changethewindows.com Open in urlscan Pro
173.201.179.249 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://changethewindows.com/
Submission: On June 06 via api (June 6th 2023, 8:09:51 am UTC) from US — Scanned from DE

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 18 domains to perform 52 HTTP transactions. The main IP is 173.201.179.249, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is changethewindows.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 4th 2023. Valid for: 3 months.

This is the only time changethewindows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	173.201.179.249 173.201.179.249	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1 1	2400:52e0:1e0... 2400:52e0:1e00::1077:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	34.194.65.29 34.194.65.29	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6816:26b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	52.4.12.52 52.4.12.52	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:b600:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
8	3.216.107.174 3.216.107.174	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.188.58 18.66.188.58	16509 (AMAZON-02) (AMAZON-02)
1	52.206.129.240 52.206.129.240	14618 (AMAZON-AES) (AMAZON-AES)
52	22

6 173.201.179.249 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 249.179.201.173.host.secureserver.net

changethewindows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1077:1 (Germany) 1 redirects

ASN200325 (BUNNYCDN, SI)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.firebase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.65.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-65-29.compute-1.amazonaws.com

ipgeolocation.abstractapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.4.12.52 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-12-52.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:b600:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.216.107.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-107-174.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.188.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-188-58.muc50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.129.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-129-240.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	leadid.com create.leadid.com — Cisco Umbrella Rank: 14721	5 KB
8	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 24495 cdn.trustedform.com — Cisco Umbrella Rank: 29417	42 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	356 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66 ajax.googleapis.com — Cisco Umbrella Rank: 398 firebase.googleapis.com — Cisco Umbrella Rank: 5658 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 533	36 KB
6	changethewindows.com changethewindows.com	1 MB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	81 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	193 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 15922	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1866	257 B
1	google.de www.google.de — Cisco Umbrella Rank: 5230	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 3	455 B
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 26077	38 KB
1	abstractapi.com ipgeolocation.abstractapi.com — Cisco Umbrella Rank: 74638	1 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 51	2 KB
1	firebase.com cdn.firebase.com — Cisco Umbrella Rank: 74857	42 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	2 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 11782	770 B
52	18

	Domain	Requested by
8	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
6	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
6	www.gstatic.com	changethewindows.com
6	changethewindows.com	changethewindows.com cdn.trustedform.com
5	cdnjs.cloudflare.com	changethewindows.com
3	www.googletagmanager.com	changethewindows.com www.gstatic.com www.googletagmanager.com
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	firebase.googleapis.com	www.gstatic.com
2	cdn.trustedform.com	changethewindows.com api.trustedform.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	changethewindows.com
1	www.google.com	changethewindows.com
1	fonts.gstatic.com	fonts.googleapis.com
1	create.lidstatic.com	changethewindows.com
1	ipgeolocation.abstractapi.com	ajax.googleapis.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	ajax.googleapis.com	changethewindows.com
1	cdn.firebase.com	changethewindows.com
1	cdn.jsdelivr.net	changethewindows.com
1	cdn.rawgit.com	1 redirects
1	fonts.googleapis.com	changethewindows.com
52	23

This site contains no links.

Subject Issuer	Validity	Valid
changethewindows.com ZeroSSL RSA Domain Secure Site CA	`2023-06-04` - `2023-09-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.ratoong.com GTS CA 1D4	`2023-05-13` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
ipgeolocation.abstractapi.com Amazon RSA 2048 M02	`2023-04-23` - `2024-05-21`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-19`	8 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2023-02-22` - `2023-10-09`	8 months	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://changethewindows.com/
Frame ID: 58F08A9F85FF35178BC0EC72FBA479B1
Requests: 48 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=3085E021-795C-74D0-572D-409A05486225&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=8D552222-0380-A3DD-6336-5C5583E28067&lac=5E5079D9-D129-D386-A96A-025690C9B696
Frame ID: E54473841EAF920669735808A035D4AF
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=3085E021-795C-74D0-572D-409A05486225&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=8D552222-0380-A3DD-6336-5C5583E28067&lac=5E5079D9-D129-D386-A96A-025690C9B696
Frame ID: 3F0989E2014A27150FF32CCFD6A79501
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Change The Windows - Get a quote for your windows today

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

52
Requests

96 %
HTTPS

68 %
IPv6

18
Domains

23
Subdomains

22
IPs

2
Countries

2279 kB
Transfer

4006 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://cdn.rawgit.com/Eonasdan/bootstrap-datetimepicker/e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/bootstrap-datetimepicker.css HTTP 301
https://cdn.jsdelivr.net/gh/Eonasdan/bootstrap-datetimepicker@e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/bootstrap-datetimepicker.css

Request Chain 17

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860389858900.6751007795561761 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860389858900.6751007795561761

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
changethewindows.com/ 31 KB
10 KB 761ms
323ms Document
text/html 173.201.179.249
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://changethewindows.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.179.249 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 249.179.201.173.host.secureserver.net
Software: Apache /
Resource Hash: a7c5d1855afd2de991f08ca7848b53ee7bd10e4abfb4fbaa8051638513a90083

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 9761
content-type: text/html
date: Tue, 06 Jun 2023 08:09:45 GMT
etag: "1221f77-7c8a-5fd5280b06dec-br"
last-modified: Sun, 04 Jun 2023 19:07:51 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ 118 KB
16 KB 69ms
27ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1004051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16149
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-1d970"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sY3BxkYzj2IkA%2BGYAEh3lFvj0Gx%2F60LJcaCDZrJ1FJv5ZPzjmZaL6zFT7JVej1%2BaFJ92rHD8%2Fum%2Bs8Q4uo%2BkP4fSGFMG0VJkcLtp%2BeMtldg6rCM9EgCJLNq%2FVcZ%2FtDDD7vbTnYDZmUpYeQld4seOvdDL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d2f2ccbae5f3a84-FRA
expires: Sun, 26 May 2024 08:09:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 32 KB
2 KB 80ms
32ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,100,300,700,900|Open+Sans:400,300,600,700,800|Raleway:400,100,200,300,500,600,700,800,900

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b4aa33253c7ed3e3d361b9badc63d6447296bb2b97ba0b7b9c83adc7356e273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Jun 2023 08:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 08:09:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Jun 2023 08:09:45 GMT

GET
H2

200

bootstrap-datetimepicker.css
cdn.jsdelivr.net/gh/Eonasdan/bootstrap-datetimepicker@e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/
Redirect Chain

https://cdn.rawgit.com/Eonasdan/bootstrap-datetimepicker/e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/bootstrap-datetimepicker.css
https://cdn.jsdelivr.net/gh/Eonasdan/bootstrap-datetimepicker@e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/bootstrap-datetimepicker.css

9 KB
2 KB

83ms
21ms

Stylesheet
text/css

2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Eonasdan/bootstrap-datetimepicker@e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/bootstrap-datetimepicker.css

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ca124a8446a32ee80ea54dd30cff6bcc2e192537d77124554ffe5d8794682153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Jun 2023 08:09:45 GMT
x-content-type-options: nosniff
content-encoding: br
age: 17377
x-jsd-version: e8bddc60e73c1ec2475f827be36e1957af72e2ea
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1450
x-served-by: cache-fra-etou8220068-FRA
x-jsd-version-type: commit
etag: W/"2348-HFXjyK2Bcqoa7e9+nOVQvsc3078"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

date: Tue, 06 Jun 2023 08:09:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 860
age: 81542
x-cache: MISS, HIT
cdn-cachedat: 06/06/2023 08:09:45
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 175
x-served-by: cache-fra-eddf8230044-FRA, cache-chi-kigq8000130-CHI
server: BunnyCDN-DE1-1077
cdn-proxyver: 1.03
cdn-requestpullcode: 301
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/gh/Eonasdan/bootstrap-datetimepicker@e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/bootstrap-datetimepicker.css
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers: *
cache-control: public, max-age=2592000
cdn-cache: EXPIRED
cdn-requestid: b3a485e8fbf89d6624b2acc8dae8cd9b
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 style01.css
changethewindows.com/ 8 KB
2 KB 166ms
165ms Stylesheet
text/css 173.201.179.249
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://changethewindows.com/style01.css
Requested by: Host: changethewindows.com
URL: https://changethewindows.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.179.249 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 249.179.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 621dd30d0cba4be409ab8b00a8c9a5adf6bd4d755355f0ba9b85d5e80c1cc876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:45 GMT
content-encoding: br
last-modified: Sun, 04 Jun 2023 13:32:08 GMT
server: Apache
etag: "1220bd9-2151-5fd4dd01242e1-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2314

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 138 KB
53 KB 85ms
34ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-393417643

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

279b79fc0ca179de802770cceaffba58c3839960c2fc196cb2ce90db28388eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54358
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Jun 2023 08:09:45 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 84 KB
27 KB 86ms
44ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3438410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27198
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1514f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIveFJBTNrXR%2BF6rCky6QqnZHDLi%2B7bARFvuiD0DPVrHZ%2BghWiefdNHAYmVVn4ghhQlLAx8PAth%2B4gjqnEmpW%2FD6uIvOcK%2FfxWeYf5yPCKErWTzxS64PjoJ5Mwox2rsAxiadmvA%2FvKJC6wuxrpYfrpvX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d2f2ccbae613a84-FRA
expires: Sun, 26 May 2024 08:09:45 GMT

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 36 KB
9 KB 67ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 405879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8722
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-90b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASVnFXgxpurZ4Y%2BHZx6rTSC7YyPor8bd9SXQ6NWRyhl23nC73mnuVVZoL6f0Anc7AoSmJukbtfZ7IqGOVZyLmqjNTVCzOzkWa%2BA3cDaSZD%2Ft4v8zaoKNR9ni2OR4aMAEEHDk%2Fw0MoZR63r96iBfwFxbW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d2f2ccbae643a84-FRA
expires: Sun, 26 May 2024 08:09:45 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.15.1/ 58 KB
18 KB 89ms
48ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.15.1/moment.min.js

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0f22f979f0bf6aee2c234fae784d024cf82fda704ca81bbdfc88bf01f278578

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2258822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18261
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-e79d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLbQU%2FTlRTeiGyJQmuvuup9%2FvKDp3G4BJ1ExLsBRWD7yWVxjEyzlX7MuHejDFJALsWzyMGHNGXpm4pWUjgUorpx7h8WtzohK0AOYvtZ%2FxuLL0Qdq083xSMhmsI5zCoSJRWyEI8%2BJkVCuMyuVLdKSzQDQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d2f2ccbae623a84-FRA
expires: Sun, 26 May 2024 08:09:45 GMT

GET
H2 200 bootstrap-datetimepicker.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap-datetimepicker/4.17.42/js/ 48 KB
11 KB 70ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datetimepicker/4.17.42/js/bootstrap-datetimepicker.min.js

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23cbc66640368cbd0fa6dc72241bdec0356a3577202217207aa8be183fdac37e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 10608195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10594
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-be77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtWMGaA80peX%2FbONX0jzbhk49m22fV5K%2F29KctGwVDHRCC9hja4hZdEN27ULGf%2FxqC1ufhFoSKifMIEJKlwq4PduOWH%2Fo3ch%2F7vbY9Oj6MEqH6R%2F8363Ae4qGh8ibhtdOLPVN1YzVuTNgoTF%2BdLh%2FmOo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d2f2ccbae653a84-FRA
expires: Sun, 26 May 2024 08:09:45 GMT

GET
H2 200 firebase.js Show response
cdn.firebase.com/js/client/2.2.1/ 126 KB
42 KB 80ms
21ms Script
application/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firebase.com/js/client/2.2.1/firebase.js

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

518b731b6199f76c37019787532becd97b039fac1c702f0796cee256b95755f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
date: Tue, 06 Jun 2023 08:09:45 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 42203
x-served-by: cache-fra-etou8220051-FRA
last-modified: Wed, 15 Jul 2020 22:46:44 GMT
x-timer: S1686038986.561951,VS0,VE1
etag: "3f28a52a4862dcf057748c28f09e4a9a6d501c1cdd4e794e84507a42f71378aa"
vary: x-fh-requested-host, accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=432000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 20:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 20:49:40 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.3.0/ 382 KB
113 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.3.0/firebase.js

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8dffa3025ee2104b3cc6656fbc09a7efe9c8e48b702c6c2ff69305571ed9078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 21:32:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114634
x-xss-protection: 0
last-modified: Thu, 17 Aug 2017 21:11:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 May 2024 21:32:21 GMT

GET
H2 200 script.js Show response
changethewindows.com/ 19 KB
4 KB 166ms
165ms Script
application/javascript 173.201.179.249
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://changethewindows.com/script.js
Requested by: Host: changethewindows.com
URL: https://changethewindows.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.179.249 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 249.179.201.173.host.secureserver.net
Software: Apache /
Resource Hash: be261186a68d902831940b85442b3eb7254950cbe1c3a74c6e948ace3e3a61f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:45 GMT
content-encoding: br
last-modified: Sun, 04 Jun 2023 19:07:54 GMT
server: Apache
etag: "1221f73-4dba-5fd5280de7f24-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4195

GET
H2 200 logon.png
changethewindows.com/ 25 KB
25 KB 165ms
164ms Image
image/png 173.201.179.249
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://changethewindows.com/logon.png
Requested by: Host: changethewindows.com
URL: https://changethewindows.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.179.249 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 249.179.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 9c17b3f0528e078c89a2f7e0b38921e5bf3cf500c50b7ab5061f851c05f128b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:45 GMT
last-modified: Sun, 04 Jun 2023 12:46:56 GMT
server: Apache
accept-ranges: bytes
etag: "12215d1-6527-5fd4d2e6493f1"
content-length: 25895
content-type: image/png

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/393417643/ 3 KB
2 KB 81ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/393417643/?random=1686038985856&cv=11&fst=1686038985856&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fchangethewindows.com%2F&hn=www.googleadservices.com&frm=0&tiba=Change%20The%20Windows%20-%20Get%20a%20quote%20for%20your%20windows%20today&auid=255638617.1686038986&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-393417643

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6d86f054a1f803ad66bf17a8b5dc67275d106b15a9db7fa0e184fce21356cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 08:09:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1347
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ipgeolocation.abstractapi.com/v1/ 930 B
1 KB 364ms
123ms XHR
application/json 34.194.65.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ipgeolocation.abstractapi.com/v1/?api_key=a1a67d84a2844af7827fb58fd737ed20

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.194.65.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-65-29.compute-1.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

62e6da8ce41c9b3d50fd6982d3d905db7a6ced7df165c7fdee0f0063a709ef4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx/1.14.0 (Ubuntu)
vary: Cookie, Origin
allow: GET, HEAD, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: *
content-length: 930

GET
H2 200 8d552222-0380-a3dd-6336-5c5583e28067.js Show response
create.lidstatic.com/campaign/ 121 KB
38 KB 810ms
745ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2
Requested by: Host: changethewindows.com
URL: https://changethewindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ad0e9cd92912ba49b04ee2bb1e3bba0be1573aa2df0ce52912005cbc69f549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:46 GMT
x-amz-version-id: AwIr6Ex7rpZoWK8FXpeZb5d56meyrdmp
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 12 May 2023 18:48:48 GMT
server: cloudflare
x-amz-request-id: EGGXZ7HXZD7W0FHH
etag: W/"a97f637fe6e3a8df11aaf00a1cfa324a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 7d2f2cce3acb6958-FRA
x-amz-id-2: S9W28bZWskwN3EFoFzF1UwTZOjU8xH9VO4AZdQPpOuG1GpUms8DFJQ28OnZOH28/VPHiRIHMHAQ=

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860389858900.6751007795561761
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860389858900.6751007795561761

7 KB
3 KB

233ms
149ms

Script
application/javascript

2600:9000:223d:b600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860389858900.6751007795561761
Requested by: Host: changethewindows.com
URL: https://changethewindows.com/
Protocol: H2
Server: 2600:9000:223d:b600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d95166940395c50be562fe538c85311002d62b83da8f68a8500be092f4bf98fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:47 GMT
x-amz-version-id: 3_b23spJZawDo2DonqGySoPkWa3Umuag
content-encoding: gzip
last-modified: Fri, 12 May 2023 16:55:50 GMT
server: AmazonS3
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"88ddf717f635b54023edd7480431e1d1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: c3_zjcUemXwkthVKikn_yV3NQiL_8ubjgAyXz48Ty1dW8ie43sIA9A==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860389858900.6751007795561761
date: Tue, 06 Jun 2023 08:09:46 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 mobile_photo.png
changethewindows.com/ 1 MB
1 MB 393ms
393ms Image
image/png 173.201.179.249
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://changethewindows.com/mobile_photo.png
Requested by: Host: changethewindows.com
URL: https://changethewindows.com/style01.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.179.249 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 249.179.201.173.host.secureserver.net
Software: Apache /
Resource Hash: f38e3888ded8df6b6c791571511f68dc3cb7a7be8a69c4120a8a056b2186902b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/style01.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:45 GMT
last-modified: Sun, 04 Jun 2023 12:47:00 GMT
server: Apache
accept-ranges: bytes
etag: "1221f70-15dc1a-5fd4d2ea48f32"
content-length: 1432602
content-type: image/png

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 78ms
23ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,100,300,700,900|Open+Sans:400,300,600,700,800|Raleway:400,100,200,300,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://changethewindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:19:21 GMT
x-content-type-options: nosniff
age: 535824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 May 2024 03:19:21 GMT

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/9.16.0/ 91 KB
20 KB 92ms
44ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.16.0/firebase-app.js

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb5f8a95267bd9904f7a3ce9d4fcdb0464d4dd5b3ae30bdbc770d1fb2288557e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://changethewindows.com/
Origin: https://changethewindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 17:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20625
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 22:17:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 17:09:21 GMT

GET
H3 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/9.16.0/ 115 KB
33 KB 71ms
24ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.16.0/firebase-auth.js

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0c85cca9f8e1200f830be60f65af83ba0da7761536769d466eea44cab90d76c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://changethewindows.com/
Origin: https://changethewindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 23:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33686
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 22:17:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 23:46:41 GMT

GET
H3 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/9.16.0/ 24 KB
8 KB 79ms
33ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.16.0/firebase-analytics.js

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7c33fc715ab1fdb85337108e51de9926cf1c52df75719fd519abefe6bd6b289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://changethewindows.com/
Origin: https://changethewindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 17:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8367
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 22:17:17 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 17:09:21 GMT

GET
H3 200 firebase-database.js Show response
www.gstatic.com/firebasejs/9.16.0/ 150 KB
43 KB 83ms
36ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.16.0/firebase-database.js

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d6c12412c738a0728ff74bd0d196da6c3b692160dff500ac06355bc0a246d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://changethewindows.com/
Origin: https://changethewindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 11:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44394
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 22:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 11:00:45 GMT

GET
H3 200 firebase-firestore.js Show response
www.gstatic.com/firebasejs/9.16.0/ 314 KB
93 KB 102ms
54ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.16.0/firebase-firestore.js

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7b7b321919dd9af22c94befea1dc176af4f5cf86b01b04d49d57e96f017be40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://changethewindows.com/
Origin: https://changethewindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 11:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94703
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 22:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jun 2024 11:18:38 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/393417643/ 42 B
455 B 85ms
33ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/393417643/?random=1686038985856&cv=11&fst=1686038400000&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fchangethewindows.com%2F&frm=0&tiba=Change%20The%20Windows%20-%20Get%20a%20quote%20for%20your%20windows%20today&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3097878640&rmt_tld=0&ipr=y

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 08:09:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/393417643/ 42 B
455 B 89ms
32ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/393417643/?random=1686038985856&cv=11&fst=1686038400000&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fchangethewindows.com%2F&frm=0&tiba=Change%20The%20Windows%20-%20Get%20a%20quote%20for%20your%20windows%20today&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3097878640&rmt_tld=1&ipr=y

Requested by

Host: changethewindows.com
URL: https://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 08:09:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:23653634552:web:b0957f39db7c75a9a1460d/ 349 B
428 B 50ms
48ms Fetch
application/json 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:23653634552:web:b0957f39db7c75a9a1460d/webConfig

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.16.0/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b3803ab430b2f89eb9ee1276b393e9595300ad4e26398329258daf7b8051e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://changethewindows.com/
x-goog-api-key: AIzaSyCphrXDEdlCXWUlrQnx_-IgXG5adMMU034
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://changethewindows.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 238
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:23653634552:web:b0957f39db7c75a9a1460d/ Frame 0
0 83ms
35ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:23653634552:web:b0957f39db7c75a9a1460d/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://changethewindows.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://changethewindows.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 06 Jun 2023 08:09:46 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/surveys-4f320/ Frame 0
0 83ms
29ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/surveys-4f320/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://changethewindows.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://changethewindows.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 06 Jun 2023 08:09:46 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/surveys-4f320/ 622 B
686 B 303ms
301ms Fetch
application/json 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/surveys-4f320/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.16.0/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

249930071a4377c8e4ba42480c3bbf677088cd033c643bdcd3e4b054da9b93ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://changethewindows.com/
x-goog-api-key: AIzaSyCphrXDEdlCXWUlrQnx_-IgXG5adMMU034
accept-language: de-DE,de;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMSBmaXJlLWNvcmUtZXNtMjAxNy8wLjkuMSBmaXJlLWpzLyBmaXJlLWpzLWFsbC1jZG4vOS4xNi4wIGZpcmUtYXV0aC8wLjIxLjEgZmlyZS1hdXRoLWVzbTIwMTcvMC4yMS4xIGZpcmUtaWlkLzAuNi4xIGZpcmUtaWlkLWVzbTIwMTcvMC42LjEgZmlyZS1hbmFseXRpY3MvMC45LjEgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjkuMSBmaXJlLXJ0ZGIvMC4xNC4xIGZpcmUtcnRkYi1lc20yMDE3LzAuMTQuMSBmaXJlLWZzdC8zLjguMSBmaXJlLWZzdC1lc20yMDE3LzMuOC4xIiwiZGF0ZXMiOlsiMjAyMy0wNi0wNiJdfV19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Jun 2023 08:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://changethewindows.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 496
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
70 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-SB6MFRQ40E

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.16.0/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3efcab576e6ea730c16248205c529a8783f43fd5a0c43d14c3e35e0b0dce01a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71311
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Jun 2023 08:09:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
70 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SB6MFRQ40E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-393417643

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

433b098e810c7dba2ff828666cc159d4db1529076ef85b4b73295c812ceed69f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71319
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Jun 2023 08:09:46 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 74ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SB6MFRQ40E&gtm=45je35v0&_p=298209414&_fid=dSVjW70j416sw9FTJk_akn&cid=440831763.1686038986&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686038986&sct=1&seg=0&dl=https%3A%2F%2Fchangethewindows.com%2F&dt=Change%20The%20Windows%20-%20Get%20a%20quote%20for%20your%20windows%20today&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-SB6MFRQ40E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 08:09:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://changethewindows.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.13/ 36 B
661 B 414ms
171ms XHR
text/plain 3.216.107.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/GenerateToken?msn=1&pid=91fc39f4-29f2-4c5d-bde5-b0562d51039c&_=739747609

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.107.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-107-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8ef06732d70dc840a34a7dfc5cf9f79520e3746129dfd8b7e286a271f8488679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 08:09:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame E544 3 KB
2 KB 104ms
27ms Document
text/html 18.66.188.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=3085E021-795C-74D0-572D-409A05486225&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=8D552222-0380-A3DD-6336-5C5583E28067&lac=5E5079D9-D129-D386-A96A-025690C9B696

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.188.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-188-58.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://changethewindows.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 73865
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 05 Jun 2023 11:39:08 GMT
ETag: W/"643ec1f4-dbb"
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 2551fa016e0e39646c40c584001d7b4e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 1k4qQYRaVpV9yn83C-Gd-2W1AmWpenY70o_QEBO1coRMAhY7lBLTyQ==
X-Amz-Cf-Pop: MUC50-P1
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.13/ 0
624 B 116ms
116ms XHR
text/plain 3.216.107.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/SaveDom?msn=2&pid=91fc39f4-29f2-4c5d-bde5-b0562d51039c&token=3085E021-795C-74D0-572D-409A05486225&_=739747610

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.107.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-107-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 08:09:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.13/ 0
624 B 220ms
219ms XHR
text/plain 3.216.107.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/InitFormData?msn=3&pid=91fc39f4-29f2-4c5d-bde5-b0562d51039c&token=3085E021-795C-74D0-572D-409A05486225&_=739747611

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.107.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-107-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 08:09:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 3F09 4 KB
2 KB 463ms
112ms Document
text/html 52.206.129.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=3085E021-795C-74D0-572D-409A05486225&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=8D552222-0380-A3DD-6336-5C5583E28067&lac=5E5079D9-D129-D386-A96A-025690C9B696
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=3085E021-795C-74D0-572D-409A05486225&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=8D552222-0380-A3DD-6336-5C5583E28067&lac=5E5079D9-D129-D386-A96A-025690C9B696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.129.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-129-240.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Tue, 06 Jun 2023 08:09:47 GMT
etag: W/"646ce712-1049"
expires: Wed, 07 Jun 2023 08:09:47 GMT
last-modified: Tue, 23 May 2023 16:17:22 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H2 200 Snap Show response
create.leadid.com/2.11.13/ 0
624 B 339ms
116ms XHR
text/plain 3.216.107.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/Snap?msn=4&pid=91fc39f4-29f2-4c5d-bde5-b0562d51039c&token=3085E021-795C-74D0-572D-409A05486225&_=739747612

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.107.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-107-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 08:09:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.13/ Frame 3F09 0
628 B 339ms
115ms Script
text/javascript 3.216.107.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/SaveDeviceId.js?lac=5E5079D9-D129-D386-A96A-025690C9B696&lck=8D552222-0380-A3DD-6336-5C5583E28067&methods=48&token=3085E021-795C-74D0-572D-409A05486225&uuid=4d653550dc6644b5ba9776f4053928bf

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=3085E021-795C-74D0-572D-409A05486225&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=8D552222-0380-A3DD-6336-5C5583E28067&lac=5E5079D9-D129-D386-A96A-025690C9B696

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.107.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-107-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 332ms
112ms XHR
application/json 52.4.12.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860389858900.6751007795561761
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.4.12.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-12-52.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: a1f4f9d44f7504b3b2070b2e8a5b3285b9e7523a3b94431ee39369eaa84ae4f9

Request headers

Referer: https://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jun 2023 08:09:48 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 trustedform-1.8.39.js Show response
cdn.trustedform.com/ 102 KB
37 KB 49ms
49ms Script
application/javascript 2600:9000:223d:b600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860389858900.6751007795561761
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:b600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: OadgesbszW_FbzYEqgjtb7SPpT8rHyZy
content-encoding: gzip
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
date: Tue, 06 Jun 2023 08:09:48 GMT
last-modified: Fri, 12 May 2023 16:55:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 2
etag: W/"9c2830f2c2e5b9cb27e0e7f151317cbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Kbn6jTplOgJVP51O8Ymz00FhE06Sxxgis758RMfMZNHRbuv4BnNJfg==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/e959558d87ad6cd92854d69478f2b17e4d3eddc6/ 0
159 B 127ms
127ms XHR
text/plain 52.4.12.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/e959558d87ad6cd92854d69478f2b17e4d3eddc6/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.4.12.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-12-52.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 06 Jun 2023 08:09:48 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 logon.png
changethewindows.com/ 25 KB
25 KB 164ms
164ms Image
image/png 173.201.179.249
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://changethewindows.com/logon.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.179.249 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 249.179.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 9c17b3f0528e078c89a2f7e0b38921e5bf3cf500c50b7ab5061f851c05f128b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:09:48 GMT
last-modified: Sun, 04 Jun 2023 12:46:56 GMT
server: Apache
accept-ranges: bytes
etag: "12215d1-6527-5fd4d2e6493f1"
content-length: 25895
content-type: image/png

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/e959558d87ad6cd92854d69478f2b17e4d3eddc6/ 0
159 B 218ms
217ms XHR
text/plain 52.4.12.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/e959558d87ad6cd92854d69478f2b17e4d3eddc6/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.4.12.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-12-52.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 06 Jun 2023 08:09:48 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 204 events
api.trustedform.com/certs/e959558d87ad6cd92854d69478f2b17e4d3eddc6/ 0
159 B 112ms
111ms Ping
text/plain 52.4.12.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/e959558d87ad6cd92854d69478f2b17e4d3eddc6/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.4.12.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-12-52.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Jun 2023 08:09:48 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.13/ 0
624 B 117ms
117ms XHR
text/plain 3.216.107.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/InitFormData?msn=5&pid=91fc39f4-29f2-4c5d-bde5-b0562d51039c&token=3085E021-795C-74D0-572D-409A05486225&_=739747613

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.107.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-107-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 08:09:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/e959558d87ad6cd92854d69478f2b17e4d3eddc6/ 0
159 B 113ms
112ms XHR
text/plain 52.4.12.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/e959558d87ad6cd92854d69478f2b17e4d3eddc6/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.4.12.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-12-52.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 06 Jun 2023 08:09:49 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 Snap Show response
create.leadid.com/2.11.13/ 0
625 B 449ms
337ms XHR
text/plain 3.216.107.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/Snap?msn=6&pid=91fc39f4-29f2-4c5d-bde5-b0562d51039c&token=3085E021-795C-74D0-572D-409A05486225&_=739747614

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.107.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-107-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 08:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.13/ 0
625 B 242ms
242ms XHR
text/plain 3.216.107.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/Snap?msn=7&pid=91fc39f4-29f2-4c5d-bde5-b0562d51039c&token=3085E021-795C-74D0-572D-409A05486225&_=739747615

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.107.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-107-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 08:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.changethewindows.com/	1970-01-20 14:30:14	Name: _gcl_au Value: 1.1.255638617.1686038986
.doubleclick.net/	1970-01-20 12:20:39	Name: test_cookie Value: CheckForPermission
.changethewindows.com/	1970-01-20 21:56:38	Name: _ga_SB6MFRQ40E Value: GS1.1.1686038986.1.0.1686038986.0.0.0
.changethewindows.com/	1970-01-20 21:56:38	Name: _ga Value: GA1.1.440831763.1686038986
changethewindows.com/	1969-12-31 23:59:59	Name: leadid_token-5E5079D9-D129-D386-A96A-025690C9B696-8D552222-0380-A3DD-6336-5C5583E28067 Value: 3085E021-795C-74D0-572D-409A05486225
.deviceid.trueleadid.com/	1970-01-20 21:56:38	Name: uuid Value: 4d653550dc6644b5ba9776f4053928bf

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.trustedform.com
cdn.firebase.com
cdn.jsdelivr.net
cdn.rawgit.com
cdn.trustedform.com
cdnjs.cloudflare.com
changethewindows.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ipgeolocation.abstractapi.com
region1.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
151.101.1.195
173.201.179.249
18.66.188.58
2001:4860:4802:34::36
2400:52e0:1e00::1077:1
2600:9000:223d:b600:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2606:4700::6811:180e
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200a
2a00:1450:4001:813::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
2a04:4e42::485
3.216.107.174
34.194.65.29
52.206.129.240
52.4.12.52
0b3803ab430b2f89eb9ee1276b393e9595300ad4e26398329258daf7b8051e56
23cbc66640368cbd0fa6dc72241bdec0356a3577202217207aa8be183fdac37e
249930071a4377c8e4ba42480c3bbf677088cd033c643bdcd3e4b054da9b93ad
279b79fc0ca179de802770cceaffba58c3839960c2fc196cb2ce90db28388eae
28ad0e9cd92912ba49b04ee2bb1e3bba0be1573aa2df0ce52912005cbc69f549
3efcab576e6ea730c16248205c529a8783f43fd5a0c43d14c3e35e0b0dce01a8
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
433b098e810c7dba2ff828666cc159d4db1529076ef85b4b73295c812ceed69f
518b731b6199f76c37019787532becd97b039fac1c702f0796cee256b95755f2
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
621dd30d0cba4be409ab8b00a8c9a5adf6bd4d755355f0ba9b85d5e80c1cc876
62e6da8ce41c9b3d50fd6982d3d905db7a6ced7df165c7fdee0f0063a709ef4a
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
7b4aa33253c7ed3e3d361b9badc63d6447296bb2b97ba0b7b9c83adc7356e273
7d6c12412c738a0728ff74bd0d196da6c3b692160dff500ac06355bc0a246d26
8ef06732d70dc840a34a7dfc5cf9f79520e3746129dfd8b7e286a271f8488679
9c17b3f0528e078c89a2f7e0b38921e5bf3cf500c50b7ab5061f851c05f128b9
a1f4f9d44f7504b3b2070b2e8a5b3285b9e7523a3b94431ee39369eaa84ae4f9
a7c5d1855afd2de991f08ca7848b53ee7bd10e4abfb4fbaa8051638513a90083
b6d86f054a1f803ad66bf17a8b5dc67275d106b15a9db7fa0e184fce21356cd8
b8dffa3025ee2104b3cc6656fbc09a7efe9c8e48b702c6c2ff69305571ed9078
be261186a68d902831940b85442b3eb7254950cbe1c3a74c6e948ace3e3a61f3
ca124a8446a32ee80ea54dd30cff6bcc2e192537d77124554ffe5d8794682153
d0c85cca9f8e1200f830be60f65af83ba0da7761536769d466eea44cab90d76c
d7b7b321919dd9af22c94befea1dc176af4f5cf86b01b04d49d57e96f017be40
d7c33fc715ab1fdb85337108e51de9926cf1c52df75719fd519abefe6bd6b289
d95166940395c50be562fe538c85311002d62b83da8f68a8500be092f4bf98fd
e0f22f979f0bf6aee2c234fae784d024cf82fda704ca81bbdfc88bf01f278578
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5f8a95267bd9904f7a3ce9d4fcdb0464d4dd5b3ae30bdbc770d1fb2288557e
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f38e3888ded8df6b6c791571511f68dc3cb7a7be8a69c4120a8a056b2186902b
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14

changethewindows.com Open in urlscan Pro 173.201.179.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

68 %IPv6

18 Domains

23 Subdomains

22 IPs

2 Countries

2279 kBTransfer

4006 kBSize

6 Cookies

0 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

changethewindows.com Open in urlscan Pro
173.201.179.249 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

68 %
IPv6

18
Domains

23
Subdomains

22
IPs

2
Countries

2279 kB
Transfer

4006 kB
Size

6
Cookies

52 HTTP transactions
1 data transactions