rbawindowoffers.com Open in urlscan Pro
190.124.46.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rbawindowoffers.com/
Submission: On February 06 via api (February 6th 2024, 5:22:14 am UTC) from US — Scanned from US

Summary HTTP 65 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 1 countries across 18 domains to perform 65 HTTP transactions. The main IP is 190.124.46.18, located in Tampa, United States and belongs to HVC-AS, US. The main domain is rbawindowoffers.com.
TLS certificate: Issued by R3 on February 5th 2024. Valid for: 3 months.

This is the only time rbawindowoffers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	190.124.46.18 190.124.46.18	29802 (HVC-AS) (HVC-AS)
1	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2600:141b:1c0... 2600:141b:1c00:2480::14a9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	198.154.88.118 198.154.88.118	55081 (24SHELLS) (24SHELLS)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.167.154 142.251.167.154	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	44.219.94.53 44.219.94.53	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:26b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	3.210.126.162 3.210.126.162	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:21d... 2600:9000:21dd:7e00:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.139.29.98 108.139.29.98	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
7	18.233.77.243 18.233.77.243	14618 (AMAZON-AES) (AMAZON-AES)
1	18.164.115.36 18.164.115.36	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	45.223.17.68 45.223.17.68	19551 (INCAPSULA) (INCAPSULA)
65	24

23 190.124.46.18 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: 190-124-46-18.static.hvvc.us

rbawindowoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:2480::14a9 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn-4.convertexperiments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.154.88.118 (Los Angeles, United States)

ASN55081 (24SHELLS, US)
PTR: corporate.abilitybusinesscomputing.com

hits.ecdashboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.219.94.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-94-53.compute-1.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.210.126.162 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-126-162.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21dd:7e00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-98.jfk50.r.cloudfront.net

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.233.77.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-77-243.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.115.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-115-36.jfk50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.223.17.68 (United States)

ASN19551 (INCAPSULA, US)

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	rbawindowoffers.com rbawindowoffers.com	673 KB
7	leadid.com create.leadid.com — Cisco Umbrella Rank: 16554	4 KB
7	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 26864 cdn.trustedform.com — Cisco Umbrella Rank: 30565	38 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 376	14 KB
3	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 19602	22 KB
3	anura.io script.anura.io — Cisco Umbrella Rank: 62549 ads.anura.io — Cisco Umbrella Rank: 76415	21 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	73 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 bid.g.doubleclick.net — Cisco Umbrella Rank: 917 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 154	712 B
2	ecdashboard.com hits.ecdashboard.com	4 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 28974	38 KB
1	convertexperiments.com cdn-4.convertexperiments.com — Cisco Umbrella Rank: 9535	66 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	88 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	19 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	25 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369	30 KB
65	18

	Domain	Requested by
23	rbawindowoffers.com	rbawindowoffers.com
7	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
5	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
4	bat.bing.com	rbawindowoffers.com bat.bing.com
3	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net deviceid.trueleadid.com
3	connect.facebook.net	rbawindowoffers.com connect.facebook.net
2	www.facebook.com	rbawindowoffers.com
2	cdn.trustedform.com	rbawindowoffers.com api.trustedform.com
2	script.anura.io	rbawindowoffers.com script.anura.io
2	hits.ecdashboard.com	rbawindowoffers.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	ads.anura.io	script.anura.io
1	create.lidstatic.com	rbawindowoffers.com
1	www.google.com	rbawindowoffers.com
1	bid.g.doubleclick.net	www.googleadservices.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	cdn-4.convertexperiments.com	rbawindowoffers.com
1	www.googletagmanager.com	rbawindowoffers.com
1	www.googleadservices.com	rbawindowoffers.com
1	cdn.jsdelivr.net	rbawindowoffers.com
1	ajax.googleapis.com	rbawindowoffers.com
65	23

This site contains links to these domains. Also see Links.

Domain
emailcompliancemanager.com
cloud.e.andersencorp.com

Subject Issuer	Validity	Valid
rbawindowoffers.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.convertexperiments.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-09` - `2024-11-09`	a year	crt.sh
ecdashboard.com R3	`2024-01-25` - `2024-04-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-15` - `2024-02-13`	3 months	crt.sh
script.anura.io Amazon RSA 2048 M03	`2023-10-16` - `2024-11-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
lidstatic.com E1	`2024-01-28` - `2024-04-27`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
ads.anura.io Amazon RSA 2048 M01	`2023-05-30` - `2024-06-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-08-21` - `2024-09-17`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-16` - `2024-07-14`	6 months	crt.sh
*.trustedform.com Amazon RSA 2048 M03	`2023-08-11` - `2024-09-07`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://rbawindowoffers.com/
Frame ID: 9F1288BA7BD58AE077731EA6AC7ECFD7
Requests: 60 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: DF93790F3C79897D4A9244AA6B0B2751
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4
Frame ID: 2DED82496B816638D065454979AD99EE
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4
Frame ID: 347D6949825D92D35E4FEBF518F85B40
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Renewal By Andersen - Window Replacement

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

65
Requests

98 %
HTTPS

57 %
IPv6

18
Domains

23
Subdomains

24
IPs

1
Countries

1131 kB
Transfer

2301 kB
Size

19
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://emailcompliancemanager.com/rba/?1=1
Title: contact us

Search URL Search Domain Scan URL

URL: https://cloud.e.andersencorp.com/rbaunsubscribe?email=&storeId=&optoutsource=exactcustomer&ctkwd=&ecadid=
Title: Unsubscribe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17071969249330.8978507956085242&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17071969249330.8978507956085242&invert_field_sensitivity=false

65 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rbawindowoffers.com/ 39 KB
13 KB 152ms
42ms Document
text/html 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 92196cf010953409eda75e6e647228199a6d1286ec687327a1c14ee4188c1381

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 13284
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 05:22:04 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 stylewiz.min.css
rbawindowoffers.com/css/ 14 KB
4 KB 129ms
116ms Stylesheet
text/css 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rbawindowoffers.com/css/stylewiz.min.css?v=3
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb011432c5afd993d82ac08722927e02282d37fcf8bb98be3d645b98dab00cbf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
content-encoding: gzip
last-modified: Mon, 20 Nov 2023 13:46:03 GMT
server: Microsoft-IIS/10.0
etag: "239552e7b71bda1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 4132

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.0/ 85 KB
30 KB 210ms
63ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js

Requested by

Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30433
x-xss-protection: 0
last-modified: Wed, 17 May 2023 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:22:01 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 124ms
33ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbawindowoffers.com/
Origin: https://rbawindowoffers.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 05:22:04 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5456501
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
x-served-by: cache-fra-eddf8230097-FRA, cache-mia-kmia1760091-MIA
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazy_load.min.js Show response
rbawindowoffers.com/scripts/ 443 B
453 B 40ms
40ms Script
application/javascript 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rbawindowoffers.com/scripts/lazy_load.min.js
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0811891616a17255b9aec069d53ae29d5dc0a507f8b476dac05fb7d6bfb9b3a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
content-encoding: gzip
last-modified: Fri, 11 Aug 2023 20:14:36 GMT
server: Microsoft-IIS/10.0
etag: "523a337390ccd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 354

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 50 KB
19 KB 234ms
90ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

1ad345b632954319146b90b9a4528a73862124f593a91e88fd9aba9746304750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18844
x-xss-protection: 0
server: cafe
etag: 17624404001488751609
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 05:22:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
88 KB 234ms
89ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M50V1ZE013

Requested by

Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a5ba09ff756252e20072f5019e2714debd0a4a936df00616e1490dcc9156282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89622
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Feb 2024 05:22:04 GMT

GET
H2 200 1004702-1004597.js Show response
cdn-4.convertexperiments.com/js/ 228 KB
66 KB 247ms
78ms Script
application/javascript 2600:141b:1c00:2480::14a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-4.convertexperiments.com/js/1004702-1004597.js
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2480::14a9 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4dcc627b02aad3fecd5b12bcf8f8336cf256ea30f859580237ff2437b12877b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 05:22:04 GMT
content-encoding: gzip
cache-control: public, max-age=300
content-type: application/javascript
vary: Accept-Encoding
expires: Tue, 06 Feb 2024 05:27:04 GMT

GET
H2 200 FP.js Show response
hits.ecdashboard.com/JS/ 14 KB
4 KB 617ms
203ms Script
application/javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://hits.ecdashboard.com/JS/FP.js
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 07d81e29da2b847c60281b9e084fe58ddf894ba5c6a60f395adf10aa4ad3d405

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 13:44:40 GMT
server: Microsoft-IIS/10.0
etag: "0d44a5c7cad91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800
accept-ranges: bytes
content-length: 3840

GET
H2 200 LOGO-rba-horiz.webp
rbawindowoffers.com/images/ 66 KB
66 KB 45ms
37ms Image
image/webp 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/images/LOGO-rba-horiz.webp
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 86da4f4a409902ef36f13e0bf3015dd1ef15ed8cb994417e0e16d6cb877519e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
last-modified: Mon, 20 Nov 2023 13:46:18 GMT
server: Microsoft-IIS/10.0
etag: "38644cf0b71bda1:0"
x-powered-by: ASP.NET
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 67766

GET
H2 200 wizard-hero-bogo.webp
rbawindowoffers.com/img/ 93 KB
93 KB 86ms
78ms Image
image/webp 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/img/wizard-hero-bogo.webp
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b3c1617ee4bc9f12cfdb077cd6f6204a9ce0730ba20ee6af9de4d26f7e5115c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
last-modified: Mon, 20 Nov 2023 13:46:25 GMT
server: Microsoft-IIS/10.0
etag: "bf73ff4b71bda1:0"
x-powered-by: ASP.NET
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 94798

GET
H2 200 WebResource.axd Show response
rbawindowoffers.com/ 23 KB
6 KB 41ms
40ms Script
application/x-javascript 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rbawindowoffers.com/WebResource.axd?d=7QHrd07jTMlFVpU3c-xAoWPpyy3XaSVvBo9WMqLRX_fCqCGVeVPHSjRcSVKCsEh9vI-PIJU_dzOyA_R0XQf68gR_0bkvLLBVZoGf9ql8m9w1&t=638368886615952268
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
content-encoding: gzip
last-modified: Thu, 30 Nov 2023 02:04:21 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
content-length: 6007
expires: Tue, 04 Feb 2025 19:50:40 GMT

GET
H2 200 WebResource.axd Show response
rbawindowoffers.com/ 26 KB
7 KB 43ms
39ms Script
application/x-javascript 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rbawindowoffers.com/WebResource.axd?d=3HlQ4LmA9RuHjH1FXKwcB0MUjvsjJGoI2guXA7f2izjK_uqbNEL6AtDQTkBq3F9jaSi4ByBxz8H8yuHN-3l2MgV9lCApbzMwPQnpJ4gUsXs1&t=638368886615952268
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
content-encoding: gzip
last-modified: Thu, 30 Nov 2023 02:04:21 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
content-length: 7228
expires: Tue, 04 Feb 2025 19:50:40 GMT

GET
H2 200 loader-4stepc-1.png
rbawindowoffers.com/images/ 9 KB
9 KB 43ms
40ms Image
image/png 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/images/loader-4stepc-1.png
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: affeabc6c91c8b24f2ca14ee22d3bebeaa0f21532819a8f839665ac14f0b076c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
last-modified: Mon, 27 Mar 2023 16:47:44 GMT
server: Microsoft-IIS/10.0
etag: "867664dacb60d91:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 9154

GET
H2 200 loader-4stepc-2.png
rbawindowoffers.com/images/ 8 KB
8 KB 42ms
41ms Image
image/png 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/images/loader-4stepc-2.png
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 70ed9ad8db98c0ab2e416f6784e5b32ab619dc391e7285168e54a38cfdefad43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
last-modified: Mon, 27 Mar 2023 16:47:44 GMT
server: Microsoft-IIS/10.0
etag: "e86551dacb60d91:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 8452

GET
H2 200 loader-4stepc-3.png
rbawindowoffers.com/images/ 8 KB
8 KB 41ms
40ms Image
image/png 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/images/loader-4stepc-3.png
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1d80d663dae3b6ffb88b990ac3c10442647699e1d43fa8fd0f2987ac3c30a5b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
last-modified: Mon, 27 Mar 2023 16:47:44 GMT
server: Microsoft-IIS/10.0
etag: "378c58dacb60d91:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 7710

GET
H2 200 loader-4stepc-4.png
rbawindowoffers.com/images/ 7 KB
7 KB 45ms
42ms Image
image/png 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/images/loader-4stepc-4.png
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4b2fa0831336d38214955b2eed34b56fc88401f7b8d9adf759a2bad4e9e2cafc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
last-modified: Mon, 27 Mar 2023 16:47:44 GMT
server: Microsoft-IIS/10.0
etag: "ec533edacb60d91:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 6920

GET
H2 200 logo-footer.webp
rbawindowoffers.com/img/ 10 KB
10 KB 44ms
42ms Image
image/webp 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/img/logo-footer.webp
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: df71d382d4cc0edd5c8e58b83442e5c5e4046407098ecd1eb034c6dad122729b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
last-modified: Mon, 20 Nov 2023 17:53:42 GMT
server: Microsoft-IIS/10.0
etag: "bd73ea7fda1bda1:0"
x-powered-by: ASP.NET
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 10128

GET
H2 200 scripts5.min.js Show response
rbawindowoffers.com/scripts/ 1021 B
588 B 42ms
40ms Script
application/javascript 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rbawindowoffers.com/scripts/scripts5.min.js
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 87fa7ad386402eb066b9b17a38c357d13fd870be51679d81c2dc20955bfde341

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
content-encoding: gzip
last-modified: Sun, 06 Aug 2023 15:15:01 GMT
server: Microsoft-IIS/10.0
etag: "7cfe75c578c8d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 506

GET
H2 200 Functions.min.js Show response
rbawindowoffers.com/scripts/ 4 KB
1 KB 43ms
41ms Script
application/javascript 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rbawindowoffers.com/scripts/Functions.min.js?ver=4987
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4145eb38affc9b3335b672593a320382b893366710c4e9457c1e1cd06ba0916e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2023 18:33:06 GMT
server: Microsoft-IIS/10.0
etag: "eef6baeea6cfd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 1398

GET
H2 200 phone.min.js Show response
rbawindowoffers.com/scripts/ 339 B
393 B 41ms
40ms Script
application/javascript 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rbawindowoffers.com/scripts/phone.min.js
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca5e1cf2ee31713ad1f338bf645cbfa525e828f673a32a0a6564e25bcf3c8656

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
content-encoding: gzip
last-modified: Sun, 06 Aug 2023 15:15:04 GMT
server: Microsoft-IIS/10.0
etag: "6625d9c678c8d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 312

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/874974045/ 2 KB
2 KB 221ms
84ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874974045/?random=1707196924604&cv=9&fst=1707196924604&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Frbawindowoffers.com%2F&tiba=Renewal%20By%20Andersen%20-%20Window%20Replacement&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

553e055db4df383ec9095ee1f388e2e0385f65eabbab5d6273e2579549a46cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 05:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame DF93 0
466 B 218ms
76ms Document
text/html 142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rbawindowoffers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 05:22:04 GMT
expires: Tue, 06 Feb 2024 05:22:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 wizard-bg.webp
rbawindowoffers.com/img/ 238 KB
239 KB 41ms
40ms Image
image/webp 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/img/wizard-bg.webp
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/css/stylewiz.min.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b46ae613239389b24188405ae243d8e0574f4f8a4d1d369f59f15af87790dba8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/css/stylewiz.min.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:04 GMT
last-modified: Mon, 20 Nov 2023 13:46:25 GMT
server: Microsoft-IIS/10.0
etag: "e807df4b71bda1:0"
x-powered-by: ASP.NET
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 244172

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 209ms
67ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Feb 2024 05:22:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: 6Rh/dpJvk4WB+bOpozKc6seOTFR0RFWH2HugmGDiaO6hCLRypIQrizVdEsouz6hBg9gtBET6Z7X889QbYyPVAA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 request.js Show response
script.anura.io/ 54 KB
20 KB 298ms
153ms Script
application/javascript 44.219.94.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2958618159&source=Windows&campaign=&additional=&861398904202

Requested by

Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.219.94.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-219-94-53.compute-1.amazonaws.com

Software

nginx /

Resource Hash

381edd64acc6e33f529574b122ac05296eaa6d332709eeace92ee154acb3f22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 05:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 /
www.google.com/pagead/1p-user-list/874974045/ 42 B
455 B 226ms
86ms Image
image/gif 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/874974045/?random=1707196924604&cv=9&fst=1707195600000&num=1&guid=ON&eid=376635471%2C375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Frbawindowoffers.com%2F&tiba=Renewal%20By%20Andersen%20-%20Window%20Replacement&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_PUr7gf0_VMohdLKyroT5mtwqSUWkuw&random=1881016980&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 05:22:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eb4a05a4-8a53-c2b0-b337-640a489815f4.js Show response
create.lidstatic.com/campaign/ 121 KB
38 KB 164ms
44ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f91af40654463f1b30b6cc6d8e19d3bfe0486951c3a2183a9939e8201cce8e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:05 GMT
x-amz-version-id: _FhNRBwSlFwnQK_2qarbHYMHYc_yRfbo
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 4SVYXVGMRH3BD90F
age: 96
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: LG2ahycTqh+9VJNwmVSTLyZ03+DfJgcATYVvUr9NbCNB1YsUtvABaPibH6rS4h91I9OnK0YwJJ93XkXh8b8OKL4JSoSP4d5bDzEB7BuhKfU=
last-modified: Wed, 17 Jan 2024 22:21:19 GMT
server: cloudflare
etag: W/"afc7b67ad2f2498fd286b08baf25118d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 8510f40da85e80ca-MIA

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17071969249330.8978507956085242&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17071969249330.8978507956085242&invert_field_sensitivity=false

8 KB
4 KB

327ms
153ms

Script
application/javascript

2600:9000:21dd:7e00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17071969249330.8978507956085242&invert_field_sensitivity=false
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Server: 2600:9000:21dd:7e00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:06 GMT
x-amz-version-id: D_l7Wi1wOYgTC52uzRMI5HnwJykAKtLr
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 19:52:40 GMT
server: AmazonS3
via: 1.1 dee6858c751ff64f8ae28f155bee69b2.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
etag: W/"e11406d1e7ba652ddbe0623e1207c210"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: ZL6BiehU4N-FTiHULpMuQ-iEq-afMKSLvgmhLLYK89xNqm13aseFcg==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17071969249330.8978507956085242&invert_field_sensitivity=false
date: Tue, 06 Feb 2024 05:22:05 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 174ms
58ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 06 Feb 2024 05:22:05 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C135E69D81ED433FBCD09C134FD2F27E Ref B: MIAEDGE2619 Ref C: 2024-02-06T05:22:05Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 204 Track.aspx
hits.ecdashboard.com/ 0
110 B 178ms
176ms Image
text/html 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hits.ecdashboard.com/Track.aspx?EVTID=1547&ECCMP=0%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C&ECUID=1707196925182.1062%7C%7C2/5/2024%2019%3A22%3A4&AMT=0&cvid=&cvprm1=&cvprm2=&ECURL=Empty%20Referrer%7C%7Chttps%3A//rbawindowoffers.com/&ECSUP=%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C0%7C%7C&rnd=1707196924993.3298&FH=true&CurURL=https%3A//rbawindowoffers.com/&PT=Renewal%20By%20Andersen%20-%20Window%20Replacement&res=1600x1200&bws=Netscape
Requested by: Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 05:22:04 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
cache-control: no-cache, no-store
expires: -1

GET
H2 200 showads.js Show response
ads.anura.io/ 0
353 B 221ms
61ms XHR
application/javascript 108.139.29.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?989992809329
Requested by: Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2958618159&source=Windows&campaign=&additional=&861398904202
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-98.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 11:56:58 GMT
content-encoding: gzip
via: 1.1 fdc88b576635a6d1858343ad162c44fc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: JFK50-P2
age: 62707
vary: Accept-Encoding
x-cache: Hit from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
x-amz-cf-id: udZzMF80SB1x9UyYKT894YD1-zkkrgpjxCrLFyOOtqmNYTj5ICMolg==

GET
H2 200 448499548883718 Show response
connect.facebook.net/signals/config/ 62 KB
13 KB 112ms
111ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/448499548883718?v=2.9.145&r=stable&domain=rbawindowoffers.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e223e1074a323af98a313658916b7cc1cc2a1d9c2e5c2aaa10d998e8c628f076

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Feb 2024 05:22:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: PAFx7MfdkgFM8N3pPg70e99V5gxC24Y5peOf/xzE7fCC/lk98LbJd9E+DIbqoGj/GQkBvZ8H9bSXh0Ygn2xgWg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
257 B 218ms
77ms Ping
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M50V1ZE013&gtm=45je41v0v890954899za200&_p=1707196924624&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1915000128.1707196925&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707196925&sct=1&seg=0&dl=https%3A%2F%2Frbawindowoffers.com%2F&dt=Renewal%20By%20Andersen%20-%20Window%20Replacement&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1269
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M50V1ZE013
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 05:22:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rbawindowoffers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 197ms
67ms Ping
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M50V1ZE013&cid=1915000128.1707196925&gtm=45je41v0v890954899za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M50V1ZE013
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 05:22:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rbawindowoffers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 56111058.js Show response
bat.bing.com/p/action/ 0
115 B 58ms
57ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56111058.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 06 Feb 2024 05:22:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 92495F743EC047B39492BE240E525A60 Ref B: MIAEDGE2619 Ref C: 2024-02-06T05:22:05Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
359 B 121ms
121ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56111058&Ver=2&mid=6e277aa4-fdb4-4238-a68c-2b540587580c&sid=aa84b6a0c4af11eeae2f2f1b94b7b275&vid=aa84fa10c4af11ee8f2f83c0777c6bec&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Renewal%20By%20Andersen%20-%20Window%20Replacement&p=https%3A%2F%2Frbawindowoffers.com%2F&r=&lt=1119&evt=pageLoad&sv=1&rn=794818

Requested by

Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 05:22:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 875BFA58A8D649718D257ACC977F756A Ref B: MIAEDGE2619 Ref C: 2024-02-06T05:22:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.12.1/ 36 B
660 B 263ms
123ms XHR
text/plain 18.233.77.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=18dad4eb-66ef-4cd2-82f9-90983018df52&_=539404889

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.233.77.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-77-243.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6df3f1714cd0cea481ebf210d92ffc5b8ba718ad08d89e050d3ce9612c0781dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rbawindowoffers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 05:22:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 814236116561669 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 121ms
118ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/814236116561669?v=2.9.145&r=stable&domain=rbawindowoffers.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C118%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C111%2C207%2C144%2C105%2C127%2C120%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52c9ba7bed6b3723d68767da09a93fa36c5062e1ff88c0fdd82839315f012048

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Feb 2024 05:22:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: TrudT69RG0ibBl5dHrCZQrzGnqbd0AVhKpSme7txV8hxsA8++DRg+4Js26EnEOThCHgwjnWqN5THpq1QhKGhgA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 response.json Show response
script.anura.io/ 51 B
404 B 318ms
198ms XHR
application/json 44.219.94.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2958618159&source=Windows&campaign=&additional=&861398904202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.219.94.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-219-94-53.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bdb9f8185b98f6708e7edf9e9191403e14a636acd4c6d9423d17f76aa90e669f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbawindowoffers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 05:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 2DED 3 KB
2 KB 227ms
62ms Document
text/html 18.164.115.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.164.115.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-115-36.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rbawindowoffers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Age: 65183
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 05 Feb 2024 11:15:42 GMT
ETag: W/"65a0715c-dbb"
Last-Modified: Thu, 11 Jan 2024 22:53:16 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
X-Amz-Cf-Id: zPHwiQn3_jRbftjjazykdoSfqtwS3dYMDQqYRuK11l6HOErodG4yBQ==
X-Amz-Cf-Pop: JFK50-P6
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.12.1/ 0
623 B 67ms
65ms XHR
text/plain 18.233.77.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=18dad4eb-66ef-4cd2-82f9-90983018df52&token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&_=539404890

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.233.77.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-77-243.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rbawindowoffers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 05:22:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.12.1/ 0
623 B 62ms
62ms XHR
text/plain 18.233.77.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=18dad4eb-66ef-4cd2-82f9-90983018df52&token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&_=539404891

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.233.77.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-77-243.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rbawindowoffers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 05:22:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 203ms
66ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=448499548883718&ev=PageView&dl=https%3A%2F%2Frbawindowoffers.com%2F&rl=&if=false&ts=1707196925758&sw=1600&sh=1200&v=2.9.145&r=stable&ec=0&o=4126&fbp=fb.1.1707196925754.1484857806&cs_est=true&ler=empty&cdl=API_unavailable&it=1707196925309&coo=false&exp=e1&rqm=GET

Requested by

Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Feb 2024 05:22:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 202ms
66ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=814236116561669&ev=PageView&dl=https%3A%2F%2Frbawindowoffers.com%2F&rl=&if=false&ts=1707196925766&sw=1600&sh=1200&v=2.9.145&r=stable&ec=0&o=4126&fbp=fb.1.1707196925754.1484857806&ler=empty&cdl=API_unavailable&it=1707196925309&coo=false&exp=e1&rqm=GET

Requested by

Host: rbawindowoffers.com
URL: https://rbawindowoffers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Feb 2024 05:22:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 347D 4 KB
2 KB 180ms
79ms Document
text/html 45.223.17.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://deviceid.trueleadid.com/iframe.html?token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4

Requested by

Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.17.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

aed46ba3ed0c0b5f0704b7317e302cc86ac5e0e5c132d3af4d9c5e4f7b37aa3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Tue, 06 Feb 2024 05:22:06 GMT
etag: W/"6554d155-1049"
expires: Wed, 07 Feb 2024 05:22:06 GMT
last-modified: Wed, 15 Nov 2023 14:10:29 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 13-45097890-45029955 pNNy RT(1707196925671 38) q(0 0 0 0) r(0 0) U24
x-incap-sess-cookie-hdr: T/atC0EaRWi37p3oCRa2Df3BwWUAAAAAhHFv3Y8I5gcuoeXKZI3PFg==

POST
H2 200 Snap Show response
create.leadid.com/2.12.1/ 0
623 B 238ms
121ms XHR
text/plain 18.233.77.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/Snap?msn=4&pid=18dad4eb-66ef-4cd2-82f9-90983018df52&token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&_=539404892

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.233.77.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-77-243.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rbawindowoffers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 05:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 _Incapsula_Resource Show response
deviceid.trueleadid.com/ Frame 347D 135 KB
19 KB 40ms
40ms Script
application/javascript 45.223.17.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://deviceid.trueleadid.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=951047659

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.17.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ffb4bee20af00fcc3bc654c2c2927795ca5e3553f62bc06ab48f39aba5400971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/iframe.html?token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19446
content-type: application/javascript

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.12.1/ Frame 347D 0
628 B 183ms
64ms Script
text/javascript 18.233.77.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/SaveDeviceId.js?lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&methods=48&token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&uuid=cccffb3d65f74f64b5f007df31e84efa

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.233.77.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-77-243.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 _Incapsula_Resource
deviceid.trueleadid.com/ Frame 347D 1 B
36 B 35ms
35ms Image
text/plain 45.223.17.68
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deviceid.trueleadid.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8527319952654167

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.17.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/iframe.html?token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 182ms
60ms XHR
application/json 3.210.126.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17071969249330.8978507956085242&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.210.126.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-126-162.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 73215727607f3a3e051420773ccb5d218e9888d687a101cc6956e3f80f5b52b8

Request headers

Referer: https://rbawindowoffers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Feb 2024 05:22:06 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 trustedform-1.9.4.js Show response
cdn.trustedform.com/ 84 KB
33 KB 80ms
78ms Script
application/javascript 2600:9000:21dd:7e00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17071969249330.8978507956085242&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:7e00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: gtnb1Uxu8qLJRc.iYT4wVelhc0u4qkAi
content-encoding: gzip
via: 1.1 dee6858c751ff64f8ae28f155bee69b2.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 05:22:05 GMT
last-modified: Wed, 08 Nov 2023 19:52:40 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 12
etag: W/"f46641519eee44fe450f02ae72e64a74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: E1UHI2OHAqxEb-uNZjt_-LDq1DXQz7FG3egqXUt_x0Dql-FwmzB41A==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/af0812921c6854732afa482df3b49fbb4dfd4237/ 0
159 B 124ms
123ms XHR
text/plain 3.210.126.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/af0812921c6854732afa482df3b49fbb4dfd4237/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.210.126.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-126-162.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rbawindowoffers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 05:22:07 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/af0812921c6854732afa482df3b49fbb4dfd4237/ 0
159 B 116ms
116ms XHR
text/plain 3.210.126.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/af0812921c6854732afa482df3b49fbb4dfd4237/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.210.126.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-126-162.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rbawindowoffers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 05:22:07 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 LOGO-rba-horiz.webp
rbawindowoffers.com/images/ 66 KB
66 KB 51ms
45ms Image
image/webp 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/images/LOGO-rba-horiz.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 86da4f4a409902ef36f13e0bf3015dd1ef15ed8cb994417e0e16d6cb877519e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:07 GMT
last-modified: Mon, 20 Nov 2023 13:46:18 GMT
server: Microsoft-IIS/10.0
etag: "38644cf0b71bda1:0"
x-powered-by: ASP.NET
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 67766

GET
H2 200 wizard-hero-bogo.webp
rbawindowoffers.com/img/ 93 KB
93 KB 70ms
65ms Image
image/webp 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/img/wizard-hero-bogo.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b3c1617ee4bc9f12cfdb077cd6f6204a9ce0730ba20ee6af9de4d26f7e5115c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:07 GMT
last-modified: Mon, 20 Nov 2023 13:46:25 GMT
server: Microsoft-IIS/10.0
etag: "bf73ff4b71bda1:0"
x-powered-by: ASP.NET
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 94798

GET
H2 200 loader-4stepc-1.png
rbawindowoffers.com/images/ 9 KB
9 KB 60ms
55ms Image
image/png 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/images/loader-4stepc-1.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: affeabc6c91c8b24f2ca14ee22d3bebeaa0f21532819a8f839665ac14f0b076c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:07 GMT
last-modified: Mon, 27 Mar 2023 16:47:44 GMT
server: Microsoft-IIS/10.0
etag: "867664dacb60d91:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 9154

GET
H2 200 loader-4stepc-2.png
rbawindowoffers.com/images/ 8 KB
8 KB 61ms
56ms Image
image/png 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/images/loader-4stepc-2.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 70ed9ad8db98c0ab2e416f6784e5b32ab619dc391e7285168e54a38cfdefad43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:07 GMT
last-modified: Mon, 27 Mar 2023 16:47:44 GMT
server: Microsoft-IIS/10.0
etag: "e86551dacb60d91:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 8452

GET
H2 200 loader-4stepc-3.png
rbawindowoffers.com/images/ 8 KB
8 KB 68ms
64ms Image
image/png 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/images/loader-4stepc-3.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1d80d663dae3b6ffb88b990ac3c10442647699e1d43fa8fd0f2987ac3c30a5b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:07 GMT
last-modified: Mon, 27 Mar 2023 16:47:44 GMT
server: Microsoft-IIS/10.0
etag: "378c58dacb60d91:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 7710

GET
H2 200 loader-4stepc-4.png
rbawindowoffers.com/images/ 7 KB
7 KB 72ms
67ms Image
image/png 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/images/loader-4stepc-4.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4b2fa0831336d38214955b2eed34b56fc88401f7b8d9adf759a2bad4e9e2cafc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:07 GMT
last-modified: Mon, 27 Mar 2023 16:47:44 GMT
server: Microsoft-IIS/10.0
etag: "ec533edacb60d91:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 6920

GET
H2 200 logo-footer.webp
rbawindowoffers.com/img/ 10 KB
10 KB 72ms
68ms Image
image/webp 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbawindowoffers.com/img/logo-footer.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: df71d382d4cc0edd5c8e58b83442e5c5e4046407098ecd1eb034c6dad122729b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:22:07 GMT
last-modified: Mon, 20 Nov 2023 17:53:42 GMT
server: Microsoft-IIS/10.0
etag: "bd73ea7fda1bda1:0"
x-powered-by: ASP.NET
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 10128

GET
H2 204 0
bat.bing.com/action/ 0
237 B 63ms
59ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rbawindowoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 05:22:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D6B095B3961449A0BA17BBA0CB932D68 Ref B: MIAEDGE2619 Ref C: 2024-02-06T05:22:06Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 200 InitFormData Show response
create.leadid.com/2.12.1/ 0
623 B 63ms
62ms XHR
text/plain 18.233.77.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/InitFormData?msn=5&pid=18dad4eb-66ef-4cd2-82f9-90983018df52&token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&_=539404893

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.233.77.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-77-243.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rbawindowoffers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 05:22:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/af0812921c6854732afa482df3b49fbb4dfd4237/ 0
159 B 65ms
64ms XHR
text/plain 3.210.126.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/af0812921c6854732afa482df3b49fbb4dfd4237/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.210.126.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-126-162.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rbawindowoffers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 05:22:07 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 Snap Show response
create.leadid.com/2.12.1/ 0
623 B 121ms
120ms XHR
text/plain 18.233.77.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/Snap?msn=6&pid=18dad4eb-66ef-4cd2-82f9-90983018df52&token=FDD1CE2F-5215-9E2A-4320-7200D0FE6945&_=539404894

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.233.77.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-77-243.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rbawindowoffers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Feb 2024 05:22:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rbawindowoffers.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: apvm1mmj0dtncfueiwj52nzm
.doubleclick.net/	1970-01-20 18:13:17	Name: test_cookie Value: CheckForPermission
.rbawindowoffers.com/	1970-01-20 19:39:40	Name: EC_UID Value: 1707196925182.1062%7C%7C2/5/2024%2019%3A22%3A4
.rbawindowoffers.com/	1970-01-20 19:39:40	Name: EC_CMP Value: 0%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.rbawindowoffers.com/	1970-01-20 19:39:40	Name: EC_SUP Value: %7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C0%7C%7C
.rbawindowoffers.com/	1970-01-20 19:39:40	Name: EC_URL Value: Empty%20Referrer%7C%7Chttps%3A//rbawindowoffers.com/
.rbawindowoffers.com/	1970-01-21 03:49:16	Name: _ga_M50V1ZE013 Value: GS1.1.1707196925.1.0.1707196925.60.0.0
.rbawindowoffers.com/	1970-01-21 03:49:16	Name: _ga Value: GA1.1.1915000128.1707196925
.rbawindowoffers.com/	1970-01-20 18:14:43	Name: _uetsid Value: aa84b6a0c4af11eeae2f2f1b94b7b275
.rbawindowoffers.com/	1970-01-21 03:34:52	Name: _uetvid Value: aa84fa10c4af11ee8f2f83c0777c6bec
.bing.com/	1970-01-21 03:34:52	Name: MUID Value: 39B3F34064E46175030EE75D65F860F6
.bat.bing.com/	1970-01-20 18:23:21	Name: MR Value: 0
rbawindowoffers.com/	1970-01-20 18:13:17	Name: leadid_token-D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4-EB4A05A4-8A53-C2B0-B337-640A489815F4 Value: FDD1CE2F-5215-9E2A-4320-7200D0FE6945
.rbawindowoffers.com/	1970-01-20 20:22:52	Name: _fbp Value: fb.1.1707196925754.1484857806
.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: 1CNESfXlJXLFQynAC30iGwAAAABIzh9WnWdrE+oYCuEihtEP
.trueleadid.com/	1970-01-21 02:57:30	Name: visid_incap_3051494 Value: Y0A4llceS8ywEMdSrFTCyv3BwWUAAAAAQUIPAAAAAABglspHPCOdcVWedqkUb/YO
.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_988_3051494 Value: sb4XfGbaM2u37p3oCRa2Df3BwWUAAAAArKiMc8Q97SQ4UNZYpoelCw==
.deviceid.trueleadid.com/	1970-01-21 03:49:16	Name: uuid Value: cccffb3d65f74f64b5f007df31e84efa
.bing.com/	1970-01-21 03:34:52	Name: MSPTC Value: GyAPmBLj29JPzRPJFnIjuv1Q647v6ivE5wSInwxwDyc

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/448499548883718?v=2.9.145&r=stable&domain=rbawindowoffers.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://rbawindowoffers.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.anura.io
ajax.googleapis.com
analytics.google.com
api.trustedform.com
bat.bing.com
bid.g.doubleclick.net
cdn-4.convertexperiments.com
cdn.jsdelivr.net
cdn.trustedform.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
googleads.g.doubleclick.net
hits.ecdashboard.com
rbawindowoffers.com
script.anura.io
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
108.139.29.98
142.250.65.194
142.251.167.154
18.164.115.36
18.233.77.243
190.124.46.18
198.154.88.118
2600:141b:1c00:2480::14a9
2600:9000:21dd:7e00:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2607:f8b0:4004:c09::9d
2607:f8b0:4006:809::2002
2607:f8b0:4006:80e::2008
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::200a
2607:f8b0:4006:81d::200e
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::485
3.210.126.162
44.219.94.53
45.223.17.68
07d81e29da2b847c60281b9e084fe58ddf894ba5c6a60f395adf10aa4ad3d405
0811891616a17255b9aec069d53ae29d5dc0a507f8b476dac05fb7d6bfb9b3a7
1ad345b632954319146b90b9a4528a73862124f593a91e88fd9aba9746304750
1d80d663dae3b6ffb88b990ac3c10442647699e1d43fa8fd0f2987ac3c30a5b3
35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71
381edd64acc6e33f529574b122ac05296eaa6d332709eeace92ee154acb3f22d
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4145eb38affc9b3335b672593a320382b893366710c4e9457c1e1cd06ba0916e
4b2fa0831336d38214955b2eed34b56fc88401f7b8d9adf759a2bad4e9e2cafc
4dcc627b02aad3fecd5b12bcf8f8336cf256ea30f859580237ff2437b12877b5
52c9ba7bed6b3723d68767da09a93fa36c5062e1ff88c0fdd82839315f012048
553e055db4df383ec9095ee1f388e2e0385f65eabbab5d6273e2579549a46cbc
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5f91af40654463f1b30b6cc6d8e19d3bfe0486951c3a2183a9939e8201cce8e4
6df3f1714cd0cea481ebf210d92ffc5b8ba718ad08d89e050d3ce9612c0781dd
70ed9ad8db98c0ab2e416f6784e5b32ab619dc391e7285168e54a38cfdefad43
73215727607f3a3e051420773ccb5d218e9888d687a101cc6956e3f80f5b52b8
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
86da4f4a409902ef36f13e0bf3015dd1ef15ed8cb994417e0e16d6cb877519e8
87fa7ad386402eb066b9b17a38c357d13fd870be51679d81c2dc20955bfde341
8a5ba09ff756252e20072f5019e2714debd0a4a936df00616e1490dcc9156282
92196cf010953409eda75e6e647228199a6d1286ec687327a1c14ee4188c1381
aed46ba3ed0c0b5f0704b7317e302cc86ac5e0e5c132d3af4d9c5e4f7b37aa3b
affeabc6c91c8b24f2ca14ee22d3bebeaa0f21532819a8f839665ac14f0b076c
b3c1617ee4bc9f12cfdb077cd6f6204a9ce0730ba20ee6af9de4d26f7e5115c5
b46ae613239389b24188405ae243d8e0574f4f8a4d1d369f59f15af87790dba8
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
bdb9f8185b98f6708e7edf9e9191403e14a636acd4c6d9423d17f76aa90e669f
ca5e1cf2ee31713ad1f338bf645cbfa525e828f673a32a0a6564e25bcf3c8656
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe
df71d382d4cc0edd5c8e58b83442e5c5e4046407098ecd1eb034c6dad122729b
e223e1074a323af98a313658916b7cc1cc2a1d9c2e5c2aaa10d998e8c628f076
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
fb011432c5afd993d82ac08722927e02282d37fcf8bb98be3d645b98dab00cbf
ffb4bee20af00fcc3bc654c2c2927795ca5e3553f62bc06ab48f39aba5400971

rbawindowoffers.com Open in urlscan Pro 190.124.46.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

57 %IPv6

18 Domains

23 Subdomains

24 IPs

1 Countries

1131 kBTransfer

2301 kBSize

19 Cookies

2 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

rbawindowoffers.com Open in urlscan Pro
190.124.46.18 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

57 %
IPv6

18
Domains

23
Subdomains

24
IPs

1
Countries

1131 kB
Transfer

2301 kB
Size

19
Cookies

65 HTTP transactions
1 data transactions