protection-widget.route.com Open in urlscan Pro
2600:9000:2156:4c00:2:3d40:da40:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://protection-widget.route.com/
Effective URL:
https://protection-widget.route.com/
Submission Tags: falconsandbox
Submission: On June 24 via api (June 24th 2022, 3:59:35 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2600:9000:2156:4c00:2:3d40:da40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is protection-widget.route.com. The Cisco Umbrella rank of the primary domain is 25714.
TLS certificate: Issued by Amazon on May 23rd 2022. Valid for: a year.

This is the only time protection-widget.route.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2600:9000:215... 2600:9000:2156:4c00:2:3d40:da40:93a1	16509 (AMAZON-02) (AMAZON-02)
6	34.200.54.152 34.200.54.152	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:215... 2600:9000:2156:2a00:18:3691:8a00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:4400:8:1b88:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
5	2600:9000:215... 2600:9000:2156:a800:12:10cc:e840:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
18	7

3 2600:9000:2156:4c00:2:3d40:da40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

protection-widget.route.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.200.54.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-54-152.compute-1.amazonaws.com

api-stage.route.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2a00:18:3691:8a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

protect-quote-q-stage.route.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4400:8:1b88:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

stage-protect-lightning-bolt-widget.route.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2156:a800:12:10cc:e840:93a1 (United States)

ASN16509 (AMAZON-02, US)

protect-lightning-bolt-widget.route.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	route.com 1 redirects protection-widget.route.com — Cisco Umbrella Rank: 25714 api-stage.route.com protect-quote-q-stage.route.com stage-protect-lightning-bolt-widget.route.com protect-lightning-bolt-widget.route.com — Cisco Umbrella Rank: 196448	116 KB
2	gstatic.com fonts.gstatic.com	25 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
18	3

	Domain	Requested by
6	api-stage.route.com	protection-widget.route.com
5	protect-lightning-bolt-widget.route.com
3	protection-widget.route.com	1 redirects protection-widget.route.com
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	client
1	stage-protect-lightning-bolt-widget.route.com	protection-widget.route.com
1	protect-quote-q-stage.route.com	protection-widget.route.com
18	7

This site contains links to these domains. Also see Links.

Domain
help.route.com
route.com

Subject Issuer	Validity	Valid
*.route.com Amazon	`2022-05-23` - `2023-06-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://protection-widget.route.com/
Frame ID: CB599ACA4889761EB4B6FC45E4987107
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://protection-widget.route.com/ HTTP 301
https://protection-widget.route.com/ Page URL

Page Statistics

18
Requests

100 %
HTTPS

86 %
IPv6

3
Domains

7
Subdomains

7
IPs

3
Countries

141 kB
Transfer

420 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://help.route.com/hc/en-us/articles/360020319513-How-to-file-a-claim
Title: File A Claim

Search URL Search Domain Scan URL

URL: https://route.com/privacy/
Title: User Privacy

Search URL Search Domain Scan URL

URL: https://route.com/terms-and-conditions/
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://protection-widget.route.com/ HTTP 301
https://protection-widget.route.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
protection-widget.route.com/
Redirect Chain

http://protection-widget.route.com/
https://protection-widget.route.com/

4 KB
1 KB

122ms
39ms

Document
text/html

2600:9000:2156:4c00:2:3d40:da40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protection-widget.route.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4c00:2:3d40:da40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b24f0e673c6ba771e466fb9c56c59043f1250c37ef9985212465d1d9c76c1a8d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10306
content-encoding: gzip
content-type: text/html
date: Fri, 24 Jun 2022 13:07:45 GMT
etag: W/"c4134990de9e2a77e8c6fda0b63caee1"
last-modified: Thu, 17 Mar 2022 17:30:16 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
x-amz-cf-id: JkurO2iJL-xS8YmZllipxZQsX6vUGT3OKSwLtYOm7wuX2AkFKRKghA==
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: QKGUrXi0zIH1YvIpI6ixSAiwTaCFakEC
x-cache: Hit from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 183
Content-Type: text/html
Date: Fri, 24 Jun 2022 15:59:30 GMT
Location: https://protection-widget.route.com/
Server: CloudFront
Via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
X-Amz-Cf-Id: yPNMo9zfIXOmJu6PL9h2On9C2vvJkJU-q7IuA3dWIgGyLjfGZlKYNw==
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront

GET
H2 200 protect.core.js Show response
protection-widget.route.com/ 169 KB
38 KB 44ms
43ms Script
application/javascript 2600:9000:2156:4c00:2:3d40:da40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protection-widget.route.com/protect.core.js
Requested by: Host: protection-widget.route.com
URL: https://protection-widget.route.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4c00:2:3d40:da40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c6954f83554f86add5f8006bb9a408a91eb23e2a23be56bc692187d5bedf94b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection-widget.route.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: xlLutbiZeGAmsJO5d4aTVtONFeQyXvSq
content-encoding: gzip
etag: W/"f470272d1a8a38a004082a2a24c9aed7"
last-modified: Thu, 17 Mar 2022 17:30:16 GMT
server: AmazonS3
age: 70602
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
date: Thu, 23 Jun 2022 20:22:49 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Mrf4PBCO0EPwZG4V5tNIM4G-W8a910mfh3pvvDYot2MS049y_03usw==

POST
H2 202 session_start Show response
api-stage.route.com/v1/analytics/ 668 B
1 KB 134ms
133ms XHR
application/json 34.200.54.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-stage.route.com/v1/analytics/session_start

Requested by

Host: protection-widget.route.com
URL: https://protection-widget.route.com/protect.core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.200.54.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-54-152.compute-1.amazonaws.com

Software

Caddy /

Resource Hash

ec0e2564a8a7c81c5c00f351955122ffa985dc9d7c2890b6e454478390362904

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://protection-widget.route.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 24 Jun 2022 15:59:31 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-limit: 60
strict-transport-security: max-age=15552000; includeSubDomains
content-length: 668
x-xss-protection: 0
referrer-policy: no-referrer
server: Caddy
x-frame-options: SAMEORIGIN
etag: W/"29c-KcT5JgP9lDIfGpPvFZdtV0NqUjY"
expect-ct: max-age=0
x-ratelimit-remaining: 59
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-ratelimit-reset: 1656086375
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests

GET
H2 200 function Show response
protect-quote-q-stage.route.com/v2/quotes/ 24 KB
7 KB 332ms
145ms XHR
application/javascript 2600:9000:2156:2a00:18:3691:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protect-quote-q-stage.route.com/v2/quotes/function?merchant_id=merch_123456789012345&currency=USD&namespace=__Route
Requested by: Host: protection-widget.route.com
URL: https://protection-widget.route.com/protect.core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:18:3691:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 99b8faf859dcba6ed99f21b1236d8d50ea98281c907009c7f878713985e10132

Request headers

Accept: application/json, text/plain, */*
Referer: https://protection-widget.route.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 15:54:31 GMT
content-encoding: br
server: Caddy
age: 299
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
content-length: 6714
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-request-id: a40fc4d7-e549-4c03-bd22-5a6ccdde4b33
x-amz-cf-id: PeSKzGiXuaDdlvSZaQP0ZeMDQ1ScxTNUoCsiaApM2aAqBf3vpfz5XQ==

GET
H2 200 assets Show response
api-stage.route.com/v1/protect/merchants/merch_123456789012345/ 2 B
269 B 472ms
163ms XHR
application/json 34.200.54.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-stage.route.com/v1/protect/merchants/merch_123456789012345/assets

Requested by

Host: protection-widget.route.com
URL: https://protection-widget.route.com/protect.core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.200.54.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-54-152.compute-1.amazonaws.com

Software

Caddy / Strapi <strapi.io>

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://protection-widget.route.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 3ms
date: Fri, 24 Jun 2022 15:59:31 GMT
vary: Origin
server: Caddy
x-powered-by: Strapi <strapi.io>
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2

OPTIONS
H2 204 session_start
api-stage.route.com/v1/analytics/ 0
0 435ms
125ms Preflight 34.200.54.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-stage.route.com/v1/analytics/session_start
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.54.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-54-152.compute-1.amazonaws.com
Software: Caddy / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://protection-widget.route.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 24 Jun 2022 15:59:31 GMT
server: Caddy
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 assets Show response
api-stage.route.com/v1/protect/merchants/merch_123456789012345/ 2 B
268 B 138ms
138ms XHR
application/json 34.200.54.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-stage.route.com/v1/protect/merchants/merch_123456789012345/assets

Requested by

Host: protection-widget.route.com
URL: https://protection-widget.route.com/protect.core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.200.54.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-54-152.compute-1.amazonaws.com

Software

Caddy / Strapi <strapi.io>

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://protection-widget.route.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 2ms
date: Fri, 24 Jun 2022 15:59:31 GMT
vary: Origin
server: Caddy
x-powered-by: Strapi <strapi.io>
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2

GET
H2 200 protect.widget.js Show response
stage-protect-lightning-bolt-widget.route.com/ 179 KB
57 KB 719ms
598ms Script
application/javascript 2600:9000:2156:4400:8:1b88:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stage-protect-lightning-bolt-widget.route.com/protect.widget.js
Requested by: Host: protection-widget.route.com
URL: https://protection-widget.route.com/protect.core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4400:8:1b88:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f73a6801a794239e4be4b6a81e105e5fc97bf35ecc1734473efb089f1e05285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection-widget.route.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 24 Jun 2022 15:59:32 GMT
content-encoding: gzip
last-modified: Fri, 06 May 2022 06:46:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"ee03c9b6b56c582d56a3b5b4a6bdebf2"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: LFF1U4mRmFQI.n5H5AtG2pwZYLxoNVGC
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
content-type: application/javascript
x-amz-cf-id: rmmzskZD3VmyWSsnQrMFQ0AzZhtTG8tw5SjIv2xNd9Fk00lny8wKnQ==

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 135ms
49ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Titillium+Web:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4f4030cd67238e33a09db4d2cc2962d67664a21ab0db19da37bfd23510e6137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection-widget.route.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 15:59:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 24 Jun 2022 15:59:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Jun 2022 15:59:32 GMT

GET
H2 200 logo-lighting-light.svg
protect-lightning-bolt-widget.route.com/assets/ 3 KB
1 KB 201ms
39ms Image
image/svg+xml 2600:9000:2156:a800:12:10cc:e840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protect-lightning-bolt-widget.route.com/assets/logo-lighting-light.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a800:12:10cc:e840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 833e8d8b1571f6c7af5784b859f5cc414e37003173234cc01f90380b636048a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection-widget.route.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: OFGnuGKUimGfkk0C7IFThmZFI5cgTiEW
content-encoding: gzip
etag: W/"cf7424cd225478c42b9db86204f28f5e"
last-modified: Thu, 20 Jan 2022 21:01:07 GMT
server: AmazonS3
age: 41128
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
date: Fri, 24 Jun 2022 04:34:05 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: oJB3-NgKgCj6RvABXggMr7iQokvvuMjwHUUkpCv2tyB4CzvZTfxWcA==

GET
H2 200 logo-route-black.svg
protect-lightning-bolt-widget.route.com/assets/ 642 B
1 KB 199ms
38ms Image
image/svg+xml 2600:9000:2156:a800:12:10cc:e840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protect-lightning-bolt-widget.route.com/assets/logo-route-black.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a800:12:10cc:e840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 925b2b9225d12921f2b50f1f768b82341cd1cec4f3e1d1f35f417361f288c3c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection-widget.route.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 24 Jun 2022 00:53:12 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jan 2022 21:01:07 GMT
server: AmazonS3
age: 54381
etag: "ddf1b74121d3d4ce2fe1c56e36968c1a"
x-cache: Hit from cloudfront
x-amz-version-id: JrJn6PxHQ.s0P7e19Ue9ZKQpAx7GgDuQ
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 642
x-amz-cf-id: KK-iMjt8cq6s7Gc_g6ywtElK59BD2nqUfPBWcQZTFiiF2kA2GaDBAA==

GET
H2 200 icon-close.svg
protect-lightning-bolt-widget.route.com/assets/ 776 B
1 KB 189ms
39ms Image
image/svg+xml 2600:9000:2156:a800:12:10cc:e840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protect-lightning-bolt-widget.route.com/assets/icon-close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a800:12:10cc:e840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e332d86ea532586d3d2cd1e4c2629ca537950a3a5f001324cc81231017ee510e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection-widget.route.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: mXr6xDfMF9UJiR9oVeiYjhcfCenZ5nx4
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
etag: "3931966de012b857b00ed23ff9a987ad"
last-modified: Thu, 20 Jan 2022 21:01:07 GMT
server: AmazonS3
age: 50505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Fri, 24 Jun 2022 01:57:48 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 776
x-amz-cf-id: C_zV3ThUcvA-QrAOp_XmL-Y4SbZghWIhmIdJP0CT0iBtiF3sg3Us6w==

GET
H2 200 logo-lighting-bolt.svg
protect-lightning-bolt-widget.route.com/assets/ 3 KB
1 KB 207ms
58ms Image
image/svg+xml 2600:9000:2156:a800:12:10cc:e840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protect-lightning-bolt-widget.route.com/assets/logo-lighting-bolt.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a800:12:10cc:e840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7f39a10d3bbd1dc6f9221bdbde12218a823e70a56d0a761e2e392a73916aa1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection-widget.route.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: k6SZIIe1r0.Xe.OhNOBxQu3.B59etSiz
content-encoding: gzip
etag: W/"b668c54cbcce8aa4e08f2028e761c8d7"
last-modified: Thu, 20 Jan 2022 21:01:07 GMT
server: AmazonS3
age: 45402
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
date: Fri, 24 Jun 2022 03:22:51 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 1DVPGH3iGuPnjxsdi8arhXa6k0Cv6fmwWlxS4e4TBTvnw_PLIP0-9w==

GET
H2 200 badge-powered-by.svg
protect-lightning-bolt-widget.route.com/assets/ 6 KB
3 KB 189ms
40ms Image
image/svg+xml 2600:9000:2156:a800:12:10cc:e840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protect-lightning-bolt-widget.route.com/assets/badge-powered-by.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a800:12:10cc:e840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc3285141e3aca4c9ba0bc4b6bbb0cfb9a8649b632f7722b9c963fed2a679bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection-widget.route.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 24 Jun 2022 03:05:04 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 21:01:07 GMT
server: AmazonS3
age: 46469
etag: W/"c8f0d802a255c2e2fc1dc3424bbf2c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: iG6Nh3.zY9lBcPDU31blzulqCFOpHK37
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: image/svg+xml
x-amz-cf-id: CM_P066ZJ897f3jZA4f8NRa8REt4L7HCYigZ9Og3jgm2fyQ_8lJgSA==

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 121ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titillium+Web:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://protection-widget.route.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:30:09 GMT
x-content-type-options: nosniff
age: 160163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12136
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:39:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 19:30:09 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 127ms
45ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titillium+Web:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://protection-widget.route.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:26:04 GMT
x-content-type-options: nosniff
age: 160408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12372
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 19:26:04 GMT

POST
H2 202 bulkevents Show response
api-stage.route.com/v1/analytics/ 2 KB
2 KB 136ms
135ms XHR
application/json 34.200.54.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-stage.route.com/v1/analytics/bulkevents

Requested by

Host: protection-widget.route.com
URL: https://protection-widget.route.com/protect.core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.200.54.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-54-152.compute-1.amazonaws.com

Software

Caddy /

Resource Hash

65a5381505362a7f0ac510006aa354dc6b74ddcde9a51475a79adcb152570437

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://protection-widget.route.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 24 Jun 2022 15:59:34 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-ratelimit-limit: 60
strict-transport-security: max-age=15552000; includeSubDomains
content-length: 1807
x-xss-protection: 0
referrer-policy: no-referrer
server: Caddy
x-frame-options: SAMEORIGIN
etag: W/"70f-ftNHvAspC9a9GxSG4rS0KX3gXSI"
expect-ct: max-age=0
x-ratelimit-remaining: 59
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-ratelimit-reset: 1656086375
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests

OPTIONS
H2 204 bulkevents
api-stage.route.com/v1/analytics/ 0
0 128ms
128ms Preflight 34.200.54.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-stage.route.com/v1/analytics/bulkevents
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.54.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-54-152.compute-1.amazonaws.com
Software: Caddy / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://protection-widget.route.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 24 Jun 2022 15:59:34 GMT
server: Caddy
vary: Access-Control-Request-Headers
x-powered-by: Express

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			protection-widget.route.com/	1970-01-20 04:11:31	Name: _route_pa_sid Value: 89257527-2f08-41bd-b007-7409d7dbad17
			protection-widget.route.com/	1970-01-20 04:11:31	Name: _route_pa_session_start Value: 1656086370726

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-stage.route.com
fonts.googleapis.com
fonts.gstatic.com
protect-lightning-bolt-widget.route.com
protect-quote-q-stage.route.com
protection-widget.route.com
stage-protect-lightning-bolt-widget.route.com
2600:9000:2156:2a00:18:3691:8a00:93a1
2600:9000:2156:4400:8:1b88:4780:93a1
2600:9000:2156:4c00:2:3d40:da40:93a1
2600:9000:2156:a800:12:10cc:e840:93a1
2a00:1450:4001:82f::2003
2a00:1450:400e:80c::200a
34.200.54.152
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
65a5381505362a7f0ac510006aa354dc6b74ddcde9a51475a79adcb152570437
6f73a6801a794239e4be4b6a81e105e5fc97bf35ecc1734473efb089f1e05285
7c6954f83554f86add5f8006bb9a408a91eb23e2a23be56bc692187d5bedf94b
833e8d8b1571f6c7af5784b859f5cc414e37003173234cc01f90380b636048a0
925b2b9225d12921f2b50f1f768b82341cd1cec4f3e1d1f35f417361f288c3c7
99b8faf859dcba6ed99f21b1236d8d50ea98281c907009c7f878713985e10132
b24f0e673c6ba771e466fb9c56c59043f1250c37ef9985212465d1d9c76c1a8d
b4f4030cd67238e33a09db4d2cc2962d67664a21ab0db19da37bfd23510e6137
cc3285141e3aca4c9ba0bc4b6bbb0cfb9a8649b632f7722b9c963fed2a679bda
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
e332d86ea532586d3d2cd1e4c2629ca537950a3a5f001324cc81231017ee510e
e7f39a10d3bbd1dc6f9221bdbde12218a823e70a56d0a761e2e392a73916aa1b
ec0e2564a8a7c81c5c00f351955122ffa985dc9d7c2890b6e454478390362904

protection-widget.route.com Open in urlscan Pro 2600:9000:2156:4c00:2:3d40:da40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

86 %IPv6

3 Domains

7 Subdomains

7 IPs

3 Countries

141 kBTransfer

420 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

2 Cookies

Indicators

protection-widget.route.com Open in urlscan Pro
2600:9000:2156:4c00:2:3d40:da40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

86 %
IPv6

3
Domains

7
Subdomains

7
IPs

3
Countries

141 kB
Transfer

420 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions