windowsavings.energy Open in urlscan Pro
35.206.100.242 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://windowsavings.energy/
Submission Tags: phishingrod
Submission: On January 25 via api (January 25th 2023, 2:43:21 am UTC) from DE — Scanned from DE

Summary HTTP 83 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 83 HTTP transactions. The main IP is 35.206.100.242, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is windowsavings.energy.
TLS certificate: Issued by R3 on January 25th 2023. Valid for: 3 months.

This is the only time windowsavings.energy was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	35.206.100.242 35.206.100.242	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
9	35.168.77.57 35.168.77.57	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
13	18.155.129.125 18.155.129.125	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.115 13.224.189.115	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	147.154.25.5 147.154.25.5	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 4	52.54.243.114 52.54.243.114	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:ae00:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.118.220 13.32.118.220	16509 (AMAZON-02) (AMAZON-02)
83	19

24 35.206.100.242 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 242.100.206.35.bc.googleusercontent.com

windowsavings.energy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.168.77.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-77-57.compute-1.amazonaws.com

windowsavingsusa.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

lucrordesign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.155.129.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-125.cdg52.r.cloudfront.net

static.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-115.fra2.r.cloudfront.net

polyfill.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1a (Netherlands) 1 redirects

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
releases.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.154.25.5 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.54.243.114 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-243-114.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:ae00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.118.220 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-220.fra60.r.cloudfront.net

d2zdr2rqflfo3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	windowsavings.energy windowsavings.energy	2 MB
23	leadshook.io windowsavingsusa.leadshook.io static.leadshook.io — Cisco Umbrella Rank: 502339 polyfill.leadshook.io — Cisco Umbrella Rank: 561112	4 MB
6	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 24883 cdn.trustedform.com — Cisco Umbrella Rank: 28121	42 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	272 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 153	271 KB
4	gstatic.com fonts.gstatic.com	32 KB
3	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4071	50 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	105 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	9 KB
2	cloudfront.net d2zdr2rqflfo3.cloudfront.net	828 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 357	80 KB
2	jquery.com 1 redirects code.jquery.com — Cisco Umbrella Rank: 672 releases.jquery.com — Cisco Umbrella Rank: 49406	28 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 76	63 KB
1	oraclecloudapps.com gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com	2 KB
1	lucrordesign.com lucrordesign.com
0	freegeoip.app Failed freegeoip.app Failed
83	16

	Domain	Requested by
24	windowsavings.energy	windowsavings.energy
13	static.leadshook.io	windowsavingsusa.leadshook.io cdn.trustedform.com
9	windowsavingsusa.leadshook.io	windowsavings.energy windowsavingsusa.leadshook.io browser.sentry-cdn.com
4	api.trustedform.com	1 redirects browser.sentry-cdn.com
4	www.facebook.com	windowsavings.energy windowsavingsusa.leadshook.io
4	connect.facebook.net	windowsavings.energy connect.facebook.net windowsavingsusa.leadshook.io
4	fonts.gstatic.com	fonts.googleapis.com
3	browser.sentry-cdn.com	windowsavingsusa.leadshook.io
3	cdnjs.cloudflare.com	windowsavingsusa.leadshook.io cdnjs.cloudflare.com
3	fonts.googleapis.com	windowsavings.energy windowsavingsusa.leadshook.io
2	d2zdr2rqflfo3.cloudfront.net	windowsavingsusa.leadshook.io cdn.trustedform.com
2	cdn.trustedform.com	windowsavingsusa.leadshook.io api.trustedform.com
2	cdn.jsdelivr.net	windowsavingsusa.leadshook.io
2	www.youtube.com	windowsavingsusa.leadshook.io www.youtube.com
1	gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com	windowsavingsusa.leadshook.io
1	releases.jquery.com	windowsavingsusa.leadshook.io
1	code.jquery.com	1 redirects
1	polyfill.leadshook.io	windowsavingsusa.leadshook.io
1	lucrordesign.com	windowsavings.energy
0	freegeoip.app Failed	browser.sentry-cdn.com
83	20

This site contains no links.

Subject Issuer	Validity	Valid
*.windowsavings.energy R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
leadshook.io Amazon	`2022-11-06` - `2023-12-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.lucrordesign.com GTS CA 1P5	`2022-12-28` - `2023-03-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-03` - `2023-02-01`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
adb.us-ashburn-1.oraclecloudapps.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-18` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.trustedform.com Amazon	`2022-09-11` - `2023-10-09`	a year	crt.sh
cdn.trustedform.com Amazon	`2022-04-14` - `2023-05-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://windowsavings.energy/
Frame ID: 317AC8681C9A7BC71191FFB071E67F01
Requests: 46 HTTP requests in this frame

Frame: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Frame ID: 9ABF12EFC29B7080FE89ED8C21837A11
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Window Savings Now – Useful Money Saving Tips

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

83
Requests

96 %
HTTPS

61 %
IPv6

16
Domains

20
Subdomains

19
IPs

3
Countries

6653 kB
Transfer

13760 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://code.jquery.com/git/jquery-git.min.js HTTP 301
https://releases.jquery.com/git/jquery-git.min.js

Request Chain 64

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=16746145971760.44543464562484214&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=16746145971760.44543464562484214&invert_field_sensitivity=false

83 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
windowsavings.energy/ 60 KB
13 KB 860ms
264ms Document
text/html 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsavings.energy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

242.100.206.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a27ff44a48aa91614f3ba451201707a66f8abe2e1dc819c82838a12e978f6963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 Jan 2023 02:43:13 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://windowsavings.energy/wp-json/>; rel="https://api.w.org/" <https://windowsavings.energy/wp-json/wp/v2/pages/19>; rel="alternate"; type="application/json" <https://windowsavings.energy/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache-enabled: True
x-content-type-options: nosniff
x-httpd-modphp: 1
x-proxy-cache: HIT
x-xss-protection: 1; mode=block

GET
H2 200 siteground-optimizer-combined-css-2c5ec93f0d5216c7203eb3000acb96b7.css
windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/ 765 KB
94 KB 173ms
171ms Stylesheet
text/css 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-2c5ec93f0d5216c7203eb3000acb96b7.css
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 419faf74d8f19e0e37cc999a94f9b5f62673e9df85046d267a65eab5f11257ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:13 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 09:18:31 GMT
server: nginx
etag: W/"63638767-bf4a0"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 88ms
33ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.1.1

Requested by

Host: windowsavings.energy
URL: https://windowsavings.energy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

224db2aed80c2f0d017ba0071d2b94d326404344f940f0ebc66139459c1e4a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 25 Jan 2023 02:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 02:29:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Jan 2023 02:43:13 GMT

GET
H2 200 jquery.min.js Show response
windowsavings.energy/wp-includes/js/jquery/ 88 KB
30 KB 306ms
304ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:13 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 08:45:10 GMT
server: nginx
etag: W/"63637f96-15e54"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:13 GMT

GET
H2 200 jquery-migrate.min.js Show response
windowsavings.energy/wp-includes/js/jquery/ 11 KB
4 KB 306ms
304ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:13 GMT
content-encoding: br
last-modified: Thu, 03 Feb 2022 03:54:50 GMT
server: nginx
etag: W/"61fb520a-2bd8"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:13 GMT

GET
H2 200 jquery.bind-first-0.2.3.min.js Show response
windowsavings.energy/wp-content/plugins/pixelyoursite/dist/scripts/ 1 KB
873 B 152ms
149ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 08:45:58 GMT
server: nginx
etag: W/"63637fc6-525"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 js.cookie-2.1.3.min.js Show response
windowsavings.energy/wp-content/plugins/pixelyoursite/dist/scripts/ 2 KB
1 KB 155ms
152ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 08:45:58 GMT
server: nginx
etag: W/"63637fc6-6ad"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 pys.min.js Show response
windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/ 35 KB
9 KB 161ms
158ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/pys.min.js
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4e8cdf14e0d06b2e547b331a52fb1095975f29399a3ac571c42e71bc524cb29c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 08:45:58 GMT
server: nginx
etag: W/"63637fc6-8a0a"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 dummy.png
windowsavings.energy/wp-content/plugins/revslider/public/assets/assets/ 68 B
295 B 164ms
161ms Image
image/png 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsavings.energy/wp-content/plugins/revslider/public/assets/assets/dummy.png
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
last-modified: Thu, 03 Nov 2022 08:45:23 GMT
server: nginx
etag: "63637fa3-44"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 68
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 js_embed Show response
windowsavingsusa.leadshook.io/s/ 12 KB
5 KB 502ms
118ms Script
text/html 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/s/js_embed
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: 2451f34eb685958d0461a204f78cb21e61673b84ea677973434ec102cae2d37a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: gzip
server: nginx/1.19.9
x-powered-by: Express
x-cache-status: MISS
vary: Accept-Encoding
etag: W/"3068-b4y/LVV/geUJzot35ztLKPOjA4A"
content-type: text/html; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 3 KB
743 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:500%7CRoboto:400&display=swap

Requested by

Host: windowsavings.energy
URL: https://windowsavings.energy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

856a174277bfd015478e39068c99c48cc89fb90a1e4455b432c83df720c715f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 25 Jan 2023 02:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 02:43:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Jan 2023 02:43:13 GMT

GET
H2 200 swv.min.js Show response
windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/ 10 KB
3 KB 168ms
165ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/swv.min.js
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7f982e420b3c266ea754b657025ecd71170366d0827bbf3b5204619a4cacbade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 08:45:45 GMT
server: nginx
etag: W/"63637fb9-26a4"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 contact-form-7.min.js Show response
windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/ 12 KB
4 KB 172ms
169ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/contact-form-7.min.js
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 50e56f151aef3bbd8b38cc8c719ce1124f2cd3464e17f40d57a6f5d75fb5ee6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 08:45:45 GMT
server: nginx
etag: W/"63637fb9-2f97"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 rbtools.min.js Show response
windowsavings.energy/wp-content/plugins/revslider/public/assets/js/ 161 KB
58 KB 189ms
186ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/plugins/revslider/public/assets/js/rbtools.min.js
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 08:45:23 GMT
server: nginx
etag: W/"63637fa3-285db"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 rs6.min.js Show response
windowsavings.energy/wp-content/plugins/revslider/public/assets/js/ 398 KB
96 KB 292ms
290ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/plugins/revslider/public/assets/js/rs6.min.js
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7b7d5a7040c734484063484276d1643c07c1d8a88c2e4c54818bb6d5fedfd18d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 08:45:23 GMT
server: nginx
etag: W/"63637fa3-63723"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 lazysizes.min.js Show response
windowsavings.energy/wp-content/plugins/sg-cachepress/assets/js/ 8 KB
4 KB 314ms
312ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/plugins/sg-cachepress/assets/js/lazysizes.min.js
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cb34d2ee2a93fd11b734c124a6fc661339585c63382d08eb31bf921b66519eac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Tue, 22 Nov 2022 16:13:38 GMT
server: nginx
etag: W/"637cf532-1ed0"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 xtra.min.js Show response
windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/ 19 KB
6 KB 315ms
313ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/xtra.min.js
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 313b31e0386c1b7afb16ad7bd2e78b526a04afe24cf6a12a9a4c1b1a3704d743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Thu, 09 Sep 2021 16:06:42 GMT
server: nginx
etag: W/"613a3112-4b87"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 codevz-plus.min.js Show response
windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/ 46 KB
13 KB 315ms
313ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/codevz-plus.min.js
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7e7e84874d4184fb3713ccd3d5d638fea7c71097bac90f8d5e61b72a1fef48c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 08:45:35 GMT
server: nginx
etag: W/"63637faf-b80a"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 codevz-plus-share.min.js Show response
windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/ 1 KB
769 B 315ms
314ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/codevz-plus-share.min.js
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 28b9f17b585b3722b4fc4883a2bb4e6c1ffc2be41e45081cbe3752bd752d02a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 08:45:35 GMT
server: nginx
etag: W/"63637faf-439"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 js_composer_front.min.js Show response
windowsavings.energy/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
5 KB 141ms
138ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.10.0
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 08:45:51 GMT
server: nginx
etag: W/"63637fbf-4e52"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 title.js Show response
windowsavings.energy/wp-content/plugins/codevz-plus/wpbakery/assets/js/ 1 KB
661 B 146ms
142ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/plugins/codevz-plus/wpbakery/assets/js/title.js?ver=4.4.17
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7ccd3ac2b3e9256ef32e91ad965fcb391e7442af6a6815381656e5ecf058a49c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 08:45:35 GMT
server: nginx
etag: W/"63637faf-4cc"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 image.js Show response
windowsavings.energy/wp-content/plugins/codevz-plus/wpbakery/assets/js/ 579 B
522 B 149ms
145ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavings.energy/wp-content/plugins/codevz-plus/wpbakery/assets/js/image.js?ver=4.4.17
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 490205bd0e29007df27f327f3c888514d90b0b87f77d54f6a51f3329f0c8ed04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 08:45:35 GMT
server: nginx
etag: W/"63637faf-243"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4f0091d654925b99652679bd060c889704aa70aebd07e1322acda3d38014f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0696bb3df09627caefc874274365ad085818ea01a24cacadd90064b78ed64aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 416 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ed0d520e5505edd3862515a661448e740ce6446332f07e6046b190f12860485

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 77ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsavings.energy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:24:52 GMT
x-content-type-options: nosniff
age: 544702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 19:24:52 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 83ms
29ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsavings.energy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:25:00 GMT
x-content-type-options: nosniff
age: 544694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 19:25:00 GMT

GET
DATA 200
OK truncated
/ 92 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 477f2c7acf54b2994c85f1a07720eb99f56979f5b134efb37a9ef84713c0e318

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 92 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4b22a674c4b9431ebe3fd474ef353534ada4bfc252d4a3236c2d6c964754f9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 92 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 316a853bb4ac612ad41aedf4ba8958156b7e64295f2d0b2ede3c20a910928dff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 123 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9eaba4ee4769286a5a60125fda070144c81cf2f3f24f23e4eece81d8dfeeb672

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 63ms
26ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsavings.energy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 07:58:38 GMT
x-content-type-options: nosniff
age: 585876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:58:38 GMT

GET
H2 404 row-bg.jpg
lucrordesign.com/chris/wp-content/uploads/sites/46/2020/01/ 0
0 1835ms
1601ms Image
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lucrordesign.com/chris/wp-content/uploads/sites/46/2020/01/row-bg.jpg?id=1303
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 css_embed
windowsavingsusa.leadshook.io/s/ 10 KB
3 KB 119ms
119ms Stylesheet
text/css 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/s/css_embed
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/s/js_embed
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: d1bd27467c354f76309622e8ee3ccab8622ea35b8a68300911c48721db894641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: gzip
server: nginx/1.19.9
x-powered-by: Express
x-cache-status: MISS
vary: Accept-Encoding
etag: W/"29ee-Itz+Q3mdDaHi6T0lHtM+/Unz6Jo"
content-type: text/css; charset=utf-8

GET
H2 200 lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv Show response
windowsavingsusa.leadshook.io/survey/ Frame 9ABF 210 KB
28 KB 229ms
229ms Document
text/html 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/s/js_embed
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: 5881a966504fbb4104f1520668852061d365e3cde17f89687be4f69664ecef05

Request headers

Referer: https://windowsavings.energy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 25 Jan 2023 02:43:14 GMT
etag: W/"34601-1HG4COaXKa+bsStUtcEylsyWHlA"
expires: 0
pragma: no-cache
server: nginx/1.19.9
vary: Accept-Encoding
x-cache-status: MISS
x-powered-by: Express
x-username: undefined

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 105ms
40ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/s/js_embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 25 Jan 2023 02:43:14 GMT

GET
H2 200 loader.gif
windowsavings.energy/wp-content/plugins/revslider/public/assets/assets/ 2 KB
3 KB 138ms
137ms Image
image/gif 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsavings.energy/wp-content/plugins/revslider/public/assets/assets/loader.gif
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-2c5ec93f0d5216c7203eb3000acb96b7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-2c5ec93f0d5216c7203eb3000acb96b7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
last-modified: Thu, 03 Nov 2022 08:45:23 GMT
server: nginx
etag: "63637fa3-9f1"
x-proxy-cache-info: DT:1
content-type: image/gif
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 2545
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 109 KB
28 KB 68ms
21ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: windowsavings.energy
URL: https://windowsavings.energy/wp-content/uploads/siteground-optimizer-assets/pys.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ac2cc987531ce3a7c14d0192d38c02af6c593de0b493db61e3d4bc697508e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Jan 2023 02:43:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28350
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: fHcfa0fp9JoX9GHbcWcusNNiJZruaZJ0L4WDJ5suZ4fjJomv2ugxMB6FsCTwJpOnbHEgqmJrhLpYZvsUfbJFFQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 portfolio2.jpg
windowsavings.energy/wp-content/uploads/2021/09/ 310 KB
310 KB 139ms
138ms Image
image/webp 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsavings.energy/wp-content/uploads/2021/09/portfolio2.jpg
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ab9400a816d15900855f00f4dbb936346538a5713b06b4e23d2c2ad2404974e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
last-modified: Thu, 09 Sep 2021 07:04:23 GMT
server: nginx
etag: "6139b1f7-4d786"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 317318
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/ 183 KB
62 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62798
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 25 Jan 2024 02:22:52 GMT

GET
H2 200 1066225467562231 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 183ms
182ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1066225467562231?v=2.9.94&r=canary

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78e812174c125b58d1bce2b7f6fd6c96a4dfd7b9b21d009f4e201fe76eb092a1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Jan 2023 02:43:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Bh09M2pl/VLJ38Qy/k9PhdWN8VFfIQqBNsXzjHtctBfTZ1qITYu7bT+bTp2GGNjC5WatHQxPreBIsVvhjrhKfQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 d3fed649.frontend_vendor.css
static.leadshook.io/app/ Frame 9ABF 29 KB
5 KB 275ms
181ms Stylesheet
text/css 18.155.129.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/d3fed649.frontend_vendor.css
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-125.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:18:43 GMT
content-encoding: gzip
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Mon, 23 Jan 2023 11:01:15 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 1488
etag: W/"d3fed6497d41e35427f8a3440db188fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
x-amz-cf-id: quDcezeDSgPEMeAk5UWCCsCyYegex10Bo_roDaopo9tkB9LqGCDHtA==

GET
H2 200 9721ed50.app.css
static.leadshook.io/app/ Frame 9ABF 255 KB
45 KB 130ms
36ms Stylesheet
text/css 18.155.129.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/9721ed50.app.css
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-125.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1061bc2b7156ef50111328b1c2514fb441169f5c9738172fd399af2484f820c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 00:19:49 GMT
content-encoding: gzip
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Mon, 23 Jan 2023 11:01:15 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 8606
etag: W/"9721ed505acf6127fa123f4b9202d8fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
x-amz-cf-id: VUIEh5kbmnLOTkkOxJ9uLDUu9fl-zGtcwdzzvmTT9jlXw3Wyo-m-DA==

GET
H2 200 pollyfill.js Show response
polyfill.leadshook.io/ Frame 9ABF 101 B
535 B 87ms
22ms Script
application/javascript 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.leadshook.io/pollyfill.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-115.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 16:38:07 GMT
content-security-policy: default-src 'self'
via: 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 122707
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
feature-policy: camera 'none'; microphone 'none'; speaker 'none'
content-length: 101
x-amz-cf-id: slCX3DcnHZPbm_niDTq5RFPrJeuzgr8MdwPASxafRh-AfJpnCMnyTQ==

GET
H2

200

jquery-git.min.js Show response
releases.jquery.com/git/ Frame 9ABF
Redirect Chain

https://code.jquery.com/git/jquery-git.min.js
https://releases.jquery.com/git/jquery-git.min.js

77 KB
27 KB

721ms
674ms

Script
application/javascript

2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://releases.jquery.com/git/jquery-git.min.js
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: e4882a153137cb8bf38a887cf83e5ccf1630b8ddbb3997ce719f3db11ce8e106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:15 GMT
content-encoding: gzip
x-sp-metadata: HS256.CNPKwp4GEpIBCiRiZWYyNTdlNy05Y2FlLTRjNGMtYTRkOS02NDc5MTUzNmM4ZTYQuK6asvr2+wIaBgjCrsKeBiIXMjAwMToxYjYwOjI6MjQwOjMyNDc6OjYoksoDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKhIkNDM0YmQ1OTgtZWVjOC00YmNlLTllNzYtZTY3MjE5NzQzNGFmGJfXASIaCAISFGNkczEzOC5mcjguaHdjZG4ubmV0GAk=.fFEeR9rUljBiNd/5Ynw6j9o26EXM1HG2yqr1O23eZu0=
last-modified: Mon, 23 Jan 2023 22:36:44 GMT
server: nginx
etag: "63cf0bfc-134a8"
x-hw: 1674614594.dop015.fr8.t,1674614594.cds279.fr8.hn,1674614595.cds138.fr8.pr
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300, public
accept-ranges: bytes
content-length: 27543

Redirect headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: gzip
x-sp-metadata: HS256.CNLKwp4GEpIBCiRhNTY0NGU4NS01YjYwLTRjNWMtOTk5NC02MGYyNzFjMzAyYjYQ+OiCoKvU+wIaBgjCrsKeBiIXMjAwMToxYjYwOjI6MjQwOjMyNDc6OjYoksoDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiQ4NjE4N2U3NS0yYmZkLTRlMzQtOTVjOC02MTM0NzU2OGU0YjgYgwEiGAgCEhRjZHMzMjkuZnI4Lmh3Y2RuLm5ldA==.V2jTKph8TzHREPJGDxshGIn4wLuSXLjwoJcFg1+wvlU=
server: nginx
x-hw: 1674614594.dop015.fr8.t,1674614594.cds279.fr8.hn,1674614594.cds329.fr8.c
content-type: text/html
location: https://releases.jquery.com/git/jquery-git.min.js
cache-control: max-age=29172945
accept-ranges: bytes
content-length: 131

GET
H2 200 rrweb.min.js Show response
cdn.jsdelivr.net/npm/rrweb@latest/dist/ Frame 9ABF 137 KB
43 KB 100ms
41ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/rrweb@latest/dist/rrweb.min.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

86a006a77aaf44645501f4bb6c27813d095dbaddc18ec10087e08997ecca8854

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 25 Jan 2023 02:43:14 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 4817
x-jsd-version: 2.0.0-alpha.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43774
x-served-by: cache-fra-eddf8230120-FRA, cache-hhn-etou8220052-HHN
x-jsd-version-type: version
etag: W/"224e5-HOqK1bmU7a2aPc1zsHtbhVp6JrU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 index.js Show response
cdn.jsdelivr.net/npm/rrweb-player@latest/dist/ Frame 9ABF 112 KB
37 KB 80ms
21ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/rrweb-player@latest/dist/index.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

650a554cda8e5c47d8b0d9575cddd6dde949f2eb1f55a5204a47f6dc88ef641f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 25 Jan 2023 02:43:14 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 7270
x-jsd-version: 1.0.0-alpha.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 37046
x-served-by: cache-fra-eddf8230127-FRA, cache-hhn-etou8220052-HHN
x-jsd-version-type: version
etag: W/"1c1c8-rMJxlkkJxT1Tmq4lmaJJTC3QzaA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 1 Show response
gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/scripts/ Frame 9ABF 2 KB
2 KB 2356ms
1677ms Script
text/javascript 147.154.25.5
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/scripts/1
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.154.25.5 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: aa7c94a4bc1ebba2597b8ac0f47a81f8b2ef0b5896f6bde14647e12ce1e7a252

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 25 Jan 2023 02:43:17 GMT
Connection: keep-alive
ETag: "V09kKKWIh8OuXHItQpENMh2YNV3q3BR8P+ILyPrDlDpO0n4fjBO+OFZ9QHwyrw8ayudV2t9k2t2iy8cW3Cv+sQ=="
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 9ABF 30 KB
6 KB 83ms
32ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3745659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4txsSRRWuLgAA%2B7kq9WVGFoGfXJGz4oIAzhA%2F6n2bitibOERiEDhhuBLfZyqi5lxdzjNUDNvJtzDwnPe%2FRJZ5%2Fj%2Bdbsv%2F6C74U6YxUF2XB%2B81ug3rjWwwzq1IQTTcCu0jUzlX4qMJAX5IBhxrCF9%2BQg7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78eda901595dbb71-FRA
expires: Mon, 15 Jan 2024 02:43:14 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ Frame 9ABF 63 KB
23 KB 77ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22890
last-modified: Sat, 25 Dec 2021 03:05:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61c68a7c-596a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BekPytNmOfBCP3vAy6L0RsaYQ7oCQNFbm2W%2FVNO1VJN518kzEnUdaVczPO3CpRMKaBwY3tii7mwkTlqvrDhcV2OhJardqygK53jXf4jml%2BlqRPk6Gk2chSRnxEG1qL2lzdyK%2B2r%2FSRLUzrEmq4FwFB%2Bg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78eda901595ebb71-FRA
expires: Mon, 15 Jan 2024 02:43:14 GMT

GET
H2 200 8fbc9d0c.frontend_vendor.js Show response
static.leadshook.io/app/ Frame 9ABF 2 MB
529 KB 159ms
67ms Script
application/javascript 18.155.129.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/8fbc9d0c.frontend_vendor.js
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-125.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ece7b4a6584431d0a25dbdc353c6cba44d3c63aa986a3a9efc2e78d6cb5e3c62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 04:37:31 GMT
content-encoding: gzip
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Mon, 23 Jan 2023 11:01:14 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 79544
etag: W/"8fbc9d0c1af3fe08877000d4b6a9e902"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: tAWyAs0mm4VaOQ3qlQiHxWMzj9ioaW9k6akRFpAVWXyQEvDz3WkHZA==

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/6.17.4/ Frame 9ABF 63 KB
20 KB 67ms
20ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/bundle.min.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://windowsavingsusa.leadshook.io/
Origin: https://windowsavingsusa.leadshook.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 1791341
etag: "456782718f10c0d95baf1a859662a1e9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20491
expires: Thu, 04 Jan 2024 09:07:33 GMT

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/6.17.4/ Frame 9ABF 89 KB
28 KB 74ms
27ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ab75d2b0c8cc42eb0741c91c456679dd5fa0d6ea201ad0c7e50b06fe916f2c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://windowsavingsusa.leadshook.io/
Origin: https://windowsavingsusa.leadshook.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 1341183
etag: "d79feee5fcf01c4d7aae920cbcbc5c06"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 28623
expires: Tue, 09 Jan 2024 14:10:11 GMT

GET
H2 200 angular.min.js Show response
browser.sentry-cdn.com/6.17.4/ Frame 9ABF 4 KB
2 KB 72ms
25ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/angular.min.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4791f9629b2ab03e00aa962848b886d9d8e709d5185fa2517b1ce4e97027f636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://windowsavingsusa.leadshook.io/
Origin: https://windowsavingsusa.leadshook.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 4711222
etag: "88a049ef735409b4f4e297d1b058b3ab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1770
expires: Fri, 01 Dec 2023 14:02:53 GMT

GET
H2 200 3807be8a.frontend_app.js Show response
static.leadshook.io/app/ Frame 9ABF 3 MB
321 KB 252ms
161ms Script
application/javascript 18.155.129.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/3807be8a.frontend_app.js
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-125.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35dda36cd657b41c621cbf4b4b4dd64e01d5dd41d27561b6a83c0c310239b1b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 04:57:24 GMT
content-encoding: gzip
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Jan 2023 19:20:15 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 78350
etag: W/"8259b8d63dd9489a6acf67dafd14d7c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: NvBkNdhH7c-PSvtgzotHMxRPsTHs4n58T_tY5JY_AcqRbOkcZmjmrw==

GET
H2 200 Window-Savings-Now.png
windowsavings.energy/wp-content/uploads/2021/09/ 83 KB
83 KB 139ms
138ms Image
image/webp 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsavings.energy/wp-content/uploads/2021/09/Window-Savings-Now.png
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f4d9eb584be3bd82a980f5f35ab8e10d4803f53c80fda95912c778d4a566577c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
last-modified: Thu, 02 Sep 2021 06:20:54 GMT
server: nginx
etag: "61306d46-14b36"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 84790
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 carrycot-1888587_1920.jpg
windowsavings.energy/wp-content/uploads/2021/09/ 1 MB
1 MB 145ms
145ms Image
image/webp 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsavings.energy/wp-content/uploads/2021/09/carrycot-1888587_1920.jpg
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f56eec219c331da765c35568a9a8c420bee5121da53e4a69d10b3a61c882f22c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
last-modified: Wed, 01 Sep 2021 09:58:06 GMT
server: nginx
etag: "612f4eae-1205aa"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 1181098
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 pexels-waldemar-brandt-2290609-2048x1365.jpg
windowsavings.energy/wp-content/uploads/2021/09/ 455 KB
455 KB 157ms
157ms Image
image/webp 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsavings.energy/wp-content/uploads/2021/09/pexels-waldemar-brandt-2290609-2048x1365.jpg
Requested by: Host: windowsavings.energy
URL: https://windowsavings.energy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b771b570e60c8e50333e424783ca6cfa7b00b044ad6a169ee6b71f2760bf1c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:14 GMT
last-modified: Wed, 01 Sep 2021 09:57:41 GMT
server: nginx
etag: "612f4e95-71a42"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 465474
expires: Thu, 25 Jan 2024 02:43:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 67ms
23ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1066225467562231&ev=PageView&dl=https%3A%2F%2Fwindowsavings.energy%2F&rl=&if=false&ts=1674614594867&cd[page_title]=Home&cd[post_type]=page&cd[post_id]=19&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=windowsavings.energy%2F&sw=1600&sh=1200&v=2.9.94&r=canary&a=dvpixelyoursite&ec=0&o=30&ttf=2212.8999996185303&tts=1971.2000007629395&ttse=2211.2000007629395&fbp=fb.1.1674614594865.1235966009&it=1674614594609&coo=false&rqm=GET

Requested by

Host: windowsavings.energy
URL: https://windowsavings.energy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Jan 2023 02:43:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsavings.energy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:25:01 GMT
x-content-type-options: nosniff
age: 544693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 19:25:01 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 9ABF 223 KB
7 KB 45ms
44ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e2e7102fcfd7598f2fb2c5cad061991a4581118a5c8bcd5a6ed21335e8c3f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 25 Jan 2023 02:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 02:43:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Jan 2023 02:43:15 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 9ABF 106 KB
27 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Jan 2023 02:43:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27859
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 8muP0s+NOS58XoJ5NAXRaNUNGwtwi6zPmpDGiHnOfpXeI4U34N1Pli4THhoR/agbfck1ZhvJn2zmqfBXEW79ug==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 876288816239243 Show response
connect.facebook.net/signals/config/ Frame 9ABF 377 KB
108 KB 108ms
107ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/876288816239243?v=2.9.94&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fda42a0a7301f1f6ef1461f24cacda76d3d6f68f912dc1bcbe2548e24b083729

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 25 Jan 2023 02:43:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: yYdvswP1VrnM41RalN4XEBQiZXe265LWhKBACVGiXrL9RYSmcg5YhJWP1E2ldkIAIuu1Ks7uOq5oPOfa0D2+zg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 9ABF 0
54 B 22ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=876288816239243&ev=PageView&dl=https%3A%2F%2Fwindowsavingsusa.leadshook.io%2Fsurvey%2FlLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv%3Fembed%3Dtrue%26index%3D0&rl=https%3A%2F%2Fwindowsavings.energy%2F&if=true&ts=1674614595816&sw=1600&sh=1200&v=2.9.94&r=stable&ec=0&o=30&it=1674614595642&coo=false&rqm=GET

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Jan 2023 02:43:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 22ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1066225467562231&ev=Microdata&dl=https%3A%2F%2Fwindowsavings.energy%2F&rl=&if=false&ts=1674614596433&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Window%20Savings%20Now%20%E2%80%93%20Useful%20Money%20Saving%20Tips%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.94&r=canary&a=dvpixelyoursite&ec=1&o=30&ttf=3797.1000003814697&tts=1971.2000007629395&ttse=2233.8999996185303&fbp=fb.1.1674614594865.1235966009&it=1674614594609&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: windowsavings.energy
URL: https://windowsavings.energy/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavings.energy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Jan 2023 02:43:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/ Frame 9ABF
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=16746145971760.44543464562484214&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=16746145971760.44543464562484214&invert_field_sensitivity=false

8 KB
4 KB

309ms
231ms

Script
application/javascript

2600:9000:223d:ae00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=16746145971760.44543464562484214&invert_field_sensitivity=false
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Server: 2600:9000:223d:ae00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2b6c34c5bc6983e8fecc9bf30f0cf13df801e7e2109579dea786fb86880bbe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:18 GMT
x-amz-version-id: mGsiKszEOvLychB1h9uHpdFpT70J3aoc
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 16:07:22 GMT
server: AmazonS3
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"90474758772e8fd27bc16a6e21bb75e8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: mkJRhNCkUVq3GP-_ttntQXhtnT2UIswkzctstMgq6x-4lNAYyeX-hA==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=16746145971760.44543464562484214&invert_field_sensitivity=false
date: Wed, 25 Jan 2023 02:43:17 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

POST
H2 204 nodetracker Show response
windowsavingsusa.leadshook.io/api/ Frame 9ABF 0
194 B 123ms
123ms XHR
text/plain 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/api/nodetracker
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://windowsavingsusa.leadshook.io
date: Wed, 25 Jan 2023 02:43:17 GMT
access-control-allow-credentials: true
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
vary: X-HTTP-Method-Override, Origin

GET
H2 200 pixel.png
d2zdr2rqflfo3.cloudfront.net/ Frame 9ABF 95 B
412 B 494ms
416ms Image
image/png 13.32.118.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2zdr2rqflfo3.cloudfront.net/pixel.png?host=windowsavingsusa.leadshook.io&subdomain=windowsavingsusa&accountId=1401&quizId=43813&leadId=344780658&quizVersionId=7
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-220.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:18 GMT
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified: Sat, 28 Sep 2019 18:11:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "9591c410148e6883727c5339fd1c02cd"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 95
x-amz-cf-id: xPnwQOGB0e9LqMW905cii2kbkK3XbPyJGkyjFAylAXoMkF5fD0VkhA==

GET
H2 200 phil-hearing-iyfp2ixe9nm-unsplash%20(1)-1585714393195.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame 9ABF 609 KB
610 KB 54ms
52ms Image
image/jpeg 18.155.129.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/phil-hearing-iyfp2ixe9nm-unsplash%20(1)-1585714393195.jpg
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-125.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1d13b6e488425debec1aa7606609aa1516a288b6ef44948ccff360afdffd6e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:45:47 GMT
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:19:55 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 53851
etag: "c8dc64c588a920e8a1610f61f68450e7"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 623406
x-amz-cf-id: Fcyshn9xz7yDZVJlMew8HAHML1QCfcDysp8E2wtu5cq9aLVqCvgcOA==

GET
H2 200 mobile%20home-1585767200554.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame 9ABF 398 KB
399 KB 50ms
49ms Image
image/jpeg 18.155.129.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/mobile%20home-1585767200554.jpg
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-125.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd33b485f1a4b9da75b12b4497f6621346981ea0a68ecfa0dd3773a546ccd592

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:45:47 GMT
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:19:56 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 53851
etag: "853aa6a217bcd4cf8ba3e9ef937e8953"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 407374
x-amz-cf-id: -v_aI9z_SG80XtauDPy60aQbXAtZn_BRrxQBmGDnO7vxq67GC2ISdg==

GET
H2 200 apt-1585767199365.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame 9ABF 176 KB
176 KB 46ms
44ms Image
image/jpeg 18.155.129.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/apt-1585767199365.jpg
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-125.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43639d8ed64a965fb70c6b2d10de35dfd9d78271bd171c1512117818b14341e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:45:47 GMT
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:19:59 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 53851
etag: "60415190d5497308b405723cb654b20c"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 179955
x-amz-cf-id: J4WAt60FXMcmyAzEkYgMgVV9bEVxEwY5gsPDjt9SOA_IvTppFUXsEQ==

GET
H2 200 other-1585767202215.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame 9ABF 42 KB
43 KB 65ms
64ms Image
image/jpeg 18.155.129.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/other-1585767202215.jpg
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-125.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b060446306273b1f291d00493b29d7d5d635ba96f7bedbffc17d2b55aac1ff59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:45:47 GMT
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:20:01 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 53851
etag: "d6689798baa214ddbd2398756776cb3b"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 43486
x-amz-cf-id: TtCkpqOo3oAMgCrowIyjdgoPbVprALj8NnKjCvKgtJgdafGLiy69Nw==

GET
H2 200 -ebsite-background-1629673142831.png
static.leadshook.io/upload/lowermyutilitybill/ Frame 9ABF 216 KB
216 KB 53ms
52ms Image
image/png 18.155.129.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/lowermyutilitybill/-ebsite-background-1629673142831.png
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-125.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8253b8a5e5fbe53b9bff318355e6c91544ba707dc69c2ec3e8b89f4212168ced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:45:47 GMT
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Aug 2021 22:59:11 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 53851
etag: "e9d6462ac438e76c1456bbd922f07298"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 221001
x-amz-cf-id: 5QkEuEELKnKhTw6t_-d2GzC7qj-Z8Z6ZEc865gSp7AG7JVmYj1gHWw==

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ Frame 9ABF 75 KB
76 KB 89ms
32ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://windowsavingsusa.leadshook.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:17 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1671248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FDFyL0RfBxuQEU45kbVjeYQbvOIeDyKU%2BVaMc5BQAr6oKBBzUdj8kfUB1N9VeP7yJ92eeEORjlQFOi9nN4RbKWk4dusrGDQC%2BfWPXsFx0bBE9dwBZAKbb9%2ByGDaHBF9WW9mvV8UM1sXsrp2iR4iDa62"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78eda911b9e05c3e-FRA
expires: Mon, 15 Jan 2024 02:43:17 GMT

GET /
freegeoip.app/json/ Frame 9ABF 0
0

GET
H2 200 geoip Show response
windowsavingsusa.leadshook.io/api/ Frame 9ABF 2 KB
749 B 154ms
153ms XHR
application/json 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/api/geoip?leadId=344780658
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: 878b449f6d798af7cfc50401488f2affeb73169379e0c20392949a856564fa74

Request headers

Accept: */*
Referer: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:17 GMT
content-encoding: gzip
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
etag: W/"7e3-5nzySehcIvZPrqAs5nL0J6FSK3I"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-cache-status: MISS

GET
H2 200 leaddevice Show response
windowsavingsusa.leadshook.io/api/ Frame 9ABF 1 KB
665 B 119ms
119ms XHR
application/json 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/api/leaddevice?leadId=344780658&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.74+Safari%2F537.36
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: 27c05beaf7af57c41b2f0fdf00d9da38df3c4171092ba8299f3b83117b3cbb83

Request headers

Accept: */*
Referer: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:17 GMT
content-encoding: gzip
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
etag: W/"565-dV2Dp5kHHu1S3lQ5oVCFAZDD48k"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-cache-status: MISS

GET
H3 200 /
www.facebook.com/tr/ Frame 9ABF 0
15 B 21ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=876288816239243&ev=Microdata&dl=https%3A%2F%2Fwindowsavingsusa.leadshook.io%2Fsurvey%2FlLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv%3Fembed%3Dtrue%26index%3D0&rl=https%3A%2F%2Fwindowsavings.energy%2F&if=true&ts=1674614597356&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Anderson%20-%20All%20-%20No%20Cost%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.94&r=stable&ec=1&o=30&it=1674614595642&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Jan 2023 02:43:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 204 fields Show response
windowsavingsusa.leadshook.io/api/leads/344780658/ Frame 9ABF 0
628 B 134ms
134ms XHR
text/plain 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/api/leads/344780658/fields
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://windowsavingsusa.leadshook.io
date: Wed, 25 Jan 2023 02:43:17 GMT
access-control-allow-credentials: true
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
vary: X-HTTP-Method-Override, Origin

POST
H2 201 certs Show response
api.trustedform.com/ Frame 9ABF 475 B
686 B 345ms
115ms XHR
application/json 52.54.243.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.243.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-243-114.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 8e23f32663951321a652c1ed0bea84feb68936cdf675dfbc22c7c610a9318347

Request headers

Referer: https://windowsavingsusa.leadshook.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 Jan 2023 02:43:18 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

PUT
H2 200 344780658 Show response
windowsavingsusa.leadshook.io/api/leads/ Frame 9ABF 760 B
750 B 128ms
127ms XHR
application/json 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/api/leads/344780658
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: 28b5354a191b609143aa290989f187828a12a0ca7775902670b14ed96d2ed586

Request headers

Accept: application/json, text/plain, */*
Referer: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 25 Jan 2023 02:43:17 GMT
content-encoding: gzip
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
etag: W/"2f8-87168Q0syY61Z1gdSl/gDleQBMY"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://windowsavingsusa.leadshook.io
access-control-allow-credentials: true

POST
H2 404 270019544 Show response
windowsavingsusa.leadshook.io/api/impressions/ Frame 9ABF 165 B
472 B 117ms
116ms XHR
text/html 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsavingsusa.leadshook.io/api/impressions/270019544

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-168-77-57.compute-1.amazonaws.com

Software

nginx/1.19.9 / Express

Resource Hash

39335dfa4335782f5e5f3c18895f8cfc03e12e341b0a983311454a1e1e4cee77

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 25 Jan 2023 02:43:17 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
vary: X-HTTP-Method-Override, Origin, Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://windowsavingsusa.leadshook.io
access-control-allow-credentials: true
content-length: 165

GET
H2 200 trustedform-1.8.35.js Show response
cdn.trustedform.com/ Frame 9ABF 102 KB
37 KB 25ms
24ms Script
application/javascript 2600:9000:223d:ae00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.35.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=16746145971760.44543464562484214&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ae00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cacdda23e5b945d4ea8105a92bc2c939c60b60fd4ea3c73a62421b76c03ba44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: PsGscq0o6WWOGkSqGH9BYInejEgnNeUZ
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Wed, 25 Jan 2023 02:43:14 GMT
last-modified: Fri, 06 Jan 2023 16:07:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 27
etag: W/"cef26bd569e1a24279f16aecc87c254b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: oEcawdvcy1ysaqaofbSFyLB-2au_tMnC-aGvGgOXx3-KnzH72Alb1w==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/05cf3dca35fdd3a0628a18232bab0c7eb0ba9de7/ Frame 9ABF 0
159 B 230ms
229ms XHR
text/plain 52.54.243.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/05cf3dca35fdd3a0628a18232bab0c7eb0ba9de7/snapshot
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.243.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-243-114.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsavingsusa.leadshook.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 25 Jan 2023 02:43:18 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 pixel.png
d2zdr2rqflfo3.cloudfront.net/ Frame 9ABF 95 B
416 B 27ms
26ms Image
image/png 13.32.118.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2zdr2rqflfo3.cloudfront.net/pixel.png?host=windowsavingsusa.leadshook.io&subdomain=windowsavingsusa&accountId=1401&quizId=43813&leadId=344780658&quizVersionId=7
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-220.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 02:43:18 GMT
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified: Sat, 28 Sep 2019 18:11:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 1
etag: "9591c410148e6883727c5339fd1c02cd"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 95
x-amz-cf-id: 3LtQHNrJX62J5bR91sHRuWEkz0DyhZDNVBnuia5X59z0UkAlxLf9tA==

GET
H2 200 phil-hearing-iyfp2ixe9nm-unsplash%20(1)-1585714393195.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame 9ABF 609 KB
610 KB 46ms
45ms Image
image/jpeg 18.155.129.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/phil-hearing-iyfp2ixe9nm-unsplash%20(1)-1585714393195.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-125.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1d13b6e488425debec1aa7606609aa1516a288b6ef44948ccff360afdffd6e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:45:47 GMT
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:19:55 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 53852
etag: "c8dc64c588a920e8a1610f61f68450e7"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 623406
x-amz-cf-id: hlVWEU_dIqGsN5H746DLzhYvJZJXpdnad15aAR_dxbDl1w6X4edFGg==

GET
H2 200 mobile%20home-1585767200554.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame 9ABF 398 KB
399 KB 49ms
49ms Image
image/jpeg 18.155.129.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/mobile%20home-1585767200554.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-125.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd33b485f1a4b9da75b12b4497f6621346981ea0a68ecfa0dd3773a546ccd592

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:45:47 GMT
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:19:56 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 53852
etag: "853aa6a217bcd4cf8ba3e9ef937e8953"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 407374
x-amz-cf-id: RGPMm_pAlyT6frhtC59k82xb7dznOzWT_0Mx0oafDKEA-QfQ8y1IRA==

GET
H2 200 apt-1585767199365.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame 9ABF 176 KB
176 KB 33ms
32ms Image
image/jpeg 18.155.129.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/apt-1585767199365.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-125.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43639d8ed64a965fb70c6b2d10de35dfd9d78271bd171c1512117818b14341e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:45:47 GMT
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:19:59 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 53852
etag: "60415190d5497308b405723cb654b20c"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 179955
x-amz-cf-id: 7BU-v6tnUmXIuxqNFI7tLgEHYfC6UmsXJhdbzs48PHj3IEidrjiomA==

GET
H2 200 other-1585767202215.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame 9ABF 42 KB
43 KB 33ms
33ms Image
image/jpeg 18.155.129.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/other-1585767202215.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-125.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b060446306273b1f291d00493b29d7d5d635ba96f7bedbffc17d2b55aac1ff59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:45:47 GMT
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:20:01 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 53852
etag: "d6689798baa214ddbd2398756776cb3b"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 43486
x-amz-cf-id: yc8UuwjKkQ4TKcE5c1fgheF4BVDWFKS6PUSQ2MjEzNPm29fHDcQ_7w==

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/05cf3dca35fdd3a0628a18232bab0c7eb0ba9de7/ Frame 9ABF 0
159 B 217ms
217ms XHR
text/plain 52.54.243.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/05cf3dca35fdd3a0628a18232bab0c7eb0ba9de7/fingerprints
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.243.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-243-114.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsavingsusa.leadshook.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 25 Jan 2023 02:43:18 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
DATA 200
OK truncated
/ Frame 9ABF 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: text/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: freegeoip.app
URL: https://freegeoip.app/json/

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
windowsavings.energy/	1970-01-20 09:10:18	Name: pys_session_limit Value: true
windowsavings.energy/	1969-12-31 23:59:59	Name: pys_start_session Value: true
windowsavings.energy/	1970-01-20 09:20:19	Name: pys_first_visit Value: true
windowsavings.energy/	1970-01-20 09:20:19	Name: pysTrafficSource Value: direct
windowsavings.energy/	1970-01-20 09:20:19	Name: pys_landing_page Value: https://windowsavings.energy/
windowsavings.energy/	1970-01-20 09:20:19	Name: last_pysTrafficSource Value: direct
windowsavings.energy/	1970-01-20 09:20:19	Name: last_pys_landing_page Value: https://windowsavings.energy/
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6t-0X3V3ZLs
.youtube.com/	1970-01-20 13:29:26	Name: VISITOR_INFO1_LIVE Value: dNCUjs65egg
.youtube.com/	1970-01-20 13:29:26	Name: DEVICE_INFO Value: ChxOekU1TWpReE5Ea3hOVGc0TVRNek5qTTROUT09EMKuwp4GGMKuwp4G
windowsavingsusa.leadshook.io/	1970-01-20 09:20:19	Name: AWSALBTGCORS Value: wN+CL2TebktKRoXqrJ9g+qbUsx4yC6aZvqhDxFsBLdNgIkJYXhgxJLsjKV8kCeUKLxGo6GDaUPstx/2geRIByJcp7N/ZbqXb/BKXg+TAMuDQbgtCdDSD7W82b79DWskXk6hmGWH15bL9ci2HR47MhD4F2vgllf3H5296SRuVzYZDhVMnJss=
windowsavingsusa.leadshook.io/	1970-01-20 09:53:26	Name: lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv.leadData Value: j%3A%7B%22leadId%22%3A344780658%2C%22leadToken%22%3A%22lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv1dPE2J8K6CZtQS9oSfYx%22%2C%22quizId%22%3A43813%7D
.windowsavings.energy/	1970-01-20 11:19:50	Name: _fbp Value: fb.1.1674614594865.1235966009
windowsavingsusa.leadshook.io/	1970-01-20 09:20:19	Name: AWSALBCORS Value: TsX6krtHR1xCF1csOGyNhteCIRHXrOEdNTD/ts7RdHJAb6rCNgZp/U5E7GWYD63ZWA6R4vOdplYPFhPbq4PkJJTI6o/cEGR/awfYv1uH144ihF7BABSTGwdfxVXUb3Am3T2RMqi3YcYR13HfNRYI6zoS3tM6wlUxVxEbPgZUEP1WzhAlOLxneRjImD6osg==

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lucrordesign.com/chris/wp-content/uploads/sites/46/2020/01/row-bg.jpg?id=1303 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0 Message: Access to XMLHttpRequest at 'https://freegeoip.app/json/' from origin 'https://windowsavingsusa.leadshook.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://freegeoip.app/json/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://windowsavingsusa.leadshook.io/api/impressions/270019544 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
browser.sentry-cdn.com
cdn.jsdelivr.net
cdn.trustedform.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
d2zdr2rqflfo3.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
freegeoip.app
gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
lucrordesign.com
polyfill.leadshook.io
releases.jquery.com
static.leadshook.io
windowsavings.energy
windowsavingsusa.leadshook.io
www.facebook.com
www.youtube.com
freegeoip.app
13.224.189.115
13.32.118.220
147.154.25.5
18.155.129.125
2001:4de0:ac18::1:a:1a
2600:9000:223d:ae00:1c:7f1a:6680:93a1
2606:4700::6811:180e
2a00:1450:4001:806::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::485
2a04:4e42::729
2a06:98c1:3120::c
35.168.77.57
35.206.100.242
52.54.243.114
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0696bb3df09627caefc874274365ad085818ea01a24cacadd90064b78ed64aa4
0ed0d520e5505edd3862515a661448e740ce6446332f07e6046b190f12860485
1061bc2b7156ef50111328b1c2514fb441169f5c9738172fd399af2484f820c3
1ac2cc987531ce3a7c14d0192d38c02af6c593de0b493db61e3d4bc697508e0d
224db2aed80c2f0d017ba0071d2b94d326404344f940f0ebc66139459c1e4a54
2451f34eb685958d0461a204f78cb21e61673b84ea677973434ec102cae2d37a
27c05beaf7af57c41b2f0fdf00d9da38df3c4171092ba8299f3b83117b3cbb83
28b5354a191b609143aa290989f187828a12a0ca7775902670b14ed96d2ed586
28b9f17b585b3722b4fc4883a2bb4e6c1ffc2be41e45081cbe3752bd752d02a4
313b31e0386c1b7afb16ad7bd2e78b526a04afe24cf6a12a9a4c1b1a3704d743
316a853bb4ac612ad41aedf4ba8958156b7e64295f2d0b2ede3c20a910928dff
35dda36cd657b41c621cbf4b4b4dd64e01d5dd41d27561b6a83c0c310239b1b5
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17
39335dfa4335782f5e5f3c18895f8cfc03e12e341b0a983311454a1e1e4cee77
419faf74d8f19e0e37cc999a94f9b5f62673e9df85046d267a65eab5f11257ef
43639d8ed64a965fb70c6b2d10de35dfd9d78271bd171c1512117818b14341e6
477f2c7acf54b2994c85f1a07720eb99f56979f5b134efb37a9ef84713c0e318
4791f9629b2ab03e00aa962848b886d9d8e709d5185fa2517b1ce4e97027f636
490205bd0e29007df27f327f3c888514d90b0b87f77d54f6a51f3329f0c8ed04
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
4e8cdf14e0d06b2e547b331a52fb1095975f29399a3ac571c42e71bc524cb29c
50e56f151aef3bbd8b38cc8c719ce1124f2cd3464e17f40d57a6f5d75fb5ee6a
5881a966504fbb4104f1520668852061d365e3cde17f89687be4f69664ecef05
5cacdda23e5b945d4ea8105a92bc2c939c60b60fd4ea3c73a62421b76c03ba44
5e2e7102fcfd7598f2fb2c5cad061991a4581118a5c8bcd5a6ed21335e8c3f4b
650a554cda8e5c47d8b0d9575cddd6dde949f2eb1f55a5204a47f6dc88ef641f
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
78e812174c125b58d1bce2b7f6fd6c96a4dfd7b9b21d009f4e201fe76eb092a1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
7b7d5a7040c734484063484276d1643c07c1d8a88c2e4c54818bb6d5fedfd18d
7ccd3ac2b3e9256ef32e91ad965fcb391e7442af6a6815381656e5ecf058a49c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e7e84874d4184fb3713ccd3d5d638fea7c71097bac90f8d5e61b72a1fef48c9
7f982e420b3c266ea754b657025ecd71170366d0827bbf3b5204619a4cacbade
8253b8a5e5fbe53b9bff318355e6c91544ba707dc69c2ec3e8b89f4212168ced
856a174277bfd015478e39068c99c48cc89fb90a1e4455b432c83df720c715f3
86a006a77aaf44645501f4bb6c27813d095dbaddc18ec10087e08997ecca8854
878b449f6d798af7cfc50401488f2affeb73169379e0c20392949a856564fa74
8e23f32663951321a652c1ed0bea84feb68936cdf675dfbc22c7c610a9318347
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9eaba4ee4769286a5a60125fda070144c81cf2f3f24f23e4eece81d8dfeeb672
a27ff44a48aa91614f3ba451201707a66f8abe2e1dc819c82838a12e978f6963
a2b6c34c5bc6983e8fecc9bf30f0cf13df801e7e2109579dea786fb86880bbe6
a4f0091d654925b99652679bd060c889704aa70aebd07e1322acda3d38014f02
aa7c94a4bc1ebba2597b8ac0f47a81f8b2ef0b5896f6bde14647e12ce1e7a252
ab75d2b0c8cc42eb0741c91c456679dd5fa0d6ea201ad0c7e50b06fe916f2c5d
ab9400a816d15900855f00f4dbb936346538a5713b06b4e23d2c2ad2404974e8
b060446306273b1f291d00493b29d7d5d635ba96f7bedbffc17d2b55aac1ff59
b771b570e60c8e50333e424783ca6cfa7b00b044ad6a169ee6b71f2760bf1c4b
bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cb34d2ee2a93fd11b734c124a6fc661339585c63382d08eb31bf921b66519eac
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d1bd27467c354f76309622e8ee3ccab8622ea35b8a68300911c48721db894641
d1d13b6e488425debec1aa7606609aa1516a288b6ef44948ccff360afdffd6e4
d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dd33b485f1a4b9da75b12b4497f6621346981ea0a68ecfa0dd3773a546ccd592
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4882a153137cb8bf38a887cf83e5ccf1630b8ddbb3997ce719f3db11ce8e106
e4b22a674c4b9431ebe3fd474ef353534ada4bfc252d4a3236c2d6c964754f9d
ece7b4a6584431d0a25dbdc353c6cba44d3c63aa986a3a9efc2e78d6cb5e3c62
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd
f4d9eb584be3bd82a980f5f35ab8e10d4803f53c80fda95912c778d4a566577c
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f56eec219c331da765c35568a9a8c420bee5121da53e4a69d10b3a61c882f22c
fda42a0a7301f1f6ef1461f24cacda76d3d6f68f912dc1bcbe2548e24b083729

windowsavings.energy Open in urlscan Pro 35.206.100.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

96 %HTTPS

61 %IPv6

16 Domains

20 Subdomains

19 IPs

3 Countries

6653 kBTransfer

13760 kBSize

14 Cookies

0 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

windowsavings.energy Open in urlscan Pro
35.206.100.242 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

96 %
HTTPS

61 %
IPv6

16
Domains

20
Subdomains

19
IPs

3
Countries

6653 kB
Transfer

13760 kB
Size

14
Cookies

83 HTTP transactions
8 data transactions