autowarranty.protect.com Open in urlscan Pro
2606:4700:3038::6815:e9f8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dealfinderguide.com/clicks?cid=26646&pub=202226&sid1=703013&sid2=244014114&sid3=5525&sid4=&lp=8287
Effective URL:
https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Submission: On April 29 via manual (April 29th 2021, 1:13:20 am UTC) from IN

Summary HTTP 90 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 2 countries across 27 domains to perform 90 HTTP transactions. The main IP is 2606:4700:3038::6815:e9f8, located in United States and belongs to CLOUDFLARENET, US. The main domain is autowarranty.protect.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2020. Valid for: a year.

This is the only time autowarranty.protect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	23.236.203.43 23.236.203.43	55286 (SERVER-MANIA) (SERVER-MANIA)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:a800:10:b308:84c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.84.33 65.9.84.33	16509 (AMAZON-02) (AMAZON-02)
2	52.86.198.209 52.86.198.209	14618 (AMAZON-AES) (AMAZON-AES)
15	2606:4700:303... 2606:4700:3038::6815:e9f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.106.26 13.224.106.26	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	13.224.106.24 13.224.106.24	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
2	205.235.84.161 205.235.84.161	62947 (IMDC-AS1) (IMDC-AS1)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
2	185.199.110.153 185.199.110.153	54113 (FASTLY) (FASTLY)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2.16.186.234 2.16.186.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	104.19.149.54 104.19.149.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:26b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	107.21.34.105 107.21.34.105	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:210... 2600:9000:2104:d400:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
3	199.38.167.35 199.38.167.35	54312 (ROCKETFUEL) (ROCKETFUEL)
7	34.196.123.186 34.196.123.186	14618 (AMAZON-AES) (AMAZON-AES)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1	13.224.118.94 13.224.118.94	16509 (AMAZON-02) (AMAZON-02)
1	3.227.129.168 3.227.129.168	14618 (AMAZON-AES) (AMAZON-AES)
90	34

2 23.236.203.43 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)

dealfinderguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:a800:10:b308:84c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.bouncepilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.33 (United States)

ASN16509 (AMAZON-02, US)

static.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.198.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-198-209.compute-1.amazonaws.com

api.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3038::6815:e9f8 (United States)

ASN13335 (CLOUDFLARENET, US)

autowarranty.protect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.106.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-26.mad50.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.106.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-24.mad50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

9581003.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.235.84.161 (Nokesville, United States)

ASN62947 (IMDC-AS1, US)

udxsva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.110.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-153.github.com

dmap.dmsengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.186.234 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-234.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.149.54 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.21.34.105 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-34-105.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:d400:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.38.167.35 (United States)

ASN54312 (ROCKETFUEL, US)

com-dmscw.netmng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.196.123.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-123-186.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.118.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-118-94.mad50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.227.129.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-129-168.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	protect.com autowarranty.protect.com	611 KB
8	tiktok.com analytics.tiktok.com	126 KB
7	leadid.com create.leadid.com	2 KB
7	trustedform.com 1 redirects api.trustedform.com cdn.trustedform.com	28 KB
6	facebook.com www.facebook.com	700 B
4	bing.com bat.bing.com	9 KB
4	doubleclick.net 1 redirects 9581003.fls.doubleclick.net googleads.g.doubleclick.net	4 KB
3	netmng.com com-dmscw.netmng.com	7 KB
3	google.de adservice.google.de www.google.de	437 B
3	google.com adservice.google.com www.google.com	689 B
3	facebook.net connect.facebook.net	168 KB
3	traversedlp.com static.traversedlp.com api.traversedlp.com	4 KB
3	googletagmanager.com www.googletagmanager.com	124 KB
2	snapchat.com tr.snapchat.com	567 B
2	dmsengage.com dmap.dmsengage.com	15 KB
2	udxsva.com udxsva.com	388 B
2	sc-static.net sc-static.net	15 KB
2	googleadservices.com www.googleadservices.com	30 KB
2	dealfinderguide.com dealfinderguide.com	6 KB
1	trueleadid.com deviceid.trueleadid.com	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com	39 KB
1	permutive.com cdn.permutive.com	50 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	google-analytics.com www.google-analytics.com	19 KB
1	pushnami.com api.pushnami.com	61 KB
1	bouncepilot.com static.bouncepilot.com	33 KB
90	27

	Domain	Requested by
15	autowarranty.protect.com	dealfinderguide.com autowarranty.protect.com cdn.trustedform.com
8	analytics.tiktok.com	dealfinderguide.com analytics.tiktok.com
7	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
6	www.facebook.com	autowarranty.protect.com
5	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
4	bat.bing.com	dealfinderguide.com bat.bing.com autowarranty.protect.com
3	com-dmscw.netmng.com	autowarranty.protect.com com-dmscw.netmng.com
3	connect.facebook.net	autowarranty.protect.com connect.facebook.net
3	www.googletagmanager.com	dealfinderguide.com autowarranty.protect.com www.googletagmanager.com
2	tr.snapchat.com
2	cdn.trustedform.com	autowarranty.protect.com api.trustedform.com
2	www.google.de	autowarranty.protect.com
2	www.google.com	autowarranty.protect.com
2	dmap.dmsengage.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	udxsva.com	autowarranty.protect.com cdn.trustedform.com
2	9581003.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	sc-static.net	autowarranty.protect.com sc-static.net
2	www.googleadservices.com	autowarranty.protect.com www.googletagmanager.com
2	api.traversedlp.com	static.traversedlp.com
2	dealfinderguide.com	dealfinderguide.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	autowarranty.protect.com
1	cdn.permutive.com	www.googletagmanager.com
1	cdn.jsdelivr.net	www.googletagmanager.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	9581003.fls.doubleclick.net
1	www.google-analytics.com	autowarranty.protect.com www.google-analytics.com
1	api.pushnami.com	autowarranty.protect.com
1	static.traversedlp.com	www.googletagmanager.com
1	static.bouncepilot.com	dealfinderguide.com
90	32

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.bouncepilot.com Amazon	`2020-07-21` - `2021-08-21`	a year	crt.sh
*.traversedlp.com Go Daddy Secure Certificate Authority - G2	`2020-12-29` - `2022-01-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
*.pushnami.com Amazon	`2021-04-18` - `2022-05-17`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
udxsva.com Go Daddy Secure Certificate Authority - G2	`2020-03-03` - `2022-05-02`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-26` - `2022-03-26`	a year	crt.sh
dmap.dmsengage.com R3	`2021-04-09` - `2021-07-08`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2021-03-02` - `2022-03-01`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2020-05-31` - `2021-05-31`	a year	crt.sh
cdn.trustedform.com Amazon	`2020-06-12` - `2021-07-12`	a year	crt.sh
*.netmng.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-04` - `2022-02-04`	a year	crt.sh
create.leadid.com Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.trustedform.com Amazon	`2020-11-11` - `2021-12-10`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2021-02-06` - `2022-03-07`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Frame ID: C778264B7DD1CC077A0D276D00C0BFF2
Requests: 81 HTTP requests in this frame

Frame: https://9581003.fls.doubleclick.net/activityi;dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013
Frame ID: C99BA5F31213F1153BA80372C8DCB9BB
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013
Frame ID: 7B3993BF1A5F3B7EE09CA3707ED0A2B0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013
Frame ID: 4E1996C2D4C4543228A358443C1E4E86
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=f78b4203-64b1-4e8e-8ab2-18646d480fa4
Frame ID: BECE1A2D2024BEBE571C6E59565F76BD
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=96A9798A-E015-462B-E184-8C9B891E81C7&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=C07AEED1-D117-7C02-F7EF-A29F8C2FDE30&lac=5AAB34D1-3BF2-F377-377F-D6E5BCA72416
Frame ID: E83A33F104175B695F7A446A96EC0894
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=96A9798A-E015-462B-E184-8C9B891E81C7&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=C07AEED1-D117-7C02-F7EF-A29F8C2FDE30&lac=5AAB34D1-3BF2-F377-377F-D6E5BCA72416
Frame ID: E79F04D5CA59EBDF3C7B54A78096CC99
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: AAFDADE342C8FFA6EBCDEE39BA3D4AD8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://dealfinderguide.com/clicks?cid=26646&pub=202226&sid1=703013&sid2=244014114&sid3=5525&sid4=&lp=8287 Page URL
https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

90
Requests

94 %
HTTPS

48 %
IPv6

27
Domains

32
Subdomains

34
IPs

2
Countries

1359 kB
Transfer

3271 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dealfinderguide.com/clicks?cid=26646&pub=202226&sid1=703013&sid2=244014114&sid3=5525&sid4=&lp=8287 Page URL
https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://9581003.fls.doubleclick.net/activityi;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013 HTTP 302
https://9581003.fls.doubleclick.net/activityi;dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013

Request Chain 59

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xx_trusted_form_cert_url&l=16196587840090.002760627633102475 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xx_trusted_form_cert_url&l=16196587840090.002760627633102475

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK clicks Show response
dealfinderguide.com/ 6 KB
6 KB 208ms
191ms Document
text/html 23.236.203.43
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://dealfinderguide.com/clicks?cid=26646&pub=202226&sid1=703013&sid2=244014114&sid3=5525&sid4=&lp=8287
Protocol: HTTP/1.1
Server: 23.236.203.43 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash: 4d78331e3770a9fced38b60ac64c88d64fe49e9b66ef49d8f2de01858596e0d5

Request headers

Host: dealfinderguide.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Thu, 29 Apr 2021 01:20:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.26

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 78 KB
31 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW

Requested by

Host: dealfinderguide.com
URL: http://dealfinderguide.com/clicks?cid=26646&pub=202226&sid1=703013&sid2=244014114&sid3=5525&sid4=&lp=8287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a3df970b4fce8ff618784e4c9007c88c0b55c7634dc86dd1394c2ffb9727289

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://dealfinderguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31424
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 00:34:39 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Apr 2021 01:13:02 GMT

POST
H/1.1 200
OK fp.php
dealfinderguide.com/ 253 B
453 B 316ms
316ms XHR
text/html 23.236.203.43
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://dealfinderguide.com/fp.php
Requested by: Host: dealfinderguide.com
URL: http://dealfinderguide.com/clicks?cid=26646&pub=202226&sid1=703013&sid2=244014114&sid3=5525&sid4=&lp=8287
Protocol: HTTP/1.1
Server: 23.236.203.43 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash

Request headers

Pragma: no-cache
Origin: http://dealfinderguide.com
Accept-Encoding: gzip, deflate
Host: dealfinderguide.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://dealfinderguide.com/clicks?cid=26646&pub=202226&sid1=703013&sid2=244014114&sid3=5525&sid4=&lp=8287
Connection: keep-alive
Content-Length: 831
Referer: http://dealfinderguide.com/clicks?cid=26646&pub=202226&sid1=703013&sid2=244014114&sid3=5525&sid4=&lp=8287
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 29 Apr 2021 01:20:44 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.26
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 29a38865-21e1-485f-8a85-c343bbbe30fb.js Show response
static.bouncepilot.com/ 33 KB
33 KB 56ms
15ms Script
application/javascript 2600:9000:2104:a800:10:b308:84c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by: Host: dealfinderguide.com
URL: http://dealfinderguide.com/clicks?cid=26646&pub=202226&sid1=703013&sid2=244014114&sid3=5525&sid4=&lp=8287
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:a800:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 990496c62d75c59da1df0eff05e9bec618c45cb59eab0e0864594c9251eba89c

Request headers

Referer: http://dealfinderguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 12:28:42 GMT
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
last-modified: Thu, 22 Apr 2021 12:25:11 GMT
server: AmazonS3
age: 104994
etag: "4e6941c0a0a55b2fb8d6aab28cda7689"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 33917
x-amz-cf-id: fiKU7K3G0G5Mw9Ua1O7Vv-RZLN6KFWbrTb-XGdUKTC8-Tlrkot8E-w==

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 54ms
14ms Script
application/javascript 65.9.84.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6883197c20c58a0804b6ad6da9c06c9daff14267d65fe286666a1c08a61ba1e1

Request headers

Referer: http://dealfinderguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z_rPBOpsutVE9bhWkpsIEjsEvYBS2ueX
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 19 Mar 2021 19:00:16 GMT
Server: AmazonS3
Age: 4933
ETag: W/"7d385c3008e7fc836888faf91fc98116"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Thu, 29 Apr 2021 00:46:06 GMT
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: ObSeOQE8AUjdKS_2J__BiCArZX4_XPsfI9N9IgKavEz77QRHluhOrw==

GET
H2 200 cookie
api.traversedlp.com/retargeting/v1/ 18 B
409 B 330ms
109ms XHR
application/json 52.86.198.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.198.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-198-209.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Referer: http://dealfinderguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:02 GMT
server: nginx/1.18.0
etag: W/"12-86d81FY+WDtP4sdiTK7DKw"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://dealfinderguide.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 18

GET
H2 200 Primary Request / Show response
autowarranty.protect.com/id4/ 26 KB
7 KB 401ms
366ms Document
text/html 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Requested by: Host: dealfinderguide.com
URL: http://dealfinderguide.com/clicks?cid=26646&pub=202226&sid1=703013&sid2=244014114&sid3=5525&sid4=&lp=8287
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75afbec90b13679a423a74bb5c743b350caca5faae729548ea2929e3ee4a9f12

Request headers

:method: GET
:authority: autowarranty.protect.com
:scheme: https
:path: /id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://dealfinderguide.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dealfinderguide.com/

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782; expires=Sat, 29-May-21 01:13:02 GMT; path=/; domain=.protect.com; HttpOnly; SameSite=Lax
cache-control: max-age=0
expires: Thu, 29 Apr 2021 01:13:03 GMT
cf-cache-status: DYNAMIC
cf-request-id: 09bcc8d02d0000325cbe0cb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bgSUa5%2B2t7pheqxZUIsDgbzAi44KSqmMQ3Ae1EZxlALDrh8ygxmxSxnRje2kV88Lec2MMpzfXrJHY1nEGOXdiBhIOEUWTU6XJtlJ9KTtF2wv9eCg2%2BZ9RjEUM5E2UR%2FEdqSC%2Bhk%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6474aa604dd9325c-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ Frame 0
0 319ms
107ms Preflight
text/html 52.86.198.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Server: 52.86.198.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-198-209.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://dealfinderguide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-type: text/html; charset=utf-8
content-length: 228
server: nginx/1.18.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://dealfinderguide.com
access-control-allow-credentials: true
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: content-type,authorization
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary: Accept-Encoding

POST enqueue
api.traversedlp.com/retargetinginclusion/ 0
0

GET
H3-29 200 bootstrap.css
autowarranty.protect.com/id4/static/libs/bootstrap/css/ 143 KB
20 KB 36ms
23ms Stylesheet
text/css 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autowarranty.protect.com/id4/static/libs/bootstrap/css/bootstrap.css
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

Request headers

:path: /id4/static/libs/bootstrap/css/bootstrap.css
pragma: no-cache
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 212071
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09bcc8d1b00000c2810fa2a000000001
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fQlzXWjRwu4S5BHC2%2B%2FD%2FVpsCSm976kDcsGdezN6wsva8A0efxcNsA4LnJmIzBW7ia5QPCRPQy0W%2FCCMJ8ie3zxIIhu4h0jDVSfJGlADzajTI0h8cuJRG0uEbNYsyfltTab%2BubU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6474aa62bd22c281-FRA
expires: Mon, 03 May 2021 14:18:32 GMT

GET
H3-29 200 bootstrap-select.css
autowarranty.protect.com/id4/static/libs/bootstrap-select/css/ 8 KB
2 KB 30ms
17ms Stylesheet
text/css 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autowarranty.protect.com/id4/static/libs/bootstrap-select/css/bootstrap-select.css
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0928ffb61d3ea63ffd4480c15a24c9f11221b491c24db772ef8d369e7ec0c66

Request headers

:path: /id4/static/libs/bootstrap-select/css/bootstrap-select.css
pragma: no-cache
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 212071
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09bcc8d1b00000c281bc2af000000001
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L4XfmDEfbWvgMEa76%2BxCc2kXn%2BGGA9uJAKFCOfIBwCs9zLOOHbbX81GDsAx6kdsmQm6fuBIeSgAWPuNTGxBWCgT80eyAlRl0ONioZM%2B0OFa1S24xl6Sl%2B3oVVJEUUvfsH1%2BnlVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6474aa62bd21c281-FRA
expires: Mon, 03 May 2021 14:18:32 GMT

GET
H3-29 200 font-awesome.css
autowarranty.protect.com/id4/static/libs/font-awesome/css/ 37 KB
7 KB 30ms
17ms Stylesheet
text/css 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autowarranty.protect.com/id4/static/libs/font-awesome/css/font-awesome.css
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67386dfc89f862a18f531a68507a146192ca44ba24fc0cb56bd35c0475831e9b

Request headers

:path: /id4/static/libs/font-awesome/css/font-awesome.css
pragma: no-cache
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 212071
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09bcc8d1b00000c281ea2dc000000001
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zVjoIKfjja3AYyFnMRs4j1E648wPWi4pGbaw9jAbUM1n8w0WolRZofNjSczFrbikvC%2FUR%2BKoUUK%2FqSganQgCLJ%2FD1Bom06JniWT9yZPC8dk%2FWVPzt4IAywXE%2BnzJ4bwM6ICayYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6474aa62bd23c281-FRA
expires: Mon, 03 May 2021 14:18:32 GMT

GET
H3-29 200 fonts.css
autowarranty.protect.com/id4/static/libs/fonts/ 289 B
735 B 35ms
22ms Stylesheet
text/css 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autowarranty.protect.com/id4/static/libs/fonts/fonts.css
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8720bceda6f642359ac03fc4b012a1cc4da4846cf51e6c47d0ecaed595565b65

Request headers

:path: /id4/static/libs/fonts/fonts.css
pragma: no-cache
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 361944
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09bcc8d1b00000c28139adf000000001
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y6gKZB9NHz4akktsiXnT7LjTX5u1oPq8Gb7d3n7xIpwXCaR8M5mYHJKFFWTqZhh6kL6SjD5qeuOmMUsxyISEqmhIu7KvTRxo932C%2FtJrJx5qMWmtFBW46q2huXLuD2sRN9tVwao%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6474aa62bd1fc281-FRA
expires: Sat, 01 May 2021 20:40:39 GMT

GET
H3-29 200 style.css
autowarranty.protect.com/id4/static/variants/1/css/ 25 KB
6 KB 28ms
16ms Stylesheet
text/css 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autowarranty.protect.com/id4/static/variants/1/css/style.css
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2098769f1236fde5996256469e69d85809913e9264db58b338a0399bae01bbaa

Request headers

:path: /id4/static/variants/1/css/style.css
pragma: no-cache
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 212071
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09bcc8d1af0000c2814520e000000001
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=onW6q6PmJ%2BTCvpxPG6jf9lxGjiR3qZbX5tEvJfkjfDyv2w5oi%2BtohZdNInJ8axeibN%2FwnJz2fn8sbX6IMan%2BW2EgxcOKClJUPp5ffY8v7NFidhtWuaOEhYMJk54iV%2B3JGvqWoag%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6474aa62bd1ec281-FRA
expires: Mon, 03 May 2021 14:18:32 GMT

GET
H2 200 5c9794702b05c91bf12c1517 Show response
api.pushnami.com/scripts/v1/push/ 241 KB
61 KB 403ms
325ms Script
application/javascript 13.224.106.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/push/5c9794702b05c91bf12c1517
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-26.mad50.r.cloudfront.net
Software: /
Resource Hash: 9380fe9748e614960c45d41d8a53e2b59fafca0e3b4253a1b2e47451fb46d000

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
via: 1.1 adaa7e69b304066aa4eaf0d2190ecfd7.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
content-encoding: gzip
x-amz-cf-id: Edtq_AuISr1_nU5Fsl1JleYBdJ0OlCikmoYBzdWMt4ni9g6i1Bx2AQ==

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 43 KB
17 KB 44ms
21ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

13260c49d665eb7b00855cf3ed00d0becc926580cddc18710f7f4630dd3472f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16588
x-xss-protection: 0
server: cafe
etag: 3760350618804806243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Apr 2021 01:13:03 GMT

GET
H3-29 200 logo_12.png
autowarranty.protect.com/images/ 5 KB
6 KB 12ms
12ms Image
image/png 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autowarranty.protect.com/images/logo_12.png
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7daff1a434bf0cf7549fd7a843052b2e771d5e40e96c7a0119fb395c504c2e

Request headers

:path: /images/logo_12.png
pragma: no-cache
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 715863
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5226
cf-request-id: 09bcc8d1d60000c2813d3a9000000001
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2fFBb3rCflf3u2pvuEeCuU9tQPK6ydCr85A8ikaHfRzXVdPJWunIHwfDjRc2hNznvAEHHRQluf6nuDSTQqVZKYJcKAwuoSZ7FhiWdaRxPstTc%2Btc13r94Xr7FzZkQrouIL9C8cY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6474aa62ed38c281-FRA
expires: Thu, 20 May 2021 18:22:00 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
60 KB 42ms
40ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N77RJ8T

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a375fa4cec77297feb27e81ace1f7de0db7bbaf849fd23c704ca8afe94d6917f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61117
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 00:34:39 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Apr 2021 01:13:03 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 14 KB
6 KB 149ms
70ms Script
application/javascript 13.224.106.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-24.mad50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: MAD50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5720
via: 1.1 520bc3f1e5131e67d2c8c98babd6f5a2.cloudfront.net (CloudFront)
x-amz-cf-id: Gr8646D9mo3Nz6Qw_sdUz3G-FDsLxj1F-dMC8VhWrCHq-bWafgSCEA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: T3dwvTPbOQWBtaZKthSIcDhXfXGPovTTI8SnSGgYoMwHKMAEhqoGoMP7Y6zj1LX5ApixtTxxxMuSN6LLnAAWXA==
x-fb-trip-id: 1527350943
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 29 Apr 2021 01:13:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5550
date: Wed, 28 Apr 2021 23:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 29 Apr 2021 01:40:33 GMT

GET
H3-29

200

activityi;dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%... Show response
9581003.fls.doubleclick.net/ Frame C99B
Redirect Chain

https://9581003.fls.doubleclick.net/activityi;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub...
https://9581003.fls.doubleclick.net/activityi;dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautow...

583 B
473 B

31ms
17ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9581003.fls.doubleclick.net/activityi;dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N77RJ8T

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

af49da519f85781504f4bffaa06422a90b36b7bc845bfaa01ea66e369f72f7b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9581003.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://autowarranty.protect.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Apr 2021 01:13:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 448
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Apr-2021 01:28:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Apr 2021 01:13:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9581003.fls.doubleclick.net/activityi;dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 jquery-1.10.2.min.js Show response
autowarranty.protect.com/id4/static/js/ 91 KB
32 KB 365ms
365ms Script
text/javascript 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autowarranty.protect.com/id4/static/js/jquery-1.10.2.min.js
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17

Request headers

:path: /id4/static/js/jquery-1.10.2.min.js
pragma: no-cache
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782; _gcl_au=1.1.1023261018.1619658783
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CvI%2FwXvdoWau7tmfzk5JiuuZBzW3AznWnldeYgb1hn7fq%2BhJ4ul6wxXSU96DWy9Quf9IW5uRJuocho6y3F2J7yMieUvwrpWmt%2Ba3NIiC7aKZ695TCyQ8mOfsG0nA%2BifDb%2BOWgJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6474aa644de9c281-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09bcc8d2ac0000c281b5337000000001

GET
H3-29 200 bootstrap.min.js Show response
autowarranty.protect.com/id4/static/libs/bootstrap/js/ 36 KB
10 KB 357ms
356ms Script
text/javascript 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autowarranty.protect.com/id4/static/libs/bootstrap/js/bootstrap.min.js
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

:path: /id4/static/libs/bootstrap/js/bootstrap.min.js
pragma: no-cache
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782; _gcl_au=1.1.1023261018.1619658783
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LHOWbmXsaG4JLPpnktqf044Szjj0hUFk532xoqe%2F6hAs5Rumab0rSChz0d6IcEG52lXqRfNvTfKLPhneou0rYcon%2Fd27KsGABsJ98PhXSev9bqml5eTrnbl68TY5h32VlYDmH8k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6474aa65aeacc281-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09bcc8d38b0000c28122832000000001

GET
H3-29 200 default.js Show response
autowarranty.protect.com/id4/static/js/ 0
579 B 345ms
344ms Script
text/javascript 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autowarranty.protect.com/id4/static/js/default.js
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /id4/static/js/default.js
pragma: no-cache
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782; _gcl_au=1.1.1023261018.1619658783
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=53rAZTO2EHVpHkcKyPvYePH0%2BdvRe%2BkD9fdGJDfp4jrrYHRVfcEAPZ%2Bt33SM%2FBZT6YNHxF%2Frz7OgpIlELHp2y1xaFQNpM%2Fc%2BexaVGM31ByYyYb83abgZeHed3%2B%2BzmRRWS8Po%2F3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6474aa65cebbc281-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 09bcc8d39e0000c281e69c1000000001

GET
H3-29 200 auto.min.js Show response
autowarranty.protect.com/id4/static/js/ 74 KB
10 KB 355ms
354ms Script
text/javascript 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autowarranty.protect.com/id4/static/js/auto.min.js
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17bf690af058544a969bb3dd21c8280366de0c20513d1a356d1ddc9284f87cb9

Request headers

:path: /id4/static/js/auto.min.js
pragma: no-cache
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782; _gcl_au=1.1.1023261018.1619658783
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h2Acmmit2xjclXKoW9LAgGZ2BYM1pW%2FX50RWqrmqCNrfzrS6YmFji1rqLzgRFJKzX4RJugUUBm4yasH4fx%2B2fnSFE2mRcGsRJcWL4iyYHTOmOukshMUjtBMIkLnoYfmVEcYzgU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6474aa65cebcc281-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09bcc8d39e0000c2811f0bb000000001

GET
H3-29 200 jquery.mask.min.js Show response
autowarranty.protect.com/id4/static/js/ 7 KB
3 KB 346ms
345ms Script
text/javascript 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autowarranty.protect.com/id4/static/js/jquery.mask.min.js
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f8e21f061de1874e4af063f095a389187c40583c9033946e406a8bb825ca358

Request headers

:path: /id4/static/js/jquery.mask.min.js
pragma: no-cache
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782; _gcl_au=1.1.1023261018.1619658783
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5AE9zw5sB6xW1VLmbLYeSdk%2FU8UBn0nLCElOjzGCFC3lH9f0G8hZQc02WBIS5C6Da%2BFD70I1FG4Rkur42SoR8rofpdfdkHLtKmZTsel77ND7FjIhDqHZcOJsZYeNBT17CJFvXro%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6474aa65cebdc281-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09bcc8d39e0000c2811ca57000000001

GET
H/1.1 200
OK tag
udxsva.com/ 43 B
194 B 398ms
94ms Image
image/gif 205.235.84.161
IMDC-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udxsva.com/tag?id=10254
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.235.84.161 Nokesville, United States, ASN62947 (IMDC-AS1, US),
Reverse DNS
Software: Jetty(9.4.z-SNAPSHOT) /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 01:13:03 GMT
Server: Jetty(9.4.z-SNAPSHOT)
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26... Show response
adservice.google.com/ddm/fls/i/ Frame 7B39 582 B
517 B 16ms
16ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013

Requested by

Host: 9581003.fls.doubleclick.net
URL: https://9581003.fls.doubleclick.net/activityi;dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e4c64ac86dfb04a13077129ac6dcdd614dcd926bb6bbd24cced92e76e5acaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9581003.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9581003.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Apr 2021 01:13:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 447
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26... Show response
adservice.google.de/ddm/fls/i/ Frame 4E19 194 B
265 B 16ms
16ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CIPMv5OjovACFYVK4AodQK0Mxg;src=9581003;type=autow0;cat=homep0;ord=930349798189;gtm=2wg4l3;auiddc=1023261018.1619658783;~oref=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Apr 2021 01:13:03 GMT
expires: Thu, 29 Apr 2021 01:13:03 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/840862942/ 2 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/840862942/?random=1619658783645&cv=9&fst=1619658783645&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&ref=http%3A%2F%2Fdealfinderguide.com%2F&tiba=AutoWarranty.Protect.com%20%7C%20Extend%20Your%20Car%27s%20Warranty&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

580812ec3527724c303caecaff5b1c9771b0a8248bad7f0660c9b621bd2a624b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1095
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 header-image.jpg.jpg
autowarranty.protect.com/id3/static/img/ 491 KB
492 KB 16ms
16ms Image
image/jpeg 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autowarranty.protect.com/id3/static/img/header-image.jpg.jpg
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/static/variants/1/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ae7be2ef1e39ffcced5694155962d3d23a47a94cba0442d72b2370c82c6cc22

Request headers

:path: /id3/static/img/header-image.jpg.jpg
pragma: no-cache
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782; _gcl_au=1.1.1023261018.1619658783
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/static/variants/1/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autowarranty.protect.com/id4/static/variants/1/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 212070
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 503283
cf-request-id: 09bcc8d3a20000c28128359000000001
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZTyxPZBMBqQVMIeZlhtR%2F8f%2FzgWDsZ0m0%2FiVgYW%2FX5laAd8PO1V%2BpbD7mRgeWK4XwDO45cUcVSwUju9Invvwdx363fzskBE6CBVNRKEXYTs4%2BK%2FUL%2BIPmvD2hpwLiLfL8WE%2BX1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6474aa65cec3c281-FRA
expires: Wed, 26 May 2021 14:18:33 GMT

GET
H3-29 200 bebas__-webfont.woff2
autowarranty.protect.com/id4/static/libs/fonts/ 9 KB
10 KB 345ms
344ms Font
application/octet-stream 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autowarranty.protect.com/id4/static/libs/fonts/bebas__-webfont.woff2
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/static/libs/fonts/fonts.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6350570f8703ec728ffb814d222ce1319f190b6daecd898128ffa0a099e06cd

Request headers

sec-fetch-mode: cors
origin: https://autowarranty.protect.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782; _gcl_au=1.1.1023261018.1619658783
:path: /id4/static/libs/fonts/bebas__-webfont.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/static/libs/fonts/fonts.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://autowarranty.protect.com
Referer: https://autowarranty.protect.com/id4/static/libs/fonts/fonts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QPszqJPQlPfPZbtvTUN%2FSdZ3tp%2BlxcepestTzfekNmcJ7ETuusQwDQxW3T8EGiuyLLntx%2BjzRNG%2FDiKoJ1wUiS3jaBW%2FAN42A1OKgYus3oGObhwoNvsObKf4GG2sB4373gN0nJQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6474aa65decac281-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9376
cf-request-id: 09bcc8d3a80000c281ceb9f000000001

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@2/src/ 2 KB
1 KB 25ms
6ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N77RJ8T

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 7978
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1062
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
x-served-by: cache-fra19126-FRA
date: Thu, 29 Apr 2021 01:13:03 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dmap.js Show response
dmap.dmsengage.com/ 50 KB
14 KB 136ms
95ms Script
application/javascript 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://dmap.dmsengage.com/dmap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N77RJ8T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-110-153.github.com
Software: GitHub.com /
Resource Hash: bdb7bc8ff965a8458cbe582df0e8798706809b4126b646c8c43371487fc92ef7

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 24f9b8f8453bc017083330a91cb38fd5b53cc5b5
date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: gzip
age: 0
x-cache: HIT
content-length: 14111
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Thu, 16 Jul 2020 15:04:54 GMT
server: GitHub.com
x-github-request-id: 1CCC:7743:5BC3B3:67F9BD:6089FF8F
x-timer: S1619658784.723990,VS0,VE88
etag: W/"5f106c96-c94e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 29 Apr 2021 00:46:31 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-708545917

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N77RJ8T

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

470a97376d8d1c9439ad3b4e0272daece8cd24c6b62d5d661d6885ad4643707d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34152
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 00:34:39 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Apr 2021 01:13:03 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 47ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: dealfinderguide.com
URL: http://dealfinderguide.com/clicks?cid=26646&pub=202226&sid1=703013&sid2=244014114&sid3=5525&sid4=&lp=8287
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 17:21:02 GMT
x-msedge-ref: Ref A: F9B76FE10DBE41C7890F7E61800E5A39 Ref B: FRAEDGE1307 Ref C: 2021-04-29T01:13:03Z
etag: "0d398608930d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8910

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 113 KB
32 KB 215ms
176ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1CCNT48PMMOGUUMPNF0&lib=ttq
Requested by: Host: dealfinderguide.com
URL: http://dealfinderguide.com/clicks?cid=26646&pub=202226&sid1=703013&sid2=244014114&sid3=5525&sid4=&lp=8287
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 12c6778483f156dc6b52fb70601be43f21a09ae04fafdf977b5d3b2aff7b8ea3

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: cf4e48f.b5deef5
date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-88-71-61.deploy.akamaitechnologies.com (AkamaiGHost/10.3.4.1-33174363) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.3.3.1-33160337) (-)
x-parent-response-time: 157,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=5, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202104290113030102360410973DD14098
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,104.88.71.61
expires: Thu, 29 Apr 2021 01:13:03 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 113 KB
32 KB 216ms
177ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1QS8L6HLSU5AAHCNS00&lib=ttq
Requested by: Host: dealfinderguide.com
URL: http://dealfinderguide.com/clicks?cid=26646&pub=202226&sid1=703013&sid2=244014114&sid3=5525&sid4=&lp=8287
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 12c6778483f156dc6b52fb70601be43f21a09ae04fafdf977b5d3b2aff7b8ea3

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: d64d7ea4.b5deef7
date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-44-4-79.deploy.akamaitechnologies.com (AkamaiGHost/10.3.4.1-33174363) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.3.3.1-33160337) (-)
x-parent-response-time: 158,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=6, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 2021042901130301023604308240CD015C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.44.4.79
expires: Thu, 29 Apr 2021 01:13:03 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/840862942/ 42 B
108 B 21ms
21ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/840862942/?random=1619658783645&cv=9&fst=1619658000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&ref=http%3A%2F%2Fdealfinderguide.com%2F&tiba=AutoWarranty.Protect.com%20%7C%20Extend%20Your%20Car%27s%20Warranty&fmt=3&is_vtc=1&random=1587777471&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 01:13:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/840862942/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/840862942/?random=1619658783645&cv=9&fst=1619658000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&ref=http%3A%2F%2Fdealfinderguide.com%2F&tiba=AutoWarranty.Protect.com%20%7C%20Extend%20Your%20Car%27s%20Warranty&fmt=3&is_vtc=1&random=1587777471&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 01:13:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
www.google-analytics.com/j/ 0
0

GET
H3-29 200 1911170102508923 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 59ms
57ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1911170102508923?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

53c5a259d39395c5463f3139d57f778f1c4657b056eb44fe8f82f36fd339d720

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 0KmHdlvSdoIeKOd6I09z6hCkueqxeFAoM90z0WKrMSjVxd9oEWRatlD0JgNMNYOqjUyt6yN2QvVViEBaoRw9iw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Thu, 29 Apr 2021 01:13:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 20128947 Show response
bat.bing.com/p/action/ 0
126 B 32ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/20128947
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 29 Apr 2021 01:13:03 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: CF5148717ACF4F969FE620CBCB901AED Ref B: FRAEDGE1307 Ref C: 2021-04-29T01:13:03Z
x-powered-by: ARR/3.0

GET
H3-29 200 1485281358212891 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 49ms
49ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1485281358212891?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cdce7e036396488502a6cf280a51149d5424608cdf7f694c42ad9b7ff11f51d0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: GY45/Ezrn1Klu+hv722m1vdD9raK88A6g26SEVuhFWHrciFEIi/kzHc5GeqDKX+Y4x3JhNfMrjTbvySstPzUgQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Thu, 29 Apr 2021 01:13:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
260 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1911170102508923&ev=PageView&dl=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&rl=http%3A%2F%2Fdealfinderguide.com%2F&if=false&ts=1619658783791&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1619658783789.106957861&it=1619658783705&coo=false&rqm=GET

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 29 Apr 2021 01:13:03 GMT

GET
H2 200 permutive.w4.js Show response
dmap.dmsengage.com/analytics/ 2 KB
1 KB 95ms
95ms Script
application/javascript 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://dmap.dmsengage.com/analytics/permutive.w4.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N77RJ8T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-110-153.github.com
Software: GitHub.com /
Resource Hash: 130f2401d4e1f5460aaa7a82180725517077b3bcc29844aa328b97a6629ad672

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 27145cf2837b24f1e0666c6647e6a709cb1b29c6
date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: gzip
age: 0
x-cache: HIT
content-length: 890
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Thu, 16 Jul 2020 15:04:54 GMT
server: GitHub.com
x-github-request-id: E914:9633:125A98C:13471C7:6089B5CD
x-timer: S1619658784.823676,VS0,VE88
etag: W/"5f106c96-912"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Wed, 28 Apr 2021 19:31:49 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 27ms
26ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-708545917

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b668778fc11d3f924e2b088285e7f86e62dfbfbcd14b41b8fffcdb6e7ba5ef7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13902
x-xss-protection: 0
server: cafe
etag: 351251066703135666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Apr 2021 01:13:03 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1485281358212891&ev=PageView&dl=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&rl=http%3A%2F%2Fdealfinderguide.com%2F&if=false&ts=1619658783856&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1619658783789.106957861&it=1619658783705&coo=false&rqm=GET

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 29 Apr 2021 01:13:03 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1911170102508923&ev=ViewContent&dl=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&rl=http%3A%2F%2Fdealfinderguide.com%2F&if=false&ts=1619658783858&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1619658783789.106957861&it=1619658783705&coo=false&rqm=GET

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 29 Apr 2021 01:13:03 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1485281358212891&ev=ViewContent&dl=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&rl=http%3A%2F%2Fdealfinderguide.com%2F&if=false&ts=1619658783859&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1619658783789.106957861&it=1619658783705&coo=false&rqm=GET

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 29 Apr 2021 01:13:03 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/708545917/ 3 KB
1 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/708545917/?random=1619658783864&cv=9&fst=1619658783864&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4l3&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&ref=http%3A%2F%2Fdealfinderguide.com%2F&tiba=AutoWarranty.Protect.com%20%7C%20Extend%20Your%20Car%27s%20Warranty&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8abf96c53cb6b091d643cebaf1e02ebf794a3d6486a75c0ab67e97ea12abfe04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1137
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/708545917/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/708545917/?random=1619658783864&cv=9&fst=1619658000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4l3&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&ref=http%3A%2F%2Fdealfinderguide.com%2F&tiba=AutoWarranty.Protect.com%20%7C%20Extend%20Your%20Car%27s%20Warranty&async=1&fmt=3&is_vtc=1&random=4274643866&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 01:13:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/708545917/ 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/708545917/?random=1619658783864&cv=9&fst=1619658000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4l3&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&ref=http%3A%2F%2Fdealfinderguide.com%2F&tiba=AutoWarranty.Protect.com%20%7C%20Extend%20Your%20Car%27s%20Warranty&async=1&fmt=3&is_vtc=1&random=4274643866&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 01:13:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d17fc6b1-943f-4914-b96b-f35214fc0687-web.js Show response
cdn.permutive.com/ 189 KB
50 KB 77ms
36ms Script
application/javascript 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/d17fc6b1-943f-4914-b96b-f35214fc0687-web.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N77RJ8T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40f63f10d8e505f3e0623f38a5cd94402f8e2d8fa0f6cb9ba7cb28da5dcd1e68

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:03 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: d17fc6b1-943f-4914-b96b-f35214fc0687
age: 905
x-guploader-uploadid: ABg5-UzGvc0hSJ6IuUihtthXZPWxS9fnZB7FrLUyI6_14XTCbCUpYlTLJWKOp-hLVNqlF8_Jiaj119MGKka9ZnxsI9GKxc44fA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
cf-request-id: 09bcc8d4de0000331e9492d000000001
last-modified: Wed, 28 Apr 2021 06:26:22 GMT
server: cloudflare
etag: W/"8350a91b99316c37c9292ea7281aea86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Zf/a8A==, md5=g1CpG5kxbDfJKS6nKBrqhg==
x-goog-generation: 1619591182306799
cache-control: public, max-age=300
x-goog-stored-content-length: 54836
cf-ray: 6474aa67cb22331e-CDG
expires: Thu, 29 Apr 2021 01:18:03 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 140 KB
40 KB 176ms
175ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1CCNT48PMMOGUUMPNF0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 420d31548250b39e9e360cdf56a6fe9b8c3143c2c09d739c4e9ae60ee22319e1

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: a2c0e008.b5def7e
date: Thu, 29 Apr 2021 01:13:04 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-88-71-7.deploy.akamaitechnologies.com (AkamaiGHost/10.3.4.1-33174363) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.3.3.1-33160337) (-)
x-parent-response-time: 157,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=6, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 2021042901130401023604014804D27F9D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,104.88.71.7
expires: Thu, 29 Apr 2021 01:13:04 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 57 KB
20 KB 193ms
193ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C1CCNT48PMMOGUUMPNF0
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1CCNT48PMMOGUUMPNF0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ef3fa20d95c37cbb870888bbe82edbc65dd4fa1944b7f4f56ff76216c5e64317

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: cabf05bc.b5def85
date: Thu, 29 Apr 2021 01:13:04 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-44-4-38.deploy.akamaitechnologies.com (AkamaiGHost/10.3.4.1-33174363) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.3.3.1-33160337) (-)
x-parent-response-time: 174,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=166, origin; dur=8, inner; dur=0
content-length: 19366
pragma: no-cache
server: nginx
x-tt-logid: 2021042901130401023604214957CF54B6
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.44.4.38
expires: Thu, 29 Apr 2021 01:13:04 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 435 B
834 B 177ms
177ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C1QS8L6HLSU5AAHCNS00
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1CCNT48PMMOGUUMPNF0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3bf49fac0c04858aaa6279b567cc2b92a91b99ea039c423ec2714534c58226ae

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: 83f0182a.b5def86
date: Thu, 29 Apr 2021 01:13:04 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-88-71-12.deploy.akamaitechnologies.com (AkamaiGHost/10.3.4.1-33174363) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.3.3.1-33160337) (-)
x-parent-response-time: 158,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=153, origin; dur=5, inner; dur=4
content-length: 261
pragma: no-cache
server: nginx
x-tt-logid: 2021042901130401023604109743CA1F59
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,104.88.71.12
expires: Thu, 29 Apr 2021 01:13:04 GMT

GET
H2 200 c07aeed1-d117-7c02-f7ef-a29f8c2fde30.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 491ms
473ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/c07aeed1-d117-7c02-f7ef-a29f8c2fde30.js?snippet_version=2
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54429cc96467dfc0eeae5d6e29548208035d315055f415f3abe1be8b6bf0707d

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:04 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: SZX9W0BDKCZSRGJ1
cf-ray: 6474aa683abf3140-FRA
x-amz-replication-status: COMPLETED
x-amz-id-2: 8ym+Ia68NaBx/ZuZDMQmDZ6ikuBChJ9+rcXEv6c28L5+Zc134uqO15nw8aP6KsnOH5nlyYd7XkM=
last-modified: Wed, 31 Mar 2021 15:09:58 GMT
server: cloudflare
etag: W/"f7856be8e16630a19e9d24b6300ac815"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ieTCWvHEksJLmGDb5wpEkY2aX77k5tKF
cache-control: max-age=1800
cf-request-id: 09bcc8d51f00003140b20e8000000001
content-type: text/javascript

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xx_trusted_form_cert_url&l=16196587840090.002760627633102475
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xx_trusted_form_cert_url&l=16196587840090.002760627633102475

14 KB
6 KB

188ms
151ms

Script
application/javascript

2600:9000:2104:d400:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xx_trusted_form_cert_url&l=16196587840090.002760627633102475
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:d400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8165e2eebe389991b2d49c7d0991a19dfb99f71447ad7aac56c4d2081a3807d9

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:05 GMT
content-encoding: gzip
last-modified: Thu, 22 Apr 2021 19:38:03 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: W/"2b9b48d4cfddf0e8019e09215d6d3180"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
x-amz-version-id: Su0xSn4edmHJwCSYVfaVWPDDVZ70KbR5
x-amz-cf-id: DL6P7eUP2GUILslB6YXzJNLfshmjr1YclJmDCDxChtRX4x-4APk32A==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xx_trusted_form_cert_url&l=16196587840090.002760627633102475
date: Thu, 29 Apr 2021 01:13:04 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H/1.1 200
OK / Show response
com-dmscw.netmng.com/ 412 B
810 B 471ms
102ms Script
text/javascript 199.38.167.35
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://com-dmscw.netmng.com/?aid=6106&siclientid=104727&p3=&p4=&p5=&p6=&p7=&p8=&p9=&p10=&p11=&ref=http%3A%2F%2Fdealfinderguide.com%2F
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.38.167.35 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: openresty /
Resource Hash: b8677cee3cda666f50043db4b3f6d7a3811f5b8825f379f0e990e043e604e19a

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 01:12:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Apr 2021 01:12:22 GMT
Server: openresty
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Expires: Tue, 27 Apr 2021 01:12:22 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=20128947&Ver=2&mid=7526e44c-1d2f-4ebe-bd2d-7fa098ff3b79&sid=0c4ad1c0a88811eb9520415c915e851f&vid=0c4b0c60a88811eba1661df3f91cabd8&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=AutoWarranty.Protect.com%20%7C%20Extend%20Your%20Car%27s%20Warranty&p=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&r=http%3A%2F%2Fdealfinderguide.com%2F&lt=1287&evt=pageLoad&msclkid=N&sv=1&rn=218453
Requested by: Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 29 Apr 2021 01:13:03 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 1705D42376E144C48DE7CAFF2BCCCE67 Ref B: FRAEDGE1307 Ref C: 2021-04-29T01:13:04Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
564 B 190ms
190ms Ping
application/octet-stream 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1CCNT48PMMOGUUMPNF0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 50c41373.b5df014
date: Thu, 29 Apr 2021 01:13:04 GMT
x-cache-remote: TCP_MISS from a104-88-71-21.deploy.akamaitechnologies.com (AkamaiGHost/10.3.4.1-33174363) (-)
upstream-caught: 1619658784210788
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.3.3.1-33160337) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 171,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=156, origin; dur=15, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2021042901130401023604214905CCD85D
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,104.88.71.21
expires: Thu, 29 Apr 2021 01:13:04 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
561 B 186ms
185ms Ping
application/octet-stream 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1CCNT48PMMOGUUMPNF0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: cf4e688.b5df035
date: Thu, 29 Apr 2021 01:13:04 GMT
x-cache-remote: TCP_MISS from a104-88-71-61.deploy.akamaitechnologies.com (AkamaiGHost/10.3.4.1-33174363) (-)
upstream-caught: 1619658784253686
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.3.3.1-33160337) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 165,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=157, origin; dur=8, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2021042901130401023601713430CB60D5
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,104.88.71.61
expires: Thu, 29 Apr 2021 01:13:04 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
560 B 192ms
192ms Ping
application/octet-stream 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1CCNT48PMMOGUUMPNF0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d64d6475.b5df039
date: Thu, 29 Apr 2021 01:13:04 GMT
x-cache-remote: TCP_MISS from a23-44-4-79.deploy.akamaitechnologies.com (AkamaiGHost/10.3.4.1-33174363) (-)
upstream-caught: 1619658784255424
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.3.3.1-33160337) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 165,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=157, origin; dur=10, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2021042901130401023604122035CD361F
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.44.4.79
expires: Thu, 29 Apr 2021 01:13:04 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1911170102508923&ev=Microdata&dl=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&rl=http%3A%2F%2Fdealfinderguide.com%2F&if=false&ts=1619658784293&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22AutoWarranty.Protect.com%20%7C%20Extend%20Your%20Car%27s%20Warranty%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Asite_name%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22twitter%3Aaccount_id%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=2&o=30&fbp=fb.1.1619658783789.106957861&it=1619658783705&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 29 Apr 2021 01:13:04 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1485281358212891&ev=Microdata&dl=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&rl=http%3A%2F%2Fdealfinderguide.com%2F&if=false&ts=1619658784359&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22AutoWarranty.Protect.com%20%7C%20Extend%20Your%20Car%27s%20Warranty%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Asite_name%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22twitter%3Aaccount_id%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=2&o=62&fbp=fb.1.1619658783789.106957861&it=1619658783705&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: autowarranty.protect.com
URL: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 29 Apr 2021 01:13:04 GMT

GET
H/1.1 200
OK / Show response
com-dmscw.netmng.com/ 7 KB
4 KB 109ms
109ms Script
text/javascript 199.38.167.35
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://com-dmscw.netmng.com/?url=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&aid=6106&siclientid=104727&p3=&p4=&p5=&p6=&p7=&p8=&p9=&p10=&p11=&ref=http%3A%2F%2Fdealfinderguide.com%2F
Requested by: Host: com-dmscw.netmng.com
URL: https://com-dmscw.netmng.com/?aid=6106&siclientid=104727&p3=&p4=&p5=&p6=&p7=&p8=&p9=&p10=&p11=&ref=http%3A%2F%2Fdealfinderguide.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.38.167.35 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: openresty /
Resource Hash: be263a100aafbfd7334aca13b46adce6b65bd487f087109289e29dca7caa10f5

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 01:12:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Apr 2021 01:12:22 GMT
Server: openresty
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Expires: Tue, 27 Apr 2021 01:12:22 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.7.0/ 36 B
335 B 366ms
153ms XHR
text/plain 34.196.123.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/GenerateToken?msn=1&pid=1ab542c6-dc14-4dcf-b445-ed9396982517&_=402846096
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c07aeed1-d117-7c02-f7ef-a29f8c2fde30.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.123.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-123-186.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: 780bcd60c5c8f60cb1d4794b484f7037f40b0039bac03523f9ef08600de898ec

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Apr 2021 01:13:04 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK / Show response
com-dmscw.netmng.com/ 3 KB
2 KB 100ms
100ms Script
text/javascript 199.38.167.35
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://com-dmscw.netmng.com/?vid=ezj90cvaaq9ox&referer=&browserPixelRatio=1&browserWidth=1600&browserHeight=1200&url=https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013&aid=6106&siclientid=104727&p3=&p4=&p5=&p6=&p7=&p8=&p9=&p10=&p11=&ref=http://dealfinderguide.com/&function=browser_check&nmfp=1&r=7a250
Requested by: Host: com-dmscw.netmng.com
URL: https://com-dmscw.netmng.com/?url=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&aid=6106&siclientid=104727&p3=&p4=&p5=&p6=&p7=&p8=&p9=&p10=&p11=&ref=http%3A%2F%2Fdealfinderguide.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.38.167.35 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: openresty /
Resource Hash: 77d63d9db31606a1dcf99ee25a637b404292634fce0086b59fa824ff9c9fb3c0

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 01:12:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Apr 2021 01:12:22 GMT
Server: openresty
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Expires: Tue, 27 Apr 2021 01:12:22 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 456 B
667 B 309ms
104ms XHR
application/json 107.21.34.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xx_trusted_form_cert_url&l=16196587840090.002760627633102475
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.34.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-34-105.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 10f675199560ae006ed27c0ae3f7c9af127b09e9cf0175a26a9cc37abe313077

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Apr 2021 01:13:04 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 456

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame BECE 0
203 B 38ms
22ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=f78b4203-64b1-4e8e-8ab2-18646d480fa4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=f78b4203-64b1-4e8e-8ab2-18646d480fa4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://autowarranty.protect.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://autowarranty.protect.com/

Response headers

server: nginx/1.17.3
date: Thu, 29 Apr 2021 01:13:04 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js-sha256-v1.min.js Show response
sc-static.net/ 22 KB
8 KB 505ms
432ms Script
application/javascript 13.224.106.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/js-sha256-v1.min.js
Requested by: Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-24.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Origin: https://autowarranty.protect.com
Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:06 GMT
content-encoding: gzip
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
server: AmazonS3
x-amz-cf-pop: MAD50-C1
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
x-cache: Miss from cloudfront
x-amz-cf-id: Zf-IKKwn3Wv1GCu-aGussU5IXAaG1he5BxWQ5GSSJ7tbShZR0a7mmA==
via: 1.1 bd86a70de12d26e8fcde971fee50512c.cloudfront.net (CloudFront)

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame E83A 3 KB
2 KB 117ms
36ms Document
text/html 13.224.118.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=96A9798A-E015-462B-E184-8C9B891E81C7&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=C07AEED1-D117-7C02-F7EF-A29F8C2FDE30&lac=5AAB34D1-3BF2-F377-377F-D6E5BCA72416
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c07aeed1-d117-7c02-f7ef-a29f8c2fde30.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.118.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-118-94.mad50.r.cloudfront.net
Software: nginx/1.17.6 /
Resource Hash: 4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://autowarranty.protect.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://autowarranty.protect.com/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 28 Apr 2021 22:04:24 GMT
Server: nginx/1.17.6
Last-Modified: Mon, 26 Apr 2021 14:37:42 GMT
ETag: W/"6086d036-da5"
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 65c5c292982d6d8875d94812b2bfdf95.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MAD50-C1
X-Amz-Cf-Id: f8eeXzzkXl_lMzZM9cJxw6WOGp63FJirDVHbGCdDWMMWAgDHnkjV5w==
Age: 11320

POST
H2 200 SaveDom Show response
create.leadid.com/2.7.0/ 0
298 B 109ms
109ms XHR
text/plain 34.196.123.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/SaveDom?msn=2&pid=1ab542c6-dc14-4dcf-b445-ed9396982517&token=96A9798A-E015-462B-E184-8C9B891E81C7&_=402846097
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c07aeed1-d117-7c02-f7ef-a29f8c2fde30.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.123.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-123-186.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Apr 2021 01:13:04 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.7.0/ 0
298 B 128ms
128ms XHR
text/plain 34.196.123.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/InitFormData?msn=3&pid=1ab542c6-dc14-4dcf-b445-ed9396982517&token=96A9798A-E015-462B-E184-8C9B891E81C7&_=402846098
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c07aeed1-d117-7c02-f7ef-a29f8c2fde30.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.123.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-123-186.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Apr 2021 01:13:04 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 trustedform-1.2.12.js Show response
cdn.trustedform.com/ 59 KB
21 KB 36ms
36ms Script
application/javascript 2600:9000:2104:d400:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.2.12.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xx_trusted_form_cert_url&l=16196587840090.002760627633102475
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:d400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b444eda6d85ba1fd8a7cc982d29bd19f119d2084e17e8c5a7a31421c2ed91b4f

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: HM.GMp7MENU_HfcaNs97DHHUb3i06tVw
content-encoding: gzip
last-modified: Thu, 22 Apr 2021 19:38:03 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: W/"e90faf8bb0374efabdc5671a2528d012"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
date: Thu, 29 Apr 2021 01:13:05 GMT
x-amz-cf-id: wKbHt2zOrPqVjy_qBOfHaXfYvgZIMG36p8f1fPX9h4SHzrqm-l8Dew==

GET
H/1.1 200
OK iframe.html Show response
deviceid.trueleadid.com/ Frame E79F 4 KB
2 KB 409ms
102ms Document
text/html 3.227.129.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=96A9798A-E015-462B-E184-8C9B891E81C7&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=C07AEED1-D117-7C02-F7EF-A29F8C2FDE30&lac=5AAB34D1-3BF2-F377-377F-D6E5BCA72416
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=96A9798A-E015-462B-E184-8C9B891E81C7&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=C07AEED1-D117-7C02-F7EF-A29F8C2FDE30&lac=5AAB34D1-3BF2-F377-377F-D6E5BCA72416
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.129.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-129-168.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3dd1fa07e4802c23e53915d6e8a450445a9c50efcada797976b64eff77fbb6bd

Request headers

Host: deviceid.trueleadid.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d2m2wsoho8qq12.cloudfront.net/

Response headers

Cache-Control: max-age=86400 public
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 29 Apr 2021 01:13:05 GMT
ETag: W/"5edf9bf2-104a"
Expires: Fri, 30 Apr 2021 01:13:05 GMT
Last-Modified: Tue, 09 Jun 2020 14:25:54 GMT
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Server: nginx
Content-Length: 1736
Connection: keep-alive

POST
H2 204 snapshot Show response
api.trustedform.com/certs/345ab178f16bc82ce2c4bcb2a164b56b6a0340d4/ 0
159 B 124ms
124ms XHR
text/plain 107.21.34.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/345ab178f16bc82ce2c4bcb2a164b56b6a0340d4/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.12.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.34.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-34-105.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 29 Apr 2021 01:13:05 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H3-29 200 logo_12.png
autowarranty.protect.com/images/ 5 KB
6 KB 11ms
11ms Image
image/png 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autowarranty.protect.com/images/logo_12.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.12.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7daff1a434bf0cf7549fd7a843052b2e771d5e40e96c7a0119fb395c504c2e

Request headers

:path: /images/logo_12.png
pragma: no-cache
cookie: __cfduid=d204c20efc78e10ff3b8d800b0e953a391619658782; _gcl_au=1.1.1023261018.1619658783; sub1=26646; sub2=202226; sub3=39c57798692ca90059e54281670e6631; _ga=GA1.2.1862205164.1619658784; _gid=GA1.2.233918909.1619658784; _gat=1; _gat_UA-9244951-27=1; utm_source=; utm_medium=; utm_campaign=; _fbp=fb.1.1619658783789.106957861; _uetsid=0c4ad1c0a88811eb9520415c915e851f; _uetvid=0c4b0c60a88811eba1661df3f91cabd8; _scid=02ffa6ef-3016-42ec-a653-d9d89100a3da; leadid_token-5AAB34D1-3BF2-F377-377F-D6E5BCA72416-C07AEED1-D117-7C02-F7EF-A29F8C2FDE30=96A9798A-E015-462B-E184-8C9B891E81C7
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: autowarranty.protect.com
referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autowarranty.protect.com/id4/?sub1=26646&sub2=202226&sub3=39c57798692ca90059e54281670e6631&sub4=703013
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:05 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 715865
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5226
cf-request-id: 09bcc8d96f0000c28112902000000001
last-modified: Tue, 02 Mar 2021 22:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hzdtB%2BPxqytJI2RPykT5EudeSN%2Bd3nsguokSTvOrXVZOGKuWk2e0hb4%2FVlFREc90FcQTuYx33ZPdCUjMqkN0lim1y0BcmnP6H3WBVWJwqwKKao6xIXTMYhQ%2F6%2BHQpexnxAWfStQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6474aa6f1b34c281-FRA
expires: Thu, 20 May 2021 18:22:00 GMT

GET
H/1.1 200
OK tag
udxsva.com/ 43 B
194 B 92ms
92ms Image
image/gif 205.235.84.161
IMDC-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udxsva.com/tag?id=10254
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.12.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.235.84.161 Nokesville, United States, ASN62947 (IMDC-AS1, US),
Reverse DNS
Software: Jetty(9.4.z-SNAPSHOT) /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 01:13:05 GMT
Server: Jetty(9.4.z-SNAPSHOT)
Transfer-Encoding: chunked
Content-Type: image/gif

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/345ab178f16bc82ce2c4bcb2a164b56b6a0340d4/ 0
159 B 119ms
119ms XHR
text/plain 107.21.34.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/345ab178f16bc82ce2c4bcb2a164b56b6a0340d4/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.12.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.34.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-34-105.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 29 Apr 2021 01:13:05 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H2 204 0
bat.bing.com/action/ 0
117 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=20128947&Ver=2&mid=7526e44c-1d2f-4ebe-bd2d-7fa098ff3b79&sid=0c4ad1c0a88811eb9520415c915e851f&vid=0c4b0c60a88811eba1661df3f91cabd8&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=AutoWarranty.Protect.com%20%7C%20Extend%20Your%20Car%27s%20Warranty&p=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&r=http%3A%2F%2Fdealfinderguide.com%2F&lt=1287&evt=pageLoad&msclkid=N&sv=1&rn=218453
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 29 Apr 2021 01:13:04 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: E0C8A90D1EDE4FB8BD773FDF1C833B51 Ref B: FRAEDGE1307 Ref C: 2021-04-29T01:13:05Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 285ms
180ms XHR
text/plain 34.196.123.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=4&pid=1ab542c6-dc14-4dcf-b445-ed9396982517&token=96A9798A-E015-462B-E184-8C9B891E81C7&_=402846099
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c07aeed1-d117-7c02-f7ef-a29f8c2fde30.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.123.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-123-186.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Apr 2021 01:13:05 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H3-Q050 200 p Show response
tr.snapchat.com/ Frame AAFD 0
364 B 47ms
25ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 438
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://autowarranty.protect.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://autowarranty.protect.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://autowarranty.protect.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://autowarranty.protect.com/

Response headers

server: nginx/1.17.3
date: Thu, 29 Apr 2021 01:13:05 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIQgDwIlIUL8FxpEXp2B4764e+7lKlEn5yiDhs+Rkrp0xoYbuwRGEm6P1AeRK+i8yAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.7.0/ Frame E79F 0
302 B 307ms
105ms Script
text/javascript 34.196.123.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/SaveDeviceId.js?lac=5AAB34D1-3BF2-F377-377F-D6E5BCA72416&lck=C07AEED1-D117-7C02-F7EF-A29F8C2FDE30&methods=16&token=96A9798A-E015-462B-E184-8C9B891E81C7&uuid=4aa9e7b50a904b80be13440509316595
Requested by: Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=96A9798A-E015-462B-E184-8C9B891E81C7&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=C07AEED1-D117-7C02-F7EF-A29F8C2FDE30&lac=5AAB34D1-3BF2-F377-377F-D6E5BCA72416
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.123.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-123-186.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:13:05 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.7.0/ 0
298 B 110ms
109ms XHR
text/plain 34.196.123.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/InitFormData?msn=5&pid=1ab542c6-dc14-4dcf-b445-ed9396982517&token=96A9798A-E015-462B-E184-8C9B891E81C7&_=402846100
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c07aeed1-d117-7c02-f7ef-a29f8c2fde30.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.123.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-123-186.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Apr 2021 01:13:05 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 133ms
133ms XHR
text/plain 34.196.123.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=6&pid=1ab542c6-dc14-4dcf-b445-ed9396982517&token=96A9798A-E015-462B-E184-8C9B891E81C7&_=402846101
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/c07aeed1-d117-7c02-f7ef-a29f8c2fde30.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.123.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-123-186.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Apr 2021 01:13:05 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/345ab178f16bc82ce2c4bcb2a164b56b6a0340d4/ 0
159 B 105ms
105ms XHR
text/plain 107.21.34.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/345ab178f16bc82ce2c4bcb2a164b56b6a0340d4/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.12.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.34.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-34-105.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://autowarranty.protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 29 Apr 2021 01:13:05 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.traversedlp.com
URL: https://api.traversedlp.com/retargetinginclusion/enqueue

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1296692060&t=pageview&_s=1&dl=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&dr=http%3A%2F%2Fdealfinderguide.com%2F&ul=en-us&de=UTF-8&dt=AutoWarranty.Protect.com%20%7C%20Extend%20Your%20Car%27s%20Warranty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1962168439&gjid=443254087&cid=1862205164.1619658784&tid=UA-99315301-2&_gid=233918909.1619658784&_r=1&_slc=1&z=2125890708

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1296692060&t=pageview&_s=1&dl=https%3A%2F%2Fautowarranty.protect.com%2Fid4%2F%3Fsub1%3D26646%26sub2%3D202226%26sub3%3D39c57798692ca90059e54281670e6631%26sub4%3D703013&dr=http%3A%2F%2Fdealfinderguide.com%2F&ul=en-us&de=UTF-8&dt=AutoWarranty.Protect.com%20%7C%20Extend%20Your%20Car%27s%20Warranty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1877449333&gjid=1982131315&cid=1862205164.1619658784&tid=UA-9244951-27&_gid=233918909.1619658784&_r=1&gtm=2wg4l3N77RJ8T&z=755377797

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.protect.com/	1970-01-19 18:17:42	Name: _uetvid Value: 0c4b0c60a88811eba1661df3f91cabd8
.protect.com/	1970-01-19 20:03:54	Name: _fbp Value: fb.1.1619658783789.106957861
autowarranty.protect.com/	1969-12-31 23:59:59	Name: utm_campaign Value:
.autowarranty.protect.com/	1970-01-19 17:55:45	Name: sub3 Value: 39c57798692ca90059e54281670e6631
.protect.com/	1970-01-19 17:54:18	Name: _gat_UA-9244951-27 Value: 1
.protect.com/	1970-01-19 17:54:18	Name: _gat Value: 1
.protect.com/	1970-01-20 03:24:05	Name: _scid Value: 02ffa6ef-3016-42ec-a653-d9d89100a3da
.protect.com/	1970-01-19 17:55:45	Name: _gid Value: GA1.2.233918909.1619658784
.protect.com/	1970-01-19 17:55:45	Name: _uetsid Value: 0c4ad1c0a88811eb9520415c915e851f
autowarranty.protect.com/	1969-12-31 23:59:59	Name: utm_source Value:
.protect.com/	1970-01-19 18:37:30	Name: __cfduid Value: d204c20efc78e10ff3b8d800b0e953a391619658782
.protect.com/	1970-01-20 11:25:30	Name: _ga Value: GA1.2.1862205164.1619658784
.protect.com/	1970-01-19 20:03:54	Name: _gcl_au Value: 1.1.1023261018.1619658783
.doubleclick.net/	1970-01-20 03:15:54	Name: IDE Value: AHWqTUm-Tua1Ifc_S6M2zj7ISnGLBlLutvG2M22zkbtDOpTMxTTkDGyLUFdiwLRQ
.autowarranty.protect.com/	1970-01-19 17:55:45	Name: sub2 Value: 202226
.autowarranty.protect.com/	1970-01-19 17:55:45	Name: sub1 Value: 26646
autowarranty.protect.com/	1969-12-31 23:59:59	Name: utm_medium Value:

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1QS8L6HLSU5AAHCNS00&lib=ttq(Line 3) Message: Cannot assign to read only property 'call' of object '#<Object>'
console-api	warning	URL: https://cdn.permutive.com/d17fc6b1-943f-4914-b96b-f35214fc0687-web.js(Line 1) Message: Permutive was not initialized. localStorage not supported
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - An invalid email address was specified for 'em'. This data will not be sent with any events for this Pixel.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9581003.fls.doubleclick.net
adservice.google.com
adservice.google.de
analytics.tiktok.com
api.pushnami.com
api.traversedlp.com
api.trustedform.com
autowarranty.protect.com
bat.bing.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.trustedform.com
com-dmscw.netmng.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
dealfinderguide.com
deviceid.trueleadid.com
dmap.dmsengage.com
googleads.g.doubleclick.net
sc-static.net
static.bouncepilot.com
static.traversedlp.com
tr.snapchat.com
udxsva.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
api.traversedlp.com
www.google-analytics.com
104.19.149.54
107.21.34.105
13.224.106.24
13.224.106.26
13.224.118.94
142.250.185.166
142.250.186.162
185.199.110.153
199.38.167.35
2.16.186.234
205.235.84.161
23.236.203.43
2600:9000:2104:a800:10:b308:84c0:93a1
2600:9000:2104:d400:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2606:4700:3038::6815:e9f8
2620:1ec:c11::200
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::621
3.227.129.168
34.196.123.186
35.186.226.184
52.86.198.209
65.9.84.33
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0c7daff1a434bf0cf7549fd7a843052b2e771d5e40e96c7a0119fb395c504c2e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f675199560ae006ed27c0ae3f7c9af127b09e9cf0175a26a9cc37abe313077
12c6778483f156dc6b52fb70601be43f21a09ae04fafdf977b5d3b2aff7b8ea3
130f2401d4e1f5460aaa7a82180725517077b3bcc29844aa328b97a6629ad672
13260c49d665eb7b00855cf3ed00d0becc926580cddc18710f7f4630dd3472f2
17bf690af058544a969bb3dd21c8280366de0c20513d1a356d1ddc9284f87cb9
1a3df970b4fce8ff618784e4c9007c88c0b55c7634dc86dd1394c2ffb9727289
2098769f1236fde5996256469e69d85809913e9264db58b338a0399bae01bbaa
29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17
2ae7be2ef1e39ffcced5694155962d3d23a47a94cba0442d72b2370c82c6cc22
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd
3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
3bf49fac0c04858aaa6279b567cc2b92a91b99ea039c423ec2714534c58226ae
3dd1fa07e4802c23e53915d6e8a450445a9c50efcada797976b64eff77fbb6bd
40f63f10d8e505f3e0623f38a5cd94402f8e2d8fa0f6cb9ba7cb28da5dcd1e68
420d31548250b39e9e360cdf56a6fe9b8c3143c2c09d739c4e9ae60ee22319e1
470a97376d8d1c9439ad3b4e0272daece8cd24c6b62d5d661d6885ad4643707d
4d78331e3770a9fced38b60ac64c88d64fe49e9b66ef49d8f2de01858596e0d5
4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53c5a259d39395c5463f3139d57f778f1c4657b056eb44fe8f82f36fd339d720
54429cc96467dfc0eeae5d6e29548208035d315055f415f3abe1be8b6bf0707d
580812ec3527724c303caecaff5b1c9771b0a8248bad7f0660c9b621bd2a624b
5f8e21f061de1874e4af063f095a389187c40583c9033946e406a8bb825ca358
67386dfc89f862a18f531a68507a146192ca44ba24fc0cb56bd35c0475831e9b
6883197c20c58a0804b6ad6da9c06c9daff14267d65fe286666a1c08a61ba1e1
75afbec90b13679a423a74bb5c743b350caca5faae729548ea2929e3ee4a9f12
77d63d9db31606a1dcf99ee25a637b404292634fce0086b59fa824ff9c9fb3c0
780bcd60c5c8f60cb1d4794b484f7037f40b0039bac03523f9ef08600de898ec
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
8165e2eebe389991b2d49c7d0991a19dfb99f71447ad7aac56c4d2081a3807d9
8720bceda6f642359ac03fc4b012a1cc4da4846cf51e6c47d0ecaed595565b65
8abf96c53cb6b091d643cebaf1e02ebf794a3d6486a75c0ab67e97ea12abfe04
9380fe9748e614960c45d41d8a53e2b59fafca0e3b4253a1b2e47451fb46d000
990496c62d75c59da1df0eff05e9bec618c45cb59eab0e0864594c9251eba89c
a0e4c64ac86dfb04a13077129ac6dcdd614dcd926bb6bbd24cced92e76e5acaa
a375fa4cec77297feb27e81ace1f7de0db7bbaf849fd23c704ca8afe94d6917f
af49da519f85781504f4bffaa06422a90b36b7bc845bfaa01ea66e369f72f7b8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b444eda6d85ba1fd8a7cc982d29bd19f119d2084e17e8c5a7a31421c2ed91b4f
b668778fc11d3f924e2b088285e7f86e62dfbfbcd14b41b8fffcdb6e7ba5ef7e
b8677cee3cda666f50043db4b3f6d7a3811f5b8825f379f0e990e043e604e19a
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bdb7bc8ff965a8458cbe582df0e8798706809b4126b646c8c43371487fc92ef7
be263a100aafbfd7334aca13b46adce6b65bd487f087109289e29dca7caa10f5
c0928ffb61d3ea63ffd4480c15a24c9f11221b491c24db772ef8d369e7ec0c66
cdce7e036396488502a6cf280a51149d5424608cdf7f694c42ad9b7ff11f51d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6350570f8703ec728ffb814d222ce1319f190b6daecd898128ffa0a099e06cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3fa20d95c37cbb870888bbe82edbc65dd4fa1944b7f4f56ff76216c5e64317

autowarranty.protect.com Open in urlscan Pro 2606:4700:3038::6815:e9f8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

94 %HTTPS

48 %IPv6

27 Domains

32 Subdomains

34 IPs

2 Countries

1359 kBTransfer

3271 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

autowarranty.protect.com Open in urlscan Pro
2606:4700:3038::6815:e9f8 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

94 %
HTTPS

48 %
IPv6

27
Domains

32
Subdomains

34
IPs

2
Countries

1359 kB
Transfer

3271 kB
Size

17
Cookies

90 HTTP transactions
0 data transactions