1ZVFJrWlRVdFpEVTBOQzAwTW1RNUxUZzVZemt0TkRVNFpHUTJOVFprWXpGbQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.protectionplans.co.uk
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 73c2f08f71cb0bd2c7a40fb005c4f84dbd64f8cd
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
456 B 49ms
48ms Image
image/gif 23.33.180.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613701314964&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.protectionplans.co.uk%2Fadvertorial-health-native-3%2F%3Fclickid%3D3363258%26coff%3D111%26caff%3D494%26cs1%3D%26cs2%3D%257bclick_id%257d%26cs3%3D%26cs4%3D%26cs5%3D%26site%3D%26src%3DTaboola%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1695135019611

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.33.180.211 Sterling, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-33-180-211.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 14:50:19 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.a5f93017.1695135019.5c84ab8
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 73c2f08f71cb0bd2c7a40fb005c4f84dbd64f8cd
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 6304247338827749
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame FC4A 51 KB
28 KB 67ms
66ms Document
text/html 142.251.16.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfSgnkaAAAAAJQpqnBMS77opm9FIU8y5FZFx7Iw&co=aHR0cHM6Ly93d3cucHJvdGVjdGlvbnBsYW5zLmNvLnVrOjQ0Mw..&hl=en&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=hnzbnsnjw4vf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f103.1e100.net

Software

GSE /

Resource Hash

5ac545f96092dd7bd8726b5effcef21e4deb98f67a51ea39f31716f3077ae7d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mBkUY7P7blDFB_s1LYc4GQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.protectionplans.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28395
content-security-policy: script-src 'report-sample' 'nonce-mBkUY7P7blDFB_s1LYc4GQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 14:50:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 113ms
35ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=407737224304666&ev=PageView&dl=https%3A%2F%2Fwww.protectionplans.co.uk%2Fadvertorial-health-native-3%2F%3Fclickid%3D3363258%26coff%3D111%26caff%3D494%26cs1%3D%26cs2%3D%257bclick_id%257d%26cs3%3D%26cs4%3D%26cs5%3D%26site%3D%26src%3DTaboola&rl=&if=false&ts=1695135019733&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.2.1695135019730.560695920&it=1695135019436&coo=false&rqm=GET

Requested by

Host: www.protectionplans.co.uk
URL: https://www.protectionplans.co.uk/advertorial-health-native-3/?clickid=3363258&coff=111&caff=494&cs1=&cs2=%7bclick_id%7d&cs3=&cs4=&cs5=&site=&src=Taboola

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 19 Sep 2023 14:50:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
pips.taboola.com/ 4 B
187 B 57ms
18ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-served-by: cache-yyz4536-YYZ
date: Tue, 19 Sep 2023 14:50:19 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.protectionplans.co.uk
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame FC4A 55 KB
24 KB 112ms
39ms Stylesheet
text/css 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfSgnkaAAAAAJQpqnBMS77opm9FIU8y5FZFx7Iw&co=aHR0cHM6Ly93d3cucHJvdGVjdGlvbnBsYW5zLmNvLnVrOjQ0Mw..&hl=en&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=hnzbnsnjw4vf

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 13:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 13:39:17 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame FC4A 453 KB
181 KB 108ms
37ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

a36746585bd5af117aff1cfeec39c2a810d6d9c601ca083d132786abf09d01b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185696
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 18:47:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 14:47:24 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 126ms
37ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=565b90d4-62cb-46b3-b419-771160c9bd46-tuctc033aab&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Sep 2023 14:50:19 GMT
cache-control: no-store
server: nginx

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
305 B 211ms
55ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.protectionplans.co.uk/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.protectionplans.co.uk
Date: Tue, 19 Sep 2023 14:50:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame FC4A 102 B
134 B 50ms
50ms Other
text/javascript 142.251.16.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=uEf7E1417z6GNSkRx7AyL8K8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f103.1e100.net

Software

GSE /

Resource Hash

e5cc584ab2125a34a5dfabff1e040a321d4b5171989bcd3dd0bb1275fc355c25

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfSgnkaAAAAAJQpqnBMS77opm9FIU8y5FZFx7Iw&co=aHR0cHM6Ly93d3cucHJvdGVjdGlvbnBsYW5zLmNvLnVrOjQ0Mw..&hl=en&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=hnzbnsnjw4vf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 14:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 19 Sep 2023 14:50:20 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7DF102155E1A4598B38CB7BCD9EF57AA&RedC=c.clarity.ms&MXFR=01635B4B6B636C4900BC48DA6F63626A
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7DF102155E1A4598B38CB7BCD9EF57AA&MUID=1F3787FD47126866306D946C466C69C8

42 B
443 B

48ms
47ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7DF102155E1A4598B38CB7BCD9EF57AA&MUID=1F3787FD47126866306D946C466C69C8
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 14:50:19 GMT
last-modified: Wed, 30 Aug 2023 15:12:15 GMT
server: Microsoft-IIS/10.0
etag: "3370fe5b54dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 19 Sep 2023 14:50:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 56045ECF0D2E46599E7919B70921BCD4 Ref B: CHGEDGE1805 Ref C: 2023-09-19T14:50:20Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7DF102155E1A4598B38CB7BCD9EF57AA&MUID=1F3787FD47126866306D946C466C69C8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame EF94 565 B
625 B 52ms
51ms Document
text/html 23.33.180.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b4887131.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.33.180.211 Sterling, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-33-180-211.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.protectionplans.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

akamai-grn: 0.a5f93017.1695135020.5c84d1e
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 19 Sep 2023 14:50:20 GMT
pinterest-version: 73c2f08f71cb0bd2c7a40fb005c4f84dbd64f8cd
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 8187861549115892

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 36ms
35ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=407737224304666&ev=Microdata&dl=https%3A%2F%2Fwww.protectionplans.co.uk%2Fadvertorial-health-native-3%2F%3Fclickid%3D3363258%26coff%3D111%26caff%3D494%26cs1%3D%26cs2%3D%257bclick_id%257d%26cs3%3D%26cs4%3D%26cs5%3D%26site%3D%26src%3DTaboola&rl=&if=false&ts=1695135020240&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5CnAdvertorial%20Health%20Native%203%20%7C%20Protection%20Plans%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.protectionplans.co.uk%2Fadvertorial-health-native-3%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.protectionplans.co.uk%2Fwp-content%2Fthemes%2Fprotection-plans%2Fassets%2Fimages%2Fprotection-health-native-3.jpg%22%2C%22og%3Aimage%3Aurl%22%3A%22https%3A%2F%2Fwww.protectionplans.co.uk%2Fwp-content%2Fthemes%2Fprotection-plans%2Fassets%2Fimages%2Fprotection-health-native-3.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.127&r=stable&ec=1&o=30&fbp=fb.2.1695135019730.560695920&it=1695135019436&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 19 Sep 2023 14:50:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame FC4A 32 KB
19 KB 91ms
90ms XHR
application/json 142.251.16.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfSgnkaAAAAAJQpqnBMS77opm9FIU8y5FZFx7Iw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f103.1e100.net

Software

GSE /

Resource Hash

48a4fa45d673f71c94bcd25199f96c87169c8b0781398dd2dc6a463b1f53c126

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfSgnkaAAAAAJQpqnBMS77opm9FIU8y5FZFx7Iw&co=aHR0cHM6Ly93d3cucHJvdGVjdGlvbnBsYW5zLmNvLnVrOjQ0Mw..&hl=en&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=hnzbnsnjw4vf
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 19 Sep 2023 14:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19011
x-xss-protection: 1; mode=block
expires: Tue, 19 Sep 2023 14:50:20 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1506110/log/3/ 0
530 B 96ms
30ms XHR
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1506110/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=0&ssd=1&est=1695135019487&ver=36&isls=true&src=i&invt=1500&msa=2010&rv=1&tim=1695135021043&vi=1695135019480&ri=99d630a59f19c55f51c1b3ed5b45ffc2&sd=v2_606a9288248da568902a709aea1605c7_565b90d4-62cb-46b3-b419-771160c9bd46-tuctc033aab_1695135019_1695135019_CNawjgYQvvZbGNjjru-qMSABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABolriLlKfb-47xAXAB&ui=565b90d4-62cb-46b3-b419-771160c9bd46-tuctc033aab&ref=null&cv=20230918-3-RELEASE&item-url=https%3A%2F%2Fwww.protectionplans.co.uk%2Fadvertorial-health-native-3%2F%3Fclickid%3D3363258%26coff%3D111%26caff%3D494%26cs1%3D%26cs2%3D%257bclick_id%257d%26cs3%3D%26cs4%3D%26cs5%3D%26site%3D%26src%3DTaboola
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1506110/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin: https://www.protectionplans.co.uk
pragma: no-cache
date: Tue, 19 Sep 2023 14:50:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
305 B 51ms
50ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.protectionplans.co.uk/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.protectionplans.co.uk
Date: Tue, 19 Sep 2023 14:50:21 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 204 unip Show response
trc-events.taboola.com/1506110/log/3/ 0
529 B 31ms
31ms XHR
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1506110/log/3/unip?en=pre_d_eng_tb&tos=4555&scd=0&ssd=1&est=1695135019487&ver=36&isls=true&src=i&invt=3000&msa=2010&rv=1&tim=1695135024045&vi=1695135019480&ri=99d630a59f19c55f51c1b3ed5b45ffc2&sd=v2_606a9288248da568902a709aea1605c7_565b90d4-62cb-46b3-b419-771160c9bd46-tuctc033aab_1695135019_1695135019_CNawjgYQvvZbGNjjru-qMSABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABolriLlKfb-47xAXAB&ui=565b90d4-62cb-46b3-b419-771160c9bd46-tuctc033aab&ref=null&cv=20230918-3-RELEASE&item-url=https%3A%2F%2Fwww.protectionplans.co.uk%2Fadvertorial-health-native-3%2F%3Fclickid%3D3363258%26coff%3D111%26caff%3D494%26cs1%3D%26cs2%3D%257bclick_id%257d%26cs3%3D%26cs4%3D%26cs5%3D%26site%3D%26src%3DTaboola
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1506110/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.protectionplans.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin: https://www.protectionplans.co.uk
pragma: no-cache
date: Tue, 19 Sep 2023 14:50:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/leadsense-healthinsurance2-sc/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_606a9288248da568902a709aea1605c7_565b90d4-62cb-46b3-b419-771160c9bd46-tuctc033aab_1695135019_1695135019_CNawjgYQvvZbGNjjru-qMSABKAEwJjiJ6AdAsvEHSOzZ2ANQ____________AVgAYABolriLlKfb-47xAXAB
www.google.com/recaptcha	1970-01-20 19:11:27	Name: _GRECAPTCHA Value: 09AIMuWcAbPlUWpmkXmF2B5mKCAvTavDiBWpjy7HN1SD9S0RLS0ywHyg0aWVcm5cQv1WWTjfz_b_xG810dub6DvXE
.leadsensesecure.com/	1969-12-31 23:59:59	Name: sid Value: QH9mjQl1ktHBIZw/rU/o5kuAQFeymqRj3d+8EdFP3DUrDD8uM+q4ZQ==
.leadsensesecure.com/	1970-01-21 00:28:15	Name: trk Value: Bh1hrh1uIS7BIZw/rU/o5kuAQFeymqRj3d+8EdFP3DUrDD8uM+q4ZQ==
.leadsensesecure.com/	1970-01-21 00:28:15	Name: c111 Value: QH9mjQl1ktGOyGHilg20utWV6ZmkcEKe4XwsaBnQlYI=
www.protectionplans.co.uk/	1969-12-31 23:59:59	Name: PHPSESSID Value: u44k2o6oteuok7eipaqn0pfsc3
.protectionplans.co.uk/	1970-01-20 17:01:51	Name: _gcl_au Value: 1.1.1826989047.1695135019
.protectionplans.co.uk/	1970-01-21 00:28:15	Name: _ga_1VF4R8YTZZ Value: GS1.1.1695135019.1.0.1695135019.0.0.0
.doubleclick.net/	1970-01-20 14:52:15	Name: test_cookie Value: CheckForPermission
.protectionplans.co.uk/	1970-01-21 00:28:15	Name: _ga Value: GA1.3.1904944424.1695135019
.protectionplans.co.uk/	1970-01-20 14:53:41	Name: _gid Value: GA1.3.2114517480.1695135019
.protectionplans.co.uk/	1970-01-20 14:52:15	Name: _gat_gtag_UA_148990709_3 Value: 1
.taboola.com/	1970-01-20 23:37:51	Name: t_gid Value: 565b90d4-62cb-46b3-b419-771160c9bd46-tuctc033aab
.taboola.com/	1970-01-20 23:37:51	Name: t_pt_gid Value: 565b90d4-62cb-46b3-b419-771160c9bd46-tuctc033aab
www.clarity.ms/	1970-01-20 23:37:51	Name: CLID Value: ad7a9e5d554d497889981a21e83a20a6.20230919.20240918
.pinterest.com/	1970-01-20 23:37:51	Name: ar_debug Value: 1
.protectionplans.co.uk/	1970-01-20 17:01:51	Name: _fbp Value: fb.2.1695135019730.560695920
.protectionplans.co.uk/	1970-01-20 23:37:51	Name: _pin_unauth Value: dWlkPVl6ZG1ZVFJrWlRVdFpEVTBOQzAwTW1RNUxUZzVZemt0TkRVNFpHUTJOVFprWXpGbQ
.protectionplans.co.uk/	1970-01-20 23:37:51	Name: _clck Value: zcf8f\|2\|ff5\|0\|1357
.protectionplans.co.uk/	1970-01-20 14:53:41	Name: _clsk Value: 198hykx\|1695135020105\|1\|1\|t.clarity.ms/collect
.bing.com/	1970-01-21 00:13:51	Name: MUID Value: 1F3787FD47126866306D946C466C69C8
.c.bing.com/	1970-01-20 15:02:19	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:13:51	Name: SRM_B Value: 1F3787FD47126866306D946C466C69C8
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:13:51	Name: MUID Value: 1F3787FD47126866306D946C466C69C8
.c.clarity.ms/	1970-01-20 15:02:19	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 14:52:15	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c.bing.com
c.clarity.ms
cdn.taboola.com
cds.taboola.com
connect.facebook.net
ct.pinterest.com
fonts.googleapis.com
googleads.g.doubleclick.net
l.linklyhq.com
leadsensesecure.com
pips.taboola.com
s.pinimg.com
t.clarity.ms
trc-events.taboola.com
trc.taboola.com
unpkg.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.protectionplans.co.uk
104.16.125.175
13.107.21.200
13.107.226.40
141.226.124.48
141.226.224.32
142.251.16.103
142.251.16.95
142.251.163.94
151.101.1.44
151.101.65.44
157.240.229.1
172.253.115.102
172.253.122.94
172.253.62.157
172.253.63.95
172.253.63.97
20.110.205.119
20.114.189.70
23.33.180.211
31.13.66.35
34.252.8.20
35.226.132.161
77.68.29.139
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1db266d6ed8f9767be29720410caf42c4fdec0e167c690e79aae32be0c70d2ef
1e6b7afd899d0aac7f022ad551fe77027c7a0d127ed9abd29157cc2141acd452
21b703a773c01137c0718938eef677e8c60d96f62b1cbc56b4a5af9a31e35314
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
2b8ba26bff38d695045993726f9895554903a7a64dcd498a5bb32a6e9c3b26bb
2e52aa532594524ce54ab7f748eb9828e2285b705ba1da5fe5b4c0f4ada6ce1a
34513f6e62e1b5dedbea61d6f79455a5df46097096913bbf1d154ac86b9d9fb5
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
406eaa1fa5d52dfb96236081493af899c3147ff6ab58cfc50e889331eb621bd6
45d897e085005dcf35c82aee31d4f145f7921af6c85c57560f8d90f390c03970
48a4fa45d673f71c94bcd25199f96c87169c8b0781398dd2dc6a463b1f53c126
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4e65f7793bf9e72911c9e84c27f90230d5d235ce14e7052b731965e77f318e9f
4ef74f6d182c582a0b53016d9eb361637f8965e69cbfd199a2d3f71a07d9ee2c
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
5ac545f96092dd7bd8726b5effcef21e4deb98f67a51ea39f31716f3077ae7d1
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ea8dd28547ac191c4f80546d110d70e50afd09614f5b0f9febaa617ad7431f3
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7dbb99afa2ca46884692f7772146d6f3f7c4f1ba928babc0f490f3e7ba62114e
840a6d0ea4293bf056bf92b38fa463c3ecab9ec471e3e04fb55b6ab470d5c59b
8fc4aa58eba36944f49a93d645f69635e8d5643cde97ac4ab14c025d2a4d70bc
93833cbc59016cbaf5ebf3c01d762bbfd6bd92b39208a0e0d816116d35e3ffdb
97cff39490dd673868330d6125a3800f4266fc8398ba943d023129d93c6b5cf2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a161aca35d3234aa554050445d5d60faec593f5da6d39666fb24b380731a6dbd
a36746585bd5af117aff1cfeec39c2a810d6d9c601ca083d132786abf09d01b1
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
bfcca40c9fd90571d54a1b9094cbf7d0d02164b941dbb5e7b9cb8d23c7babfae
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
cfe93bd6df37476ecbf56930d5d0e09cd24233fedaa499619228a7866b1c62fe
d0876eaedcb6329c2264f1466a5f08a2eb5804ebbbf965ba78daf2d1a7743b91
d16dcd758cf9652174a41772257fb3cebe6fb56daefd380ca47150eee53a6b47
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df822e44efc31160c2e2cff9d29435159054bcceb67fa2512c3899f02dfb7557
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cc584ab2125a34a5dfabff1e040a321d4b5171989bcd3dd0bb1275fc355c25
ea37d4f7394c25f3e483c31edd43020a9ee44143c0533af9b905488dc46f1b13
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

www.protectionplans.co.uk Open in urlscan Pro 77.68.29.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

98 %HTTPS

0 %IPv6

18 Domains

25 Subdomains

20 IPs

4 Countries

1306 kBTransfer

3568 kBSize

27 Cookies

2 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.protectionplans.co.uk Open in urlscan Pro
77.68.29.139 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

98 %
HTTPS

0 %
IPv6

18
Domains

25
Subdomains

20
IPs

4
Countries

1306 kB
Transfer

3568 kB
Size

27
Cookies

61 HTTP transactions
0 data transactions