securedbyprotect.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securedbyprotect.com/
Submission: On March 25 via automatic, source certstream-suspicious (March 25th 2022, 12:43:09 am UTC) — Scanned from DE

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 16 domains to perform 62 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is securedbyprotect.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 25th 2022. Valid for: a year.

This is the only time securedbyprotect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	108.157.4.21 108.157.4.21	16509 (AMAZON-02) (AMAZON-02)
1	188.114.96.7 188.114.96.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1e97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.135.170.242 18.135.170.242	16509 (AMAZON-02) (AMAZON-02)
1	18.64.79.11 18.64.79.11	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.35 108.157.4.35	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.122 108.157.4.122	16509 (AMAZON-02) (AMAZON-02)
1	188.114.97.7 188.114.97.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.234.224.105 34.234.224.105	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	3.219.107.245 3.219.107.245	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.139.40 18.66.139.40	16509 (AMAZON-02) (AMAZON-02)
1	99.80.161.153 99.80.161.153	16509 (AMAZON-02) (AMAZON-02)
1	34.255.141.187 34.255.141.187	16509 (AMAZON-02) (AMAZON-02)
62	22

26 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

securedbyprotect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.17.46.53 (Amsterdam, Netherlands) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-21.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.7 (Medellín, Colombia)

ASN13335 (CLOUDFLARENET, US)

m3.ckanalyze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1e97 (United States)

ASN13335 (CLOUDFLARENET, US)

signals.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.135.170.242 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-170-242.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-11.txl50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-35.dus51.r.cloudfront.net

static.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-122.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.7 (Medellín, Colombia)

ASN13335 (CLOUDFLARENET, US)

ckanalyze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.234.224.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-224-105.compute-1.amazonaws.com

api.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.107.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-107-245.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-40.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.161.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-161-153.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.141.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-141-187.eu-west-1.compute.amazonaws.com

ws25.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	securedbyprotect.com securedbyprotect.com	1 MB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 573 script.hotjar.com — Cisco Umbrella Rank: 719 vars.hotjar.com — Cisco Umbrella Rank: 874 in.hotjar.com — Cisco Umbrella Rank: 1636 ws25.hotjar.com — Cisco Umbrella Rank: 58304	66 KB
4	traversedlp.com static.traversedlp.com — Cisco Umbrella Rank: 23509 api.traversedlp.com — Cisco Umbrella Rank: 6686	5 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	21 KB
3	gstatic.com fonts.gstatic.com	52 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2997 heapanalytics.com — Cisco Umbrella Rank: 2623	43 KB
2	anura.io script.anura.io — Cisco Umbrella Rank: 45672	17 KB
2	aimtell.com signals.aimtell.com — Cisco Umbrella Rank: 11809	2 KB
2	ckanalyze.com m3.ckanalyze.com — Cisco Umbrella Rank: 411735 ckanalyze.com — Cisco Umbrella Rank: 374286	10 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	113 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 620 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2181	38 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	30 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 7542	708 B
62	16

	Domain	Requested by
26	securedbyprotect.com	securedbyprotect.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	cdn.jsdelivr.net	securedbyprotect.com
3	fonts.gstatic.com	fonts.googleapis.com
3	api.traversedlp.com	static.traversedlp.com
2	script.anura.io	securedbyprotect.com script.anura.io
2	signals.aimtell.com	securedbyprotect.com signals.aimtell.com
2	www.googletagmanager.com	securedbyprotect.com www.googletagmanager.com
2	fonts.googleapis.com	securedbyprotect.com
1	ws25.hotjar.com	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	heapanalytics.com	securedbyprotect.com
1	ckanalyze.com	m3.ckanalyze.com
1	script.hotjar.com	static.hotjar.com
1	static.traversedlp.com	www.googletagmanager.com
1	cdn.heapanalytics.com	securedbyprotect.com
1	m3.ckanalyze.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	stackpath.bootstrapcdn.com	securedbyprotect.com
1	cdnjs.cloudflare.com	securedbyprotect.com
1	code.jquery.com	securedbyprotect.com
1	cdn.rawgit.com	1 redirects
1	maxcdn.bootstrapcdn.com	securedbyprotect.com
62	24

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-25` - `2023-03-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
aimtell.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
script.anura.io Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
*.traversedlp.com Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
heapanalytics.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://securedbyprotect.com/
Frame ID: F8B579C7D7B66433529A2EA1B1870A19
Requests: 60 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: AA5CECAA9EB4E3DB86EBC4AE0659FAC0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Protect Mortgage Quotes

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

62
Requests

98 %
HTTPS

43 %
IPv6

16
Domains

24
Subdomains

22
IPs

6
Countries

1719 kB
Transfer

2585 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://cdn.rawgit.com/tonystar/bootstrap-float-label/v4.0.0/dist/bootstrap-float-label.min.css HTTP 301
https://cdn.jsdelivr.net/gh/tonystar/bootstrap-float-label@v4.0.0/dist/bootstrap-float-label.min.css

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
securedbyprotect.com/ 30 KB
6 KB 459ms
405ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b6909b216a7d67d435293c1059280add6bcfafaf9f69a66e14da17e0418a7f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKRSejG1ZlSa4r7sVSNhyOhTi0TT4E7cHHbLEMjea1daSolx4o1XpS4h44KIdaR9qmTNbWYfo8FnnxMrAqWJMgfQ8iPYvdnukfN67csu47iW8Xs7s2UQ9xQh4DaxT5IMlqch1qNOQ49bYzTHx1vm7pml2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f139c2e2a3df927-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
22 KB 129ms
38ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: securedbyprotect.com
URL: https://securedbyprotect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securedbyprotect.com/
Origin: https://securedbyprotect.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 865
access-control-allow-origin: *
cdn-cachedat: 03/20/2022 00:40:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 48aaf2e70a498e5077fa910102944e11
cf-ray: 6f139c3158b8cc56-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

bootstrap-float-label.min.css
cdn.jsdelivr.net/gh/tonystar/bootstrap-float-label@v4.0.0/dist/
Redirect Chain

https://cdn.rawgit.com/tonystar/bootstrap-float-label/v4.0.0/dist/bootstrap-float-label.min.css
https://cdn.jsdelivr.net/gh/tonystar/bootstrap-float-label@v4.0.0/dist/bootstrap-float-label.min.css

1 KB
470 B

324ms
22ms

Stylesheet
text/css

2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/tonystar/bootstrap-float-label@v4.0.0/dist/bootstrap-float-label.min.css

Requested by

Host: securedbyprotect.com
URL: https://securedbyprotect.com/

Protocol

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

261acccd1fb38561d3356f79eb99b1f96f66c082c19ac471a9353a1206473d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 314319
x-jsd-version: 4.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19157-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"40d-JNsxuztnK4BkS/0E5dLfPB7YDjk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6f139c345c2101eb-ZRH

Redirect headers

date: Fri, 25 Mar 2022 00:43:03 GMT
x-content-type-options: nosniff
fastly-original-body-size: 134
age: 56077
access-control-expose-headers: *
x-cache: MISS, HIT
cdn-cachedat: 03/25/2022 00:43:03
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 134
server: BunnyCDN-AMS1-879
x-served-by: cache-fra19182-FRA, cache-chi-kigq8000025-CHI
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-requestpullcode: 301
location: https://cdn.jsdelivr.net/gh/tonystar/bootstrap-float-label@v4.0.0/dist/bootstrap-float-label.min.css
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-edgestorageid: 883
content-type: text/plain; charset=utf-8
cdn-cache: EXPIRED
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-requestid: 924e2ca4eab7efaee8ee351bccda2baf
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-select.min.css
cdn.jsdelivr.net/npm/bootstrap-select@1.13.14/dist/css/ 11 KB
3 KB 118ms
15ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-select@1.13.14/dist/css/bootstrap-select.min.css

Requested by

Host: securedbyprotect.com
URL: https://securedbyprotect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69279bee49c5f3502f7a3f07358da1562cc0a10d57e8a56cfc0f8977d367c99f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 314467
x-jsd-version: 1.13.14
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19179-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2b70-ygnBz6wOQ/YNsvCEV2jKpYOM7Ks"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6f139c319a4801eb-ZRH

GET
H2 200 css2
fonts.googleapis.com/ 753 B
884 B 93ms
13ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cantata+One&display=swap

Requested by

Host: securedbyprotect.com
URL: https://securedbyprotect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b04fe5952b13d4d217fbc6a9824fe9b40bfecbff60dc8e2c4c2b5d846a171c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 00:43:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Mar 2022 00:43:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Mar 2022 00:43:03 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
639 B 99ms
20ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600&display=swap

Requested by

Host: securedbyprotect.com
URL: https://securedbyprotect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fa222a4f3c348927dabe8e847bb56285f50b3076d473da64fb813c218951441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 00:43:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Mar 2022 00:43:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Mar 2022 00:43:03 GMT

GET
H2 200 form.css
securedbyprotect.com/css/ 22 KB
5 KB 551ms
525ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securedbyprotect.com/css/form.css
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fa783d518af57a1bbfbf217dc2560375848b964ac5ef40a47b354f269947900

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: W/"62337881-58ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHtsw3idF0OXCtKDwbh0l5EJ%2BhJMMGL%2Fkh%2BKf3rrE5x4MuVCpDug2v5pA94KKORhSe%2FHivcq4ecFE%2BJhhwV7gLooe5Q2YF6H8aPNIY8NB9bp3Nt33r5k7ZMqz98ZL9nPyrr7P5s2VOjX8EDBE%2F8xvBxjSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f139c311c6df927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 home.css
securedbyprotect.com/css/ 40 KB
9 KB 554ms
528ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securedbyprotect.com/css/home.css
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0214d46ae4ad8e9db73aed8f4421c249d8b70de605a3dafb2f65df8abf0810d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: W/"62337881-a092"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZtB%2FCWkYPEv06RHiiCnWJI48ZNbYEDU99CL8gZrlXmVGG8eP98o%2BAOqVjPb%2B9Dd4csI6yLrHYYYtkhuXuxrqqLgFkd3UQ6E0je4wGzaJNn%2F8vVhvdLQtDxASoNmdvd73quDw9wxYMUeSILAG93n7I550Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f139c311c6ef927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 protect_logo_footer.png
securedbyprotect.com/images/ 7 KB
7 KB 376ms
356ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/protect_logo_footer.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ea8b9aeed63384af7de7c8f23c9eba449b2bc49d563f02c0f2afbac828bfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-1b60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4ksjUtBFLW1X7QcNbGYVMq10YYAR1FZFSviWiZSrbKf99mSp95Gry6MKCKn42nwuTAfOdSCl9RUkaKrXxaf8fyjeCzSZFfkg1PUjmBkaaba4U648oqVrM5AYytff2yIY%2F1bE44GsXBZcLC5m%2FhErKGkHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c311c6ff927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7008

GET
H2 200 blue_checkmark.gif
securedbyprotect.com/images/ 82 KB
82 KB 683ms
664ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/blue_checkmark.gif?rand=635
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fa42673b65d038e506efb9aab7e3917e978143ce729e76e419d611d867f52d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-147ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGB8rB%2FHZAmJ1aCwrbcR5IIP7zYkzRP8mrTPdHNgs%2F7uKq9hahHX3FuJI6TyjrwPSrJKSweJ4gAGRVK5npVoXGo5gHOclsKI6MEjwtz4uRo2uOsQXOljGYTsFUJSnRH3CUpClgYhylfSu6gWtw0GFKVOgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c312c70f927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83885

GET
H2 200 shield_hero_mortgage.jpg
securedbyprotect.com/images/ 34 KB
35 KB 548ms
529ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/shield_hero_mortgage.jpg
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4866a915e6d90a162b0b6c576ddc28afb7c121600525641693b8b2cd1174dd37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-8889"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FA7plfFhanEHh9Yyj9MrfoVg%2FoL%2FulullTjYOhA4ZDcEmJG0zII%2BJXutkktxq8aeB4OuQLqxr71rw68N%2Fae23FBHtKS5vJ7O3BFLyMOwIYR6Zx7220zdQBYdOP%2Bn2CTCn8HyuinBtPZYJswlZN07DasVtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c312c72f927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34953

GET
H2 200 brandz.jpg
securedbyprotect.com/images/ 10 KB
10 KB 380ms
361ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/brandz.jpg
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6adef316a61c92cd604fe230a822063dfd9382cdfd5500cc8fadd9cea11bbf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-288c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulrSKurtSL2XV%2F9aFI42gvUH7sKhgGrk7GPOYKKC70Gpm1sId%2FlYnrEFNcg2YnTL5hAQIP%2B2rqilIIOcqlsEokVioJSqGTn4iG2moEXYUcNN8tlOCZ4vWEHvmLtzI5YfgYGTwXSROYkeEsFITaazB9MUbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c312c73f927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10380

GET
H2 200 brandz_m.jpg
securedbyprotect.com/images/ 18 KB
18 KB 543ms
524ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/brandz_m.jpg
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8df9f8476a1cff6d9390f48e18ed71fe8270f5f928d413e58f764ee5323bb68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-4618"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHjna%2Fos7Htkq%2Fhw8XgxPBQNc0lBlt2jqUCSjpHKl1bSgd%2FW5jrasTypuH17bTULbgSmFqSdUJtcehuBlEACItWOmmzBJyjU9LUXa1rk%2B8ix18twGPqwDwRYpTiyGkzK1nK%2F9uxOyIp3rsgsZfHXHmUlAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c312c74f927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17944

GET
H2 200 numbers.png
securedbyprotect.com/images/ 11 KB
11 KB 377ms
358ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/numbers.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d69c7add72f04113da3a831c494601dc5ec9dcab7e41dc64e77e78ad72819cbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-2a86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CzzUnpzpHi25GghlJXCAR6B%2FSh%2FfFtFPB%2FOdVVA1y56UF8k%2B754tjFui5yZkxyFKjHHvmWtjK0WZ3CMs0cCmEsaKmyiMOcMecrHiE1Qzu7W3rzDcVEMSFLL44LJ2kGaOOdbRfLftY9aoCrNwhCVbxyoww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c312c75f927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10886

GET
H2 200 numbers_1.png
securedbyprotect.com/images/ 2 KB
2 KB 382ms
364ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/numbers_1.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 167e79585dca170558e7d37023e25126de0d7f0fe8b42dd215cef79e3b250b6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-79c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9zd%2B45mAQgznnSAdiGcWUjp1D2QVt5GGTqsypUYxvJerEcpaNi0%2FSFjFqbSlmZAtA4CV9Lq389g1eD8yKtZ43vWL6jzNbGAu1idyDcm4an%2FUZRnjKLGqUJtqqHzEMUvIZ9WtMPwJ%2FR1x5hcpWl0q4LjRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c312c76f927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1948

GET
H2 200 p_icon1.png
securedbyprotect.com/images/ 6 KB
7 KB 386ms
368ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/p_icon1.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a6d7f24b002f594fa0d3d75ff44e5d89ca32b445c4249068f7ff3eefc0cb80a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-1851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDH9ZwQHNE5KIWGWBjope5SXN9MiW2EtWSPPtLNyhVpqo8VamFCdzWJnuMSVv5xs4dTHWo%2BETsh1I29%2B5rhNfb%2BguYnhizaduk9rSb9Ks1bcjFBGOzZB4letiQizQ1FmZE2I8hYqynrP9%2F%2BTm5Y7t9inuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c312c77f927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6225

GET
H2 200 numbers_2.png
securedbyprotect.com/images/ 2 KB
2 KB 395ms
377ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/numbers_2.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62cb5c343a2fe51a2845a9ce112dba22b1dd92e5c0d3c5a91409c98edcf31035

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-7ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DGlTstArSsdxT7rIp9l%2F2igG4koqOZjcheP4XDDbkLAqIuj%2BLQtGRYn5h2GqFQS7QCa7jGPVW3UeXBfSfoqs96nQLBxGmxNB5RlmgD4ei5klmFy17py8yzprvk2LQJtM4s%2FYaGevSogo9Qd9J7JzCfp7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c313c8ef927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2029

GET
H2 200 p_icon2.png
securedbyprotect.com/images/ 4 KB
4 KB 391ms
373ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/p_icon2.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73ce30b89328e701be6dc357cd269f27aaa61429a3b67fa03d5bb857cef5bb48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-f7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGr%2B7%2FEldM304JDREvcpmKSM2J2CZUJ3E0szcItfm%2BWRWvj5%2BpohWLxmlCvVVfe7GUF9L7lOWAAoGGC1N7AKmnb1Dg5c1COgyWOz%2FoIMZHuhKH6rM90MlGvmyiA%2BOFR2x7yRgCsuE9ObIMIj9T%2FrtFoBeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c313c8ff927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3963

GET
H2 200 numbers_3.png
securedbyprotect.com/images/ 2 KB
2 KB 386ms
368ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/numbers_3.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4cbb30cdd25603951f2d393e780e4695cfc50576cc69fd90712c318cdf83200

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-805"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMK%2FJIv%2F7vHogBNjmGRJMrKpdg%2BurmioAmZQg3PfsVmvEd22r3W6q9HkZF6s23befmWFxDJai61GkLWC61UfpjYOV%2BhS6WXIjsTsRlcBfEkuQK2CeMGVZhz21LlCWcTRyQG6bBW%2Bj%2Be9bcRa4UTi6zJbDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c313c92f927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2053

GET
H2 200 p_icon3.png
securedbyprotect.com/images/ 4 KB
4 KB 378ms
360ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/p_icon3.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58e99bf4934276421411052bee9e95684188bed48cc5143642ced6a4f6cb23b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-fb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzkr2aD1Lj%2BWCWz7O2rizLHNkt1rL4OFUKS%2FK%2Fkmcm%2Bi5TaYpYI98xobdYKPYcG7FhfXxnBFi0fn1j3thh%2BsYucvP3JHKB%2FEo5IoECHjoVhCvpHgxJAix4a%2BO01tpYOjIMSexFp2Ba6wO7QA0UP3MgqntA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c313c94f927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4020

GET
H2 200 numbers_4.png
securedbyprotect.com/images/ 2 KB
2 KB 394ms
376ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/numbers_4.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a89ec66d9877967af26c9af370c41161caec83d22c1f859f317370298e6093b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-7d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajIifkfm7tRvC7qCoK01ML7rtkFcY2EdX4yQtUJ6X15jDpVNqos26fmeP8CivW%2B185Ezd7tL%2FqbX7GE2vdHLRf25P3jyYbwAQFsOjZXF11I5GHWpBdi38CGgXe2Db60bcFb9CDaBm8yIDK%2FeJSYqqDaclg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c313c95f927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2007

GET
H2 200 p_icon4.png
securedbyprotect.com/images/ 5 KB
5 KB 379ms
361ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/p_icon4.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b9b7e8d8aa06e5203b0f8d3f204baa77fd0fa0d2e596f75663d678184f28a6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-13bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7%2FKV%2BEzRPFlHqcuwqa98eHalzVWR5XY2w14jGkU0orALXSi%2B0G%2BanhkHmmACAg6rzqUFK95vHwIeloRTjzvGbne7fZv22k4ktZnvN6MAAbaZEd5Tcf7q7%2FH5%2F342uC0NB%2FrLTG8M5T2aYbcC6rBXPG5jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c313c97f927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5051

GET
H2 200 img_mortgage5.png
securedbyprotect.com/images/ 396 KB
397 KB 737ms
719ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/img_mortgage5.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ac386435401684c5e2b29730d6565c58ebf261bcba6eb1c8213b09bbabce950

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-631d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2B83kAq9khNsD2HCTnOgGyQhDHINqpivL53yj0Fux3Oikcd4FNajnZBvmSRnTKvGZZpb50JfhpnR%2FQGMQZxO2DLj%2BcDRBjVODfy2asnPfd0NlzJtEOfZ2J5xb7N33bL6hFJv57gMXPFsTQgs54MKU6rs%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c313c99f927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 405976

GET
H2 200 collage_mortgage.jpg
securedbyprotect.com/images/ 55 KB
56 KB 721ms
704ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/collage_mortgage.jpg
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c30140c8fe5e960ed2ca2f656b192abe6e57041dab8870d4cd81fc0a3a2ba117

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-dd8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOMCFU9Y842Q%2BFIklgp1Ijv3tH8W%2Fb86CwWCnLITuRmRBD%2B%2FXzmmKovD%2B1O3TsrTXp25Igke8SzEFDLOwAA0vQl4sZPCuFSnVBn7pU1soLCvtdPyaJ0DFT9zOlzoyzsnNrdNIXlvOF62hT7R34w6YMiEuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c313c9cf927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56717

GET
H2 200 info_icon.png
securedbyprotect.com/images/ 2 KB
2 KB 395ms
378ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/info_icon.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eb25e7ba64743b9eee094e61a965f69cb129ecadbaec204c16902f040cc3b7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-65e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpNS9iR5fDcjLiNpaNNWIHAPTK5zeNrEg56tnweMJNr3ZHeFuNvlIV652oDDx2PcSvvUUB4DfsruRpD0aAKXE2HKFCB8AZTidDabOF8KBdlLgMrhh7SbdSNhI8HGZgwr3%2BTXmFIHKLj%2FOmvX1adoHfb42g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c313c9df927-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1630

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
57 KB 94ms
15ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5BQD5XQ

Requested by

Host: securedbyprotect.com
URL: https://securedbyprotect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3e82375a9a2ea5bb9773c79885d0eaa2d434b66e410bca7d433d9db3ee5e80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58068
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 00:11:33 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Mar 2022 00:43:03 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 52ms
31ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d84"
vary: Accept-Encoding
x-hw: 1648168983.dop240.fr8.t,1648168983.cds201.fr8.hn,1648168983.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 298ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: securedbyprotect.com
URL: https://securedbyprotect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://securedbyprotect.com/
Origin: https://securedbyprotect.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 24699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S02O7rQ52OcGhsS58yum8tRUJ5IHE1H4C%2B%2BcmQLbTvrcNJrqIptlX7NF7Lk76chf%2FPNcbVHSuUkwbUgaqzJBJpF3xV%2F7AqSBeFf8dH%2FbBXk55qBl1YQGENLnPQ3XfGoOLT0v9UdO8uK38uYHdlPP4TGd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f139c338cc7021d-ZRH
expires: Wed, 15 Mar 2023 00:43:03 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 38ms
36ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: securedbyprotect.com
URL: https://securedbyprotect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securedbyprotect.com/
Origin: https://securedbyprotect.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-08-02 21:50:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3f9d3a6d1c16d4eccb5aad47d5bff1ea
cf-ray: 6f139c31c8dfcc56-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-select.min.js Show response
cdn.jsdelivr.net/npm/bootstrap-select@1.13.14/dist/js/ 51 KB
16 KB 324ms
21ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-select@1.13.14/dist/js/bootstrap-select.min.js

Requested by

Host: securedbyprotect.com
URL: https://securedbyprotect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6763de73150d26e3296cd0154ff12dede3b5d39251c734c0ae4f8af4e437e4cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 314468
x-jsd-version: 1.13.14
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19168-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"cc19-RPh/Fj9x0LrCeHYnL6mPYVOB/Pg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6f139c33aba301eb-ZRH

GET
H2 200 zipcodes.min.js Show response
cdn.jsdelivr.net/gh/zipcodes/zipcodes.js@1.0/ 3 KB
2 KB 343ms
41ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/zipcodes/zipcodes.js@1.0/zipcodes.min.js

Requested by

Host: securedbyprotect.com
URL: https://securedbyprotect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bf68e10f551c5002863329e0746f257698d9c85c040e8fd1c92005150579eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-jsd-version: 1.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19179-FRA, cache-cdg20730-CDG
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"ae6-doJq5D4Hy6c4ycnkCjsz6HNb9Xk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6f139c33aba401eb-ZRH

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 151 KB
56 KB 39ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GD2XNM31RH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BQD5XQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bcd904e59c118a4a17e42f7b8dc3d5308da94ba75e42d88973841050ebdc7098

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57513
x-xss-protection: 0
expires: Fri, 25 Mar 2022 00:43:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 62ms
22ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BQD5XQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4093
date: Thu, 24 Mar 2022 23:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 25 Mar 2022 01:34:50 GMT

GET
H2 200 hotjar-2432336.js Show response
static.hotjar.com/c/ 4 KB
2 KB 316ms
43ms Script
application/javascript 108.157.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2432336.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BQD5XQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-21.dus51.r.cloudfront.net

Software

Resource Hash

a01c1458f53cbe09e40e9e5dfca4a24e924dc92bfb4bba53f6b500b138c2f7c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: DUS51-P2
etag: W/5e277d5067aa1d7bb0236aadc38bccaf
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1890
via: 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
x-amz-cf-id: IdgyuExjStsPK_AjyyX2-3iLh7E0TvyDFSh5lEUtAVbWSHO3fAB9cQ==

GET
H2 200 ct.js Show response
m3.ckanalyze.com/ 25 KB
9 KB 384ms
326ms Script
application/javascript 188.114.96.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m3.ckanalyze.com/ct.js?cid=28653
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BQD5XQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e10549b33dd4a7c68c3f2dccfe90f12688919ab9a0f5ba3b4b6fa410eae666ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Jan 2020 13:07:54 GMT
server: cloudflare
etag: W/"5e299aaa-652e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGldMOLA5FQ9nml%2FobBzit6Gi%2Bxh%2FVcizi3BgskTuPO7uVO%2BPAH9dUcHZkZ7GbknFTBzq6IG5gSomPrWpDTLajVeoL4URrsAc5lp7%2FXbvaF1%2FdwN8oWaxkhGr6CKdiQwuRAv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f139c324c43909d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 track.js Show response
signals.aimtell.com/ 3 KB
2 KB 215ms
178ms Script
text/javascript 2606:4700::6812:1e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/track.js
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af52cdb7068ec0dad8355ec4a5bad77b17a3cc1e8bc19b0f66f41d4a53ac3c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdsLyclnLJCL7up2tVPTeW_K_EJq8ACpisj5BAmGc0mVPQRLNp6wnNV1BHWUGcRn5IYrY7qz1onmjxUWfzely4ajTq6isA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Fri, 10 Sep 2021 18:50:33 GMT
server: cloudflare
etag: W/"e9cc12470321b3946d361c51f89f737a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=VcSEVw==, md5=6cwSRwMhs5RtNhxR+J9zeg==
x-goog-generation: 1631299833653847
cache-control: public, max-age=14400
x-goog-stored-content-length: 3188
cf-ray: 6f139c323ab301eb-ZRH
expires: Fri, 25 Mar 2022 04:43:03 GMT

GET
H2 200 request.js Show response
script.anura.io/ 48 KB
17 KB 154ms
97ms Script
application/javascript 18.135.170.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=56309078&source=undefined&campaign=undefined&535674499968

Requested by

Host: securedbyprotect.com
URL: https://securedbyprotect.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.170.242 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-135-170-242.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

41448cbf95276f88793f659cdcd6d0baef9c7d28c52bda053d829ef2f5141769

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 heap-317213688.js Show response
cdn.heapanalytics.com/js/ 107 KB
42 KB 237ms
140ms Script
application/javascript 18.64.79.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-317213688.js

Requested by

Host: securedbyprotect.com
URL: https://securedbyprotect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-11.txl50.r.cloudfront.net

Software

nginx /

Resource Hash

91aa3db5531ca1ef456935a6c1ec5ec1c0de5995b5b6a599fd3fa92097563ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:41:42 GMT
content-encoding: gzip
server: nginx
age: 81
etag: W/"1ad80-pDE+1XX2OAOwiVxxM0qaAg"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 aa17b72affc79675f0dae442dde59ee4.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: TXL50-P2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: 6KiMzt0QZVwMTeoFH36D3udPHo4xO5ivNrpcmlaeAVxPt-i5bSYMoQ==

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 274ms
10ms Script
application/javascript 108.157.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BQD5XQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-35.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b83391733cf98c12ed0a1d153a4a74d17c79005222f950b94929c968907dab0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: IDXdfbC_iDV93ckMOU1xZAAC.UTIbRsT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 10 Mar 2022 23:52:06 GMT
Server: AmazonS3
Age: 2688
ETag: W/"bf2935d14420fd3a1bb071e5790b0eec"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Thu, 24 Mar 2022 23:59:19 GMT
X-Amz-Cf-Pop: DUS51-P2
X-Amz-Cf-Id: Qje9V8xdOiVwsu3Ym6_uTWLziURJtTDRZkiPYgrTNZglpUkHaTTuJA==

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 28ms
13ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GD2XNM31RH&gtm=2oe3e0&_p=838734522&sr=1600x1200&ul=en-us&cid=597093862.1648168984&_s=1&dl=https%3A%2F%2Fsecuredbyprotect.com%2F&dt=Protect%20Mortgage%20Quotes&sid=1648168983&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GD2XNM31RH&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 00:43:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securedbyprotect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 17ms
17ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=838734522&t=pageview&_s=1&dl=https%3A%2F%2Fsecuredbyprotect.com%2F&ul=en-us&de=UTF-8&dt=Protect%20Mortgage%20Quotes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=522658701&gjid=1869341233&cid=597093862.1648168984&tid=UA-9244951-103&_gid=1820123614.1648168984&_r=1&gtm=2wg3e05BQD5XQ&z=243991584

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securedbyprotect.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 00:43:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securedbyprotect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fetch Show response
signals.aimtell.com/ 70 B
374 B 25ms
23ms XHR
application/json 2606:4700::6812:1e97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/fetch?t=c2lnbmFsc2Rtcw&post_url=aHR0cHM6Ly9uZXcuaW50ZW50c2lnbmFscy5uZXQvc2lnbmFscy9haW10ZWxsLXJldGFyZ2V0aW5nP2NoYW5uZWw9b25vJmFjdGlvbj12aXNpdCZ2ZXJ0aWNhbF9zaG9ydD1NVEdF&show=1
Requested by: Host: signals.aimtell.com
URL: https://signals.aimtell.com/track.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6869d2ea01ac565aef43199cdb1faf49d779a01c1e30f179c8b6e0ab62db5082

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:03 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://securedbyprotect.com
access-control-allow-credentials: true
cf-ray: 6f139c339b9601eb-ZRH
access-control-allow-headers: Content-Type, *

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ 236 KB
62 KB 50ms
10ms Script
application/javascript 108.157.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2432336.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-122.dus51.r.cloudfront.net

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1266057
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: AiiViErq8kvjDkEJt_uVj9oZGH5VIVZAqiw6po1lzowLGUEnarj2cQ==

POST
H2 200 ct.post Show response
ckanalyze.com/ 14 B
674 B 399ms
334ms Fetch
application/json 188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ckanalyze.com/ct.post?__mapper=3
Requested by: Host: m3.ckanalyze.com
URL: https://m3.ckanalyze.com/ct.js?cid=28653
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222f65e8b3e2675faaea47ccde9ed3ba07b0e1318e4b8795cfcd560ed7d0013b

Request headers

Referer: https://securedbyprotect.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryg5mVxRHpsJ8WH7Ut

Response headers

date: Fri, 25 Mar 2022 00:43:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, POST
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uIQX47BR3bKTgkZ7RuXkGJEqBOJaCrrr8v%2BqA428euR4VkSiAlJdle%2F89huP5wk2XJGO1j0q2wM2W3tJSope7RVBJBPa9cwA%2F88TVN04AuCk%2Bo9f4x9ikh3Zkrrf3W2"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 6f139c350b2b8fef-FRA

GET
H2 200 cookie Show response
api.traversedlp.com/retargeting/v1/ 18 B
408 B 321ms
104ms XHR
application/json 34.234.224.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.224.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-224-105.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:04 GMT
server: nginx/1.20.0
etag: W/"12-86d81FY+WDtP4sdiTK7DKw"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: https://securedbyprotect.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 18

GET
H2 200 PlI5Fl60Nb5obNzNe2jslWxDvcE.woff2
fonts.gstatic.com/s/cantataone/v13/ 18 KB
19 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cantataone/v13/PlI5Fl60Nb5obNzNe2jslWxDvcE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cantata+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

177c63f8ed110cccfe81ea2fa9e0ced72e159b7d7a514bccb58c33e7e08769c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securedbyprotect.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 20:40:00 GMT
x-content-type-options: nosniff
age: 273783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18576
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 19:37:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 20:40:00 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v11/ 16 KB
17 KB 37ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v11/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securedbyprotect.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:40:42 GMT
x-content-type-options: nosniff
age: 104541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:16:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:40:42 GMT

GET
H3 200 radio_l.png
securedbyprotect.com/images/ 2 KB
3 KB 400ms
395ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/radio_l.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/css/home.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae67e79e2e9965988f4957a8f667b45b6de6a5faba75b866e409787b78c7378

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:04 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-7f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLdGydxlNQ0qtK%2F4u4cpfFWXddVEd1PcFymbM%2BtLyl4n3gVcv7G5thxaxZ8Zh6LUT8PUK%2BFtF4ZPypYOlbNcC3s9X951gUdh05zExi7n%2BdyeiBVT1pBzSs7ilmW6RlL5ujTpNXWPXEJlbi1g48TRPSxbmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c34c961374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2033

GET
H3 200 curvy.png
securedbyprotect.com/images/ 4 KB
4 KB 342ms
342ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/curvy.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/css/home.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9dbcc0cf3b05a6e31f3306731fc66c61166a85815029eeddd2f9b7af56f111

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:04 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-f5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emss5Yu6SdW%2BMhagiv7ysktIAkE%2BgmTWmD%2FJLdz36kLHqdEUjmhrfXgKUL7PZReEeTDnLQlM6X1M1QCrk5uzWwL9XOzNs8xxT6yOv1%2F%2FlbC1517KdaN63LJrQgZTNH3wP68mnhc1%2BaqNw1Aaoq0ALlg5kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c3529b5374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3934

GET
H3 200 bg2.png
securedbyprotect.com/images/ 2 KB
2 KB 355ms
355ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/bg2.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/css/home.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38ec738f8509bf9f8d8d952f45f638c0ee94da386e903edd6149d7dbcdfd2b8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:04 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-6cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rc3%2B9brYfD5QTOn%2BzF7IxV5iKu%2BT44xsHqNFbxShvoTKnLUjyN9v6UdNCDjJQGk%2FyVh4MPaXKLTRKzjcvtK6jQFxSzq1Q%2FGwdZxaYAVTyzmWsAe9eJkdKi2urcMg%2FjAX0u1sEzpKks28YgPku%2FP84Yyn1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c3529b7374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1743

GET
H3 200 arroww2.png
securedbyprotect.com/images/ 1 KB
2 KB 357ms
356ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/arroww2.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/css/home.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f0ee93f127aa11beca91c7a56fbe8605be824bf77a26f045f03c26bd17dca9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:04 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-51b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKZWWFM6N%2Bb9wgBK%2BhTO4uaFRdesKoZ5coyWL7NW2jLOzgZW5G24y1drWzcaqS4e8mN32sZx%2Fehu7O%2BVT7Yw1aYTD2lY9do5uqmjUYDVU1mkNGsyuSHXjqS2%2B6dfBNGnspT65hUAnZcSXCilEiSfnZ3cPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c3529b8374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1307

GET
H3 200 bgpara_mortgage.jpg
securedbyprotect.com/images/ 611 KB
612 KB 837ms
837ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/bgpara_mortgage.jpg
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/css/home.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed251097562769a121846bddaa8adc03bfaa05a3fa69bb59bbab3a1721d1b991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:04 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-98be0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Foa3bqSULWOHenzyvPnZNDlkh4tk0KTTsEKl7JhU7ErCKEEndBxO3dQ%2BBD0TjkAsNG28%2FcIlqBEv7RYoLWVdj3vndLjAsooQuuzauDWX17EbNpDuWOjSrWJ5lFAuI4CYTEvOTGWFOtTJ7FlWXxZeC%2FwM2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c3529b9374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 625632

GET
H3 200 arroww.png
securedbyprotect.com/images/ 1 KB
2 KB 349ms
348ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securedbyprotect.com/images/arroww.png
Requested by: Host: securedbyprotect.com
URL: https://securedbyprotect.com/css/home.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a54883ecd0624aac1629ae748b7ba529974221f483b35ff9f4a037bc296d14fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:43:04 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 18:05:53 GMT
server: cloudflare
etag: "62337881-547"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSR6waaD8hQkiOmJhYTss7X3PZHEQCgGLRExSZQE2o%2Bo73ko6CoIWL88xdZD6kwGMGkHA4cfG0%2BtqjQ99BoSYY%2FlCqhPv3ySl0Zv6YZ3vM2L3j%2FkTn8%2FvLov2sHz%2BH2DqBvJd77shwyq7%2BQ6fOOW6uFg0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f139c3529ba374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1351

GET
H3 200 pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v11/ 17 KB
17 KB 26ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v11/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7287735cb481be63658ddbb5412092d2539823978d2f4d294da10aaa81e32265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securedbyprotect.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:40:48 GMT
x-content-type-options: nosniff
age: 104535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17112
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:15:31 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:40:48 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 311ms
100ms Image
image/gif 3.219.107.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=317213688&u=6797511479797607&v=4163098656943187&s=6542928129173796&b=web&tv=4.0&z=0&h=%2F&d=securedbyprotect.com&t=Protect%20Mortgage%20Quotes&ts=1648168984407&st=1648168984409

Requested by

Host: securedbyprotect.com
URL: https://securedbyprotect.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.219.107.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-107-245.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 00:43:04 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame AA5C 2 KB
1 KB 35ms
6ms Document
text/html 18.66.139.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2432336.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-40.fra60.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: ZGXra4yMUZRcsNv3HUkvqnUq-1rWIqIsZcyiNP7Ks7w_ZB_blPupvg==
age: 4204257

POST
H2 200 response.json Show response
script.anura.io/ 52 B
405 B 98ms
58ms XHR
application/json 18.135.170.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=56309078&source=undefined&campaign=undefined&535674499968

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.170.242 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-135-170-242.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4411c98bb9a38b8cfbe9ba8be868a94dcc2ec29384e446bd589593850060b3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securedbyprotect.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 00:43:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2432336/ 146 B
321 B 104ms
34ms XHR
application/json 99.80.161.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2432336/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.161.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-161-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d

Request headers

Referer: https://securedbyprotect.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 25 Mar 2022 00:43:04 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 enqueue Show response
api.traversedlp.com/retargetinginclusion/ 0
328 B 100ms
100ms XHR
text/plain 34.234.224.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.224.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-224-105.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securedbyprotect.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://securedbyprotect.com
date: Fri, 25 Mar 2022 00:43:04 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
vary: X-HTTP-Method-Override
access-control-expose-headers

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ Frame 0
0 293ms
98ms Preflight
text/html 34.234.224.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.224.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-224-105.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://securedbyprotect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 25 Mar 2022 00:43:04 GMT
content-type: text/html; charset=utf-8
content-length: 228
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: https://securedbyprotect.com
access-control-allow-credentials: true
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: content-type,authorization
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary: Accept-Encoding

POST
H2 200 content Show response
ws25.hotjar.com/api/v2/sites/2432336/recordings/ 66 B
259 B 296ms
126ms XHR
application/json 34.255.141.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws25.hotjar.com/api/v2/sites/2432336/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.141.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-141-187.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 56ca603ea3514889c5f9e664b6796ad4e886e495ee538ec761853988d6ab68d6

Request headers

Referer: https://securedbyprotect.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 25 Mar 2022 00:43:04 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GD2XNM31RH&gtm=2oe3e0&_p=838734522&sr=1600x1200&ul=en-us&cid=597093862.1648168984&_s=2&dl=https%3A%2F%2Fsecuredbyprotect.com%2F&dt=Protect%20Mortgage%20Quotes&sid=1648168983&sct=1&seg=0&en=lander_1&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GD2XNM31RH&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://securedbyprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 00:43:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securedbyprotect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.securedbyprotect.com/	1970-01-20 01:50:55	Name: sub1 Value: undefined
.securedbyprotect.com/	1970-01-20 01:50:55	Name: sub2 Value: undefined
.securedbyprotect.com/	1970-01-20 01:50:55	Name: sub3 Value: undefined
.securedbyprotect.com/	1970-01-20 19:20:40	Name: _ga_GD2XNM31RH Value: GS1.1.1648168983.1.0.1648168983.0
.securedbyprotect.com/	1970-01-20 19:20:40	Name: _ga Value: GA1.2.597093862.1648168984
.securedbyprotect.com/	1970-01-20 01:50:55	Name: _gid Value: GA1.2.1820123614.1648168984
.securedbyprotect.com/	1970-01-20 01:49:29	Name: _gat_UA-9244951-103 Value: 1
signals.aimtell.com/	1970-01-20 10:33:38	Name: s0 Value: 49249491-b6f6-0b44-1788-5f2430e51e51
.securedbyprotect.com/	1970-01-20 11:17:26	Name: _hp2_id.317213688 Value: %7B%22userId%22%3A%226797511479797607%22%2C%22pageviewId%22%3A%224163098656943187%22%2C%22sessionId%22%3A%226542928129173796%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.securedbyprotect.com/	1970-01-20 10:35:04	Name: _hjSessionUser_2432336 Value: eyJpZCI6IjE3NDg2Y2U4LWZlZmItNTM2MC1hZDVlLTY5NGNiMGQ5OWNjOCIsImNyZWF0ZWQiOjE2NDgxNjg5ODQyMzEsImV4aXN0aW5nIjpmYWxzZX0=
.securedbyprotect.com/	1970-01-20 01:49:30	Name: _hjFirstSeen Value: 1
securedbyprotect.com/	1970-01-20 01:49:29	Name: _hjIncludedInSessionSample Value: 1
.securedbyprotect.com/	1970-01-20 01:49:30	Name: _hjSession_2432336 Value: eyJpZCI6IjBjN2ZhYjA4LTA2ZWItNGVmZC1hMDM1LTRjZTFkNjJlZjA0NyIsImNyZWF0ZWQiOjE2NDgxNjg5ODQ1MjMsImluU2FtcGxlIjp0cnVlfQ==
securedbyprotect.com/	1970-01-20 01:49:29	Name: _hjIncludedInPageviewSample Value: 1
.securedbyprotect.com/	1970-01-20 01:49:30	Name: _hjAbsoluteSessionInProgress Value: 0
.securedbyprotect.com/	1970-01-20 01:49:30	Name: _hp2_ses_props.317213688 Value: %7B%22ts%22%3A1648168984407%2C%22d%22%3A%22securedbyprotect.com%22%2C%22h%22%3A%22%2F%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.traversedlp.com
cdn.heapanalytics.com
cdn.jsdelivr.net
cdn.rawgit.com
cdnjs.cloudflare.com
ckanalyze.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
in.hotjar.com
m3.ckanalyze.com
maxcdn.bootstrapcdn.com
script.anura.io
script.hotjar.com
securedbyprotect.com
signals.aimtell.com
stackpath.bootstrapcdn.com
static.hotjar.com
static.traversedlp.com
vars.hotjar.com
ws25.hotjar.com
www.google-analytics.com
www.googletagmanager.com
108.157.4.122
108.157.4.21
108.157.4.35
18.135.170.242
18.64.79.11
18.66.139.40
188.114.96.7
188.114.97.7
2001:4de0:ac18::1:a:1a
2606:4700::6810:125e
2606:4700::6810:5814
2606:4700::6812:1e97
2606:4700::6812:bcf
2a00:1450:4001:810::200e
2a00:1450:4001:813::2008
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a06:98c1:3121::7
3.219.107.245
34.234.224.105
34.255.141.187
84.17.46.53
99.80.161.153
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4
0c9dbcc0cf3b05a6e31f3306731fc66c61166a85815029eeddd2f9b7af56f111
167e79585dca170558e7d37023e25126de0d7f0fe8b42dd215cef79e3b250b6d
177c63f8ed110cccfe81ea2fa9e0ced72e159b7d7a514bccb58c33e7e08769c5
1ae67e79e2e9965988f4957a8f667b45b6de6a5faba75b866e409787b78c7378
1f0ee93f127aa11beca91c7a56fbe8605be824bf77a26f045f03c26bd17dca9d
222f65e8b3e2675faaea47ccde9ed3ba07b0e1318e4b8795cfcd560ed7d0013b
261acccd1fb38561d3356f79eb99b1f96f66c082c19ac471a9353a1206473d19
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce
38ec738f8509bf9f8d8d952f45f638c0ee94da386e903edd6149d7dbcdfd2b8b
3a89ec66d9877967af26c9af370c41161caec83d22c1f859f317370298e6093b
3ac386435401684c5e2b29730d6565c58ebf261bcba6eb1c8213b09bbabce950
3fa783d518af57a1bbfbf217dc2560375848b964ac5ef40a47b354f269947900
41448cbf95276f88793f659cdcd6d0baef9c7d28c52bda053d829ef2f5141769
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
4411c98bb9a38b8cfbe9ba8be868a94dcc2ec29384e446bd589593850060b3cd
4866a915e6d90a162b0b6c576ddc28afb7c121600525641693b8b2cd1174dd37
4e6ea8b9aeed63384af7de7c8f23c9eba449b2bc49d563f02c0f2afbac828bfa
56ca603ea3514889c5f9e664b6796ad4e886e495ee538ec761853988d6ab68d6
58e99bf4934276421411052bee9e95684188bed48cc5143642ced6a4f6cb23b6
5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d
5eb25e7ba64743b9eee094e61a965f69cb129ecadbaec204c16902f040cc3b7a
62cb5c343a2fe51a2845a9ce112dba22b1dd92e5c0d3c5a91409c98edcf31035
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6763de73150d26e3296cd0154ff12dede3b5d39251c734c0ae4f8af4e437e4cc
6869d2ea01ac565aef43199cdb1faf49d779a01c1e30f179c8b6e0ab62db5082
69279bee49c5f3502f7a3f07358da1562cc0a10d57e8a56cfc0f8977d367c99f
6a6d7f24b002f594fa0d3d75ff44e5d89ca32b445c4249068f7ff3eefc0cb80a
6b04fe5952b13d4d217fbc6a9824fe9b40bfecbff60dc8e2c4c2b5d846a171c9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7287735cb481be63658ddbb5412092d2539823978d2f4d294da10aaa81e32265
73ce30b89328e701be6dc357cd269f27aaa61429a3b67fa03d5bb857cef5bb48
7b9b7e8d8aa06e5203b0f8d3f204baa77fd0fa0d2e596f75663d678184f28a6b
7fa42673b65d038e506efb9aab7e3917e978143ce729e76e419d611d867f52d3
8af52cdb7068ec0dad8355ec4a5bad77b17a3cc1e8bc19b0f66f41d4a53ac3c0
8bf68e10f551c5002863329e0746f257698d9c85c040e8fd1c92005150579eed
91aa3db5531ca1ef456935a6c1ec5ec1c0de5995b5b6a599fd3fa92097563ccb
9fa222a4f3c348927dabe8e847bb56285f50b3076d473da64fb813c218951441
a01c1458f53cbe09e40e9e5dfca4a24e924dc92bfb4bba53f6b500b138c2f7c6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a54883ecd0624aac1629ae748b7ba529974221f483b35ff9f4a037bc296d14fe
b0214d46ae4ad8e9db73aed8f4421c249d8b70de605a3dafb2f65df8abf0810d
b6adef316a61c92cd604fe230a822063dfd9382cdfd5500cc8fadd9cea11bbf6
b83391733cf98c12ed0a1d153a4a74d17c79005222f950b94929c968907dab0e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd904e59c118a4a17e42f7b8dc3d5308da94ba75e42d88973841050ebdc7098
c2b6909b216a7d67d435293c1059280add6bcfafaf9f69a66e14da17e0418a7f
c30140c8fe5e960ed2ca2f656b192abe6e57041dab8870d4cd81fc0a3a2ba117
c8df9f8476a1cff6d9390f48e18ed71fe8270f5f928d413e58f764ee5323bb68
d3e82375a9a2ea5bb9773c79885d0eaa2d434b66e410bca7d433d9db3ee5e80b
d69c7add72f04113da3a831c494601dc5ec9dcab7e41dc64e77e78ad72819cbc
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e10549b33dd4a7c68c3f2dccfe90f12688919ab9a0f5ba3b4b6fa410eae666ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed251097562769a121846bddaa8adc03bfaa05a3fa69bb59bbab3a1721d1b991
f4cbb30cdd25603951f2d393e780e4695cfc50576cc69fd90712c318cdf83200
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

securedbyprotect.com Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

43 %IPv6

16 Domains

24 Subdomains

22 IPs

6 Countries

1719 kBTransfer

2585 kBSize

16 Cookies

0 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

securedbyprotect.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

43 %
IPv6

16
Domains

24
Subdomains

22
IPs

6
Countries

1719 kB
Transfer

2585 kB
Size

16
Cookies

62 HTTP transactions
0 data transactions