urlscan.io logo urlscan.io
SecurityTrails logo

www.homewindowsavings.com Open in urlscan Pro
2606:4700:3037::6815:5e1c  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.homewindowsavings.com/
Submission Tags: @phishunt_io
Submission: On December 31 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 18 domains to perform 52 HTTP transactions. The main IP is 2606:4700:3037::6815:5e1c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.homewindowsavings.com.
TLS certificate: Issued by E1 on November 28th 2022. Valid for: 3 months.
This is the only time www.homewindowsavings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
9 54.156.11.63 14618 (AMAZON-AES)
1 151.101.194.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 13.225.84.206 16509 (AMAZON-02)
1 3.213.210.214 14618 (AMAZON-AES)
1 5 54.204.112.111 14618 (AMAZON-AES)
2 2600:9000:223... 16509 (AMAZON-02)
1 143.204.214.192 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.26.10.16 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
52 22
7    2606:4700:3037::6815:5e1c (United States)

ASN13335 (CLOUDFLARENET, US)
www.homewindowsavings.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700:3035::6815:2f0c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.useproof.com
api.useproof.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
2    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
9    54.156.11.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-11-63.compute-1.amazonaws.com
create.leadid.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.proofapi.com
1    13.225.84.206 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-206.fra2.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1    3.213.210.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-210-214.compute-1.amazonaws.com
deviceid.trueleadid.com
5    54.204.112.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-112-111.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:223d:5c00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
1    143.204.214.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-192.fra53.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net
3    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    104.26.10.16 (United States)

ASN13335 (CLOUDFLARENET, US)
settings.luckyorange.net
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 leadid.com
create.leadid.com — Cisco Umbrella Rank: 26505
6 KB
7 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 36743
cdn.trustedform.com — Cisco Umbrella Rank: 44203
42 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
496 KB
7 homewindowsavings.com
www.homewindowsavings.com
129 KB
4 useproof.com
cdn.useproof.com — Cisco Umbrella Rank: 76312
api.useproof.com — Cisco Umbrella Rank: 76192
601 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 16
23 KB
2 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
d10lpsik1i8c69.cloudfront.net
5 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
203 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
111 KB
1 luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 10952
752 B
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 30337
2 KB
1 proofapi.com
analytics.proofapi.com — Cisco Umbrella Rank: 117936
724 B
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 473
611 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 818
12 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356
28 KB
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 46162
39 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
43 KB
52 18
Domain Requested by
9 create.leadid.com create.lidstatic.com
deviceid.trueleadid.com
7 www.homewindowsavings.com www.homewindowsavings.com
cdn.trustedform.com
5 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
5 www.gstatic.com cdn.useproof.com
www.google.com
www.gstatic.com
3 www.google.com www.homewindowsavings.com
www.gstatic.com
www.google.com
3 cdn.useproof.com www.homewindowsavings.com
cdn.useproof.com
2 fonts.gstatic.com www.google.com
2 cdn.trustedform.com api.trustedform.com
2 www.facebook.com www.homewindowsavings.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.homewindowsavings.com
connect.facebook.net
1 settings.luckyorange.net d10lpsik1i8c69.cloudfront.net
1 d10lpsik1i8c69.cloudfront.net www.homewindowsavings.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 analytics.proofapi.com cdn.useproof.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.homewindowsavings.com
1 api.useproof.com cdn.useproof.com
1 cdnjs.cloudflare.com www.homewindowsavings.com
1 create.lidstatic.com www.homewindowsavings.com
1 www.googletagmanager.com www.homewindowsavings.com
52 22

This site contains no links.

Subject Issuer Validity Valid
*.homewindowsavings.com
E1		 2022-11-28 -
2023-02-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-09 -
2023-01-07		 3 months crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3		 2022-03-30 -
2023-03-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
create.leadid.com
Amazon		 2022-09-21 -
2023-10-19		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2022-12-08 -
2024-01-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.trustedform.com
Amazon		 2022-09-11 -
2023-10-09		 a year crt.sh
cdn.trustedform.com
Amazon		 2022-04-14 -
2023-05-13		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.homewindowsavings.com/
Frame ID: 0878A0A48B78897170BDB34584D880A7
Requests: 38 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 8B65E4D189E1C28D61C40CAB3DBCD27B
Requests: 5 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9
Frame ID: 286C716E1FF0F25FC91C4169B8E4EAA3
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9
Frame ID: 10A71FB57FDDCE2D52D879B3D7E837ED
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX&co=aHR0cHM6Ly93d3cuaG9tZXdpbmRvd3NhdmluZ3MuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=g6evzitqkirx
Frame ID: C51C3EF7912AA7E16EB4C4F61AABA0B5
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home Window Savings

Detected technologies

Overall confidence: 100%
Detected patterns
  • /(?:([\d.]+)/)?firebase(?:\.min)?\.js
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

52
Requests

98 %
HTTPS

62 %
IPv6

18
Domains

22
Subdomains

22
IPs

3
Countries

1569 kB
Transfer

3259 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form_cert_id&l=16724996204640.48375633208113866&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form_cert_id&l=16724996204640.48375633208113866&invert_field_sensitivity=false

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.homewindowsavings.com/ 		76 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.homewindowsavings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85060ea534ed90db89537166297f8f1716b91785440b8964e62b84801652d5e4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7823f5c9c9bf911e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 31 Dec 2022 15:13:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPCC8lNMnyLembo2QHkZLfKV40KVv5w9khf%2F3G3gPBhy8vy2M%2FadV2WJxgXH9tCJ0yYYKI6FFBxIC3ArAadOEwBfSpYrV5O3e4k8zNn1Sn3fZfilzTRHzUnTLnNwBPAVjXHeXD1ICWEQoI6I9Ouw9ud7GipNNkeC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.min.css
www.homewindowsavings.com/assets/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.homewindowsavings.com/assets/css/bootstrap.min.css
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a55c8982680c6b686323c61392e7f11f1be3c06260678bee2b3f36dbc5a5e915

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 05 Apr 2022 20:49:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCnk02kocX3CagfPLrQUp4PLpfxY4vN77ynkLmAlYYk0M5Jl67vdL7ISBcOeqkvn0uzyhSC2%2BMGE7YT4w2f4i7TQHhp5osXT7hJ132Gjh9WSHbUQ4Yn0Hyb5p8QlNFCooB%2B%2FpwEprPzZHrH2j2snTn3z%2FPYP5Jh%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7823f5cc0c92911e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
site.min.css
www.homewindowsavings.com/assets/css/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.homewindowsavings.com/assets/css/site.min.css
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73274aa79cc0a0120d5ad58a247f22766952164862643147866dc042ab8056f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 14 Apr 2022 23:18:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqWgwvgNGSFc37bwfElj7dtKiq5kPa3H%2BXSbiVBrJMEr%2FLRBw5T1okuL7w7sJCV5VeCY1O3E5ikeThYEBfGgcQMewHHnbPP%2BiMSpb%2BTrnCG8859ykBo5v8xYQmzbhLSHbUQ3hlomQ5zio%2BHCXeMLjwVNuOQu9BUX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7823f5cc0c94911e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-207515269-1
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2091bab6e5bc22099d757af2f769be30e043cfa6b31ce7033cfcd65d154bc046
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43632
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 31 Dec 2022 15:13:37 GMT
proof.js
cdn.useproof.com/ 		486 KB
487 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proof.js?acc=wzYkDzFksxeLi5vpQYEPH1s1Gzn1
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:37 GMT
x-amz-version-id
F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JH38V7PHJ01DHFMZ
age
16525603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
497733
x-amz-id-2
8ZbGHTyisR9iPiIRyhOQcOGO9yGz+LJIaPlpSTGJz0TXPrfvxBI/RTfX5rUUKSNvEn0zwj4PoYA=
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
server
cloudflare
etag
"0426397a9b31146729ac86c5be8595d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwD0EPjeYbKtuoykHD1ISYDwaNAR%2BjiK05oYo5GajVddjAw43e1Qmhy%2FXvSpJ%2BUvkaU%2BOnke667qH5KuseOv5s9H8nCttgVXpfghnY7wKpaBLMk0EiASCNLqlTRhJz0Q4iZuWSPCAwkQEhOxDfQN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
7823f5d14eaf8fe3-FRA
Home%20Window%20SavingsP2.png
www.homewindowsavings.com/assets/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.homewindowsavings.com/assets/images/Home%20Window%20SavingsP2.png
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5356be290ba86a275679423da60da843ca39061f894c39313d65fb89647d2557

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:37 GMT
cf-cache-status
MISS
last-modified
Thu, 14 Apr 2022 23:11:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jB5HZ%2B9qUyBls7uLn6cq0hQNWmTkZMVin9ZORYxxf2f%2FCSlyWk%2BLTLHGhcn45jloWHPL6uM0XZL7P2ldpf2nXvnb%2BOeOTdEFN746z1a9aevV4SPeTm0%2FRHP13%2FATNXMioOV2bsPNoeb1NhSa4A8jxz8SxnEn8dm4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7823f5d11d85bbda-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19829
jquery.min.js
www.homewindowsavings.com/assets/js/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.homewindowsavings.com/assets/js/jquery.min.js
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 05 Apr 2022 20:51:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoFTNzur5lpbFZugVDKTIUxehCJmCrMgW8bkK8ihHa3AQBD2stWXMuUYlmXd%2F3Uvj4mh8wtgcUQ5isyYN7C2RnSLbMXH5YCixhKkCuFjCXSPIsBFEYiMOc6fmLHWViLEnj1TS1sIhNdXhhjtvZ11xMqIf1OZGgt8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7823f5cf0927bbda-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.mask.js
www.homewindowsavings.com/assets/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.homewindowsavings.com/assets/js/jquery.mask.js
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40e952fffd779db9077b2fa0928a825dbf8c95c00581159555b4b510ca5236e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 05 Apr 2022 20:51:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfNKHpWSOfB%2ByEO4whMKxXQWk%2BaJFdGwu%2BCC1bG9cLJo8AK9d5cchJlK%2BfSOaZF4%2FtVGRN8Ypal8HYNgYIFFh9Vdoz3NkiN6MubRDrTR2KgvRGJBXPHwOn5PAQr3kSoPqXJ7Brw2zxHLUx09bQ3hh9Q%2F%2BIu1OP2G"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7823f5d10d66bbda-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 31 Dec 2022 15:13:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
oesEa+8JPU0MzeW1knAk+Hw2cN3Jv38tSsn14pdIk9idyqzmeIUuEFLbGxQMfkG63aV43f2lLCXRdSnkMK5m1w==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
64720ec4-6d15-889b-eeba-18ec1fdb5751.js
create.lidstatic.com/campaign/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e508eb79c78f17888a5a352b6d013408696d542fef7c17172ff299bc8fb4a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:38 GMT
x-amz-version-id
5e1zR5Eh96rBRQ1_63MzPsUOzsXVcwJW
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 12 Nov 2021 00:50:57 GMT
server
cloudflare
x-amz-request-id
VRTWBZEE8RPQPQN9
etag
W/"ca6eff36526d6b844dda295c474fb7c2"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-replication-status
COMPLETED
cf-ray
7823f5d16c3b918e-FRA
x-amz-id-2
Fw14SGFeERGMVbm6P86fRImzvzbNotvhOu+Qh4QmB1RTfjjICnYuOODGc+fm29wBdzpB+ZUWGZQ=
626430352181565
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/626430352181565?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a7d02a111821fe19cb2ad0002a2c06efb810178b3a7532f58b73619b9cea08ef
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 31 Dec 2022 15:13:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
wabjF0BfUTU6XIGCoDENt2rfFnmhWQij06fhjRsLDQ1Ynlyw8w3xEkzj03IFNnQz63mm5bs1LpedbGz2Vt5E6A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-207515269-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 14:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2777
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 31 Dec 2022 16:27:20 GMT
index.html
cdn.useproof.com/proxy/ Frame 8B65 		325 B
812 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proxy/index.html
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=wzYkDzFksxeLi5vpQYEPH1s1Gzn1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer
https://www.homewindowsavings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, no-transform, public
cf-cache-status
DYNAMIC
cf-ray
7823f5d22fb88fe3-FRA
content-length
325
content-type
text/html
date
Sat, 31 Dec 2022 15:13:38 GMT
etag
"f92252b1f21fd30ac52b59395971ecdb"
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzRYaXycYbYYmJm7PhgaTb94qwBSmwqvItwlQr%2BDsGk73MdGTfnfLxsM1Taa5MwUfc2n%2FKZNlZer08Lj36fmpmV9kdqONoHgyB11Ps1Cz00woSLQFkY15SK4rKJWLwZrsOKzp4h6FXrWyAGhmqFj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-amz-id-2
LOKFsGAMnFWNHsz+zeRptyqI5afnPghiZR3twmlMT2gf5b2iuc1tQjtYzZHeEChkDDHhBo67MF0=
x-amz-request-id
VRTNHFPBAN2V3989
x-amz-version-id
6OysE9MvUGgGn.qn_BXpeYijOLHR8713
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=958168989&t=pageview&_s=1&dl=https%3A%2F%2Fwww.homewindowsavings.com%2F&ul=en-us&de=UTF-8&dt=Home%20Window%20Savings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1821393292&gjid=2122448725&cid=1691068840.1672499618&tid=UA-207515269-1&_gid=329867081.1672499618&_r=1&gtm=2oubu0&z=126100376
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.homewindowsavings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 31 Dec 2022 15:13:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.homewindowsavings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=626430352181565&ev=PageView&dl=https%3A%2F%2Fwww.homewindowsavings.com%2F&rl=&if=false&ts=1672499617963&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672499617963.704990329&it=1672499617511&coo=false&rqm=GET
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 31 Dec 2022 15:13:38 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5492350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fv9zhnzdMjEBsOmUMaGOImHpnPuHm4JV1Gq5XmCZ2EZtf7iwg10vOjl4aFNm4uOJLpvnkyRnvGMSvAOS73HJzEQJNThanKKKgiBo%2BRnQ%2F2IiefLH93tylPfdLWSpu%2BvjmaPj7BKQFm%2B%2FBYu3%2FHr7c8Kh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7823f5d46c5e9031-FRA
expires
Thu, 21 Dec 2023 15:13:37 GMT
firebase.js
www.gstatic.com/firebasejs/4.5.0/ Frame 8B65 		389 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/4.5.0/firebase.js
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.useproof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 09:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116073
x-xss-protection
0
last-modified
Tue, 03 Oct 2017 14:56:39 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Dec 2023 09:21:16 GMT
proxy.js
cdn.useproof.com/proxy/ Frame 8B65 		112 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proxy/proxy.js
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.useproof.com/proxy/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:38 GMT
x-amz-version-id
FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2ZZ8DQEQWJ9ZTENQ
age
29405332
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
114404
x-amz-id-2
zdPPKZoC4F6TgBPMtGDzMKNGj/5s3R16GMo5BjwAuOpaxsARqLPu0G8XhBJ0PxoIjC/XvAm+0CU=
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
server
cloudflare
etag
"9f4d60f4f2b143cadacb2b8b3a901401"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEjDgFpjGE7KxCSjPRuUKye2akJbfAnWGxuo7C9qDVhwXwXVq7QVJVy2NqanBYZOCxC6jkmhbWURJ0BHz2UTPUi2IHp%2BTDAEB%2Bs9PS9%2F9G%2BB%2FVMMyupb98Lwuaog8qDaiWBXDXimpPh4%2Bug7hVGH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
7823f5d4eb9f8fe3-FRA
wzYkDzFksxeLi5vpQYEPH1s1Gzn1
api.useproof.com/pixel/ Frame 8B65 		179 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.useproof.com/pixel/wzYkDzFksxeLi5vpQYEPH1s1Gzn1?url=https:%2F%2Fwww.homewindowsavings.com%2F
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adbee25c7c07dced68188f991993fda33f68dce364540bcfc1856876412ddde6

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:38 GMT
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
content-encoding
br
x-amzn-remapped-content-length
179
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
febbc453-e576-4d8b-8be5-f79cd868e550
surrogate-control
no-store
x-amzn-remapped-connection
keep-alive
x-cache
Miss from cloudfront
x-amz-apigw-id
eBGxaGvLIAMFuYg=
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
etag
W/"b3-FAQiHWXMeC7gpEHkkCA0t1QGyd0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcg9qkKlFD6ChvSnr%2Bfw5Bom8GrZ61mRvdsZE62YZXV%2Bh3Fhhvrf4tuETCWkUR1GbrorZBYL22qfSlhzWit0XYGiuk28XzLBNlnJsKAzljjtX6kilnT%2BJGqiVHKeHMVI8NGx4d0bRn1%2F8SpIwgRY"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
7823f5d599e89bb6-FRA
x-amzn-remapped-date
Sat, 31 Dec 2022 15:13:38 GMT
x-amz-cf-id
PrQFED5rnpuLyXh_GpXYryhcp0sLEXoosf_VQz4R_ssNrwiBVKru9w==
expires
0
GenerateToken
create.leadid.com/2.11.9/ 		36 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=f77cc024-a476-4e22-9b7b-6fc80f67376d&_=329779521
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9ae9bc0f5aca62c1ec4fb101384b34a00b158fb9cd2542722c1d794394b41fe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.homewindowsavings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 31 Dec 2022 15:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
nr-1210.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
via
1.1 varnish
date
Sat, 31 Dec 2022 15:13:38 GMT
x-amz-request-id
VP077YC0DF05JCAA
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
11781
x-amz-id-2
yjvo9PCVCoWm/S/NKuKES670fQOEDYQeUbMU4H1Qbo3xFNnqVOO6NPH1Y8l30BNp/ZVESO3mxYM=
x-served-by
cache-hhn-etou8220099-HHN
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1672499618.293526,VS0,VE0
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
17
NRJS-681ffe8ac2d3e968f44
bam.nr-data.net/1/ 		49 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-681ffe8ac2d3e968f44?a=813396084,813396085,813396086&v=1210.e2a3f80&to=YVEHMBYCC0ZTURcIVlgbMBYNTBMBHVsNBVxOGhUMFA%3D%3D&rst=2146&ck=1&ref=https://www.homewindowsavings.com/&ap=3&be=482&fe=2103&dc=1807&perf=%7B%22timing%22:%7B%22of%22:1672499616159,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:40,%22c%22:40,%22s%22:50,%22ce%22:124,%22rq%22:124,%22rp%22:461,%22rpe%22:612,%22dl%22:464,%22di%22:1807,%22ds%22:1807,%22de%22:1808,%22dc%22:2102,%22l%22:2102,%22le%22:2103%7D,%22navigation%22:%7B%7D%7D&fp=1309&fcp=1309&at=TRYERl4YGEg%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 31 Dec 2022 15:13:38 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
7823f5d69eeb9256-FRA
track
analytics.proofapi.com/ Frame 8B65 		65 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522wzYkDzFksxeLi5vpQYEPH1s1Gzn1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25220e919691-cfc2-46da-956e-4f0a6745899b%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fwww.homewindowsavings.com%252F%2522%252C%2522cleanUrl%2522%253A%2522homewindowsavings.com%252F%2522%252C%2522domain%2522%253A%2522homewindowsavings.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fwww.homewindowsavings.com%252F%2522%257D
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
35463a68bc362a42d6c125e21be7e741fde2b970fc716a3179f21ede77a465cc

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:38 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"41-5H59QVpZLvTq/qS6+iXhWkx0a9U"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn.useproof.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=It5JOVqtV7PWcSrdo%2FH9%2FG0bLEPY830rUWuqBhP6OwJ4G2QN%2BRKdDVfdFeL26N7h%2FEdJmF0vxF2CLl2IUKVy5L9usXAaKH0Vvzva9sRdO5v7w5BYOBdPZRUx1GXzCa4K58m3t%2B%2F9tMH0qdRcVL8OI9MTfo8z"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
7823f5d88cc5bc03-FRA
access-control-allow-headers
X-Requested-With,content-type
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 286C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-206.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.homewindowsavings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
65774
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 30 Dec 2022 20:57:24 GMT
ETag
W/"63a0e8b7-dbb"
Last-Modified
Mon, 19 Dec 2022 22:41:59 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
X-Amz-Cf-Id
z9pGLOGVigvv872bF9LTgUZutECEHG5VssJvDA9e1jV0AynI-0s2aw==
X-Amz-Cf-Pop
FRA2-C2
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.11.9/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=f77cc024-a476-4e22-9b7b-6fc80f67376d&token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&_=329779522
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.homewindowsavings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 31 Dec 2022 15:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.9/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=f77cc024-a476-4e22-9b7b-6fc80f67376d&token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&_=329779523
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.homewindowsavings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 31 Dec 2022 15:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
deviceid.trueleadid.com/ Frame 10A7 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.210.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-210-214.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Sat, 31 Dec 2022 15:13:38 GMT
etag
W/"63910328-1049"
expires
Sun, 01 Jan 2023 15:13:38 GMT
last-modified
Wed, 07 Dec 2022 21:18:32 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
Snap
create.leadid.com/2.11.9/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=4&pid=f77cc024-a476-4e22-9b7b-6fc80f67376d&token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&_=329779524
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.homewindowsavings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 31 Dec 2022 15:13:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
SaveDeviceId.js
create.leadid.com/2.11.9/ Frame 10A7 		0
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&methods=48&token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&uuid=2bba7f0151c44b5c8a03aa48fa9df2a0
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=626430352181565&ev=Microdata&dl=https%3A%2F%2Fwww.homewindowsavings.com%2F&rl=&if=false&ts=1672499619467&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20Window%20Savings%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672499617963.704990329&it=1672499617511&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 31 Dec 2022 15:13:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form_cert_id&l=16724996204640.48375633208113866&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form_cert_id&l=16724996204640.48375633208113866&invert_field_sensitivity=false
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form_cert_id&l=16724996204640.48375633208113866&invert_field_sensitivity=false
Protocol
H2
Server
2600:9000:223d:5c00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c717a69b0af3ee001b59abe551a3d622d2b937bf4be7919f86f13effbab7d42c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:41 GMT
x-amz-version-id
Zre4udXC1f93Od.5tAxdfJ7LprIx83aw
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 15:57:15 GMT
server
AmazonS3
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"46a2aa85d48fdeeef9cae9b02d4b65e3"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
8ZrZG4XgtwSCUEbnE9kTTUJGAy6t9ar52a87t0o8Hnkwh0q_NutcOw==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form_cert_id&l=16724996204640.48375633208113866&invert_field_sensitivity=false
date
Sat, 31 Dec 2022 15:13:40 GMT
server
awselb/2.0
content-length
134
content-type
text/html
w.js
d10lpsik1i8c69.cloudfront.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-192.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 14:21:20 GMT
content-encoding
gzip
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3142
etag
W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
4A884HvIGtn7hDAA0AxzYF5rn1WBhEh9Jzydm6es27S--turHf2wOw==
api.js
www.google.com/recaptcha/ 		884 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX
Requested by
Host: www.homewindowsavings.com
URL: https://www.homewindowsavings.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dde1c7dee5540fb7ad80575daaf151d7a95760b9d2878dac187d5e236a0940fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
1; mode=block
expires
Sat, 31 Dec 2022 15:13:40 GMT
/
settings.luckyorange.net/ 		129 B
752 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.homewindowsavings.com%2F&s=266834
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
798f8d1ee65970ce3ac48c7d88329ed8c8df6045cd5b67d87fbb22b8e502fec8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.homewindowsavings.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eb9JIpSU%2FV7oVZABD5TIygvY%2Fyec%2FYkGOAOjqrTDtGUqMRCynOmmTzbojPEssdAcsCNGP3N30QyL8HZAbgFIdU2H5S7pUkzy%2BuYjJJVWJMTvbu5d9d9uf%2B0cS7z5LQ8CdtaIr08koGKbtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-credentials
true
cf-ray
7823f5e45f109293-FRA
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.homewindowsavings.com/
Origin
https://www.homewindowsavings.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 09:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Dec 2023 09:39:35 GMT
anchor
www.google.com/recaptcha/api2/ Frame C51C 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX&co=aHR0cHM6Ly93d3cuaG9tZXdpbmRvd3NhdmluZ3MuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=g6evzitqkirx
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7d0461803fe4e5a956ef0d5e8a1dc1af770177956faaf357d7409e3bbe635478
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bF2s2Yo8FALDrdvzZEBO-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.homewindowsavings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22247
content-security-policy
script-src 'report-sample' 'nonce-bF2s2Yo8FALDrdvzZEBO-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 31 Dec 2022 15:13:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame C51C 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX&co=aHR0cHM6Ly93d3cuaG9tZXdpbmRvd3NhdmluZ3MuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=g6evzitqkirx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 12:48:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Dec 2023 12:48:49 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame C51C 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX&co=aHR0cHM6Ly93d3cuaG9tZXdpbmRvd3NhdmluZ3MuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=g6evzitqkirx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 09:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Dec 2023 09:39:35 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C51C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:47 GMT
x-content-type-options
nosniff
age
332033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 03 Jan 2023 18:59:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C51C 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX&co=aHR0cHM6Ly93d3cuaG9tZXdpbmRvd3NhdmluZ3MuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=g6evzitqkirx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 12:17:50 GMT
x-content-type-options
nosniff
age
10550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Dec 2023 12:17:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C51C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX&co=aHR0cHM6Ly93d3cuaG9tZXdpbmRvd3NhdmluZ3MuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=g6evzitqkirx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:21:19 GMT
x-content-type-options
nosniff
age
406341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 22:21:19 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame C51C 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX&co=aHR0cHM6Ly93d3cuaG9tZXdpbmRvd3NhdmluZ3MuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=g6evzitqkirx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX&co=aHR0cHM6Ly93d3cuaG9tZXdpbmRvd3NhdmluZ3MuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=g6evzitqkirx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 31 Dec 2022 15:13:40 GMT
certs
api.trustedform.com/ 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form_cert_id&l=16724996204640.48375633208113866&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.112.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-112-111.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
1fcc59bc378e4ae56953e25be7420257062df72b05bbb754548ddf259442b895

Request headers

Referer
https://www.homewindowsavings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 31 Dec 2022 15:13:41 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
trustedform-1.8.33.js
cdn.trustedform.com/ 		102 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.8.33.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form_cert_id&l=16724996204640.48375633208113866&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:5c00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d0b66a8626cd9016c677e031517379ac000294a0352912d9351b93028dd0e21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
pHaR0aR2MxRUufmZTtmpVqdEEOHgn7XV
content-encoding
gzip
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
date
Sat, 31 Dec 2022 15:13:39 GMT
last-modified
Wed, 14 Dec 2022 15:57:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
3
etag
W/"efc4e68c3c9ce2b29436b08f089e80d9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
YBxNZWBnIuxQm79Jl1bHfZjMF4pugrxeB6yFLpyyIx33ggUl9rcN-Q==
snapshot
api.trustedform.com/certs/6388771fa8376850bcd526944017cd5aab30917b/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/6388771fa8376850bcd526944017cd5aab30917b/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.33.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.112.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-112-111.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.homewindowsavings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 31 Dec 2022 15:13:41 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
Home%20Window%20SavingsP2.png
www.homewindowsavings.com/assets/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.homewindowsavings.com/assets/images/Home%20Window%20SavingsP2.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.33.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5356be290ba86a275679423da60da843ca39061f894c39313d65fb89647d2557

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.homewindowsavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 15:13:41 GMT
cf-cache-status
HIT
last-modified
Thu, 14 Apr 2022 23:11:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zI2qXp7NuhuqtOVDSmbYjMMxh7uyDo8Z8bFG9KJGbYUd8yzAf77Gp7O3qqHH3CQB4TbOXdHVofJmO60W8%2BOnAKUZohaxfQvukmbshGmVEC0LGjW4Pd1heqagy0yjymhndgiKNyKH92lD8psB8hBA0VbRPm4BMCaM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7823f5e91e44bbda-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19829
fingerprints
api.trustedform.com/certs/6388771fa8376850bcd526944017cd5aab30917b/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/6388771fa8376850bcd526944017cd5aab30917b/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.33.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.112.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-112-111.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.homewindowsavings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 31 Dec 2022 15:13:41 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
text/javascript
events
api.trustedform.com/certs/6388771fa8376850bcd526944017cd5aab30917b/ 		0
159 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/6388771fa8376850bcd526944017cd5aab30917b/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.33.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.112.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-112-111.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.homewindowsavings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 31 Dec 2022 15:13:41 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
Snap
create.leadid.com/2.11.9/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=5&pid=f77cc024-a476-4e22-9b7b-6fc80f67376d&token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&_=329779525
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.homewindowsavings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 31 Dec 2022 15:13:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.11.9/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=6&pid=f77cc024-a476-4e22-9b7b-6fc80f67376d&token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&_=329779526
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.homewindowsavings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 31 Dec 2022 15:13:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.9/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/InitFormData?msn=7&pid=f77cc024-a476-4e22-9b7b-6fc80f67376d&token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&_=329779527
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.homewindowsavings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 31 Dec 2022 15:13:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.11.9/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.9/Snap?msn=8&pid=f77cc024-a476-4e22-9b7b-6fc80f67376d&token=7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D&_=329779528
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.11.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-11-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.homewindowsavings.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 31 Dec 2022 15:13:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange object| NREUM object| newrelic function| __nr_require function| fbq function| _fbq boolean| ADDRESS_VALIDATION_SKIP string| s1 string| s2 string| s3 string| s4 string| s5 function| initAutocomplete function| phoneFormat function| fillInAddress function| getState string| nonce object| _echo_get object| _echo_post function| gtag object| dataLayer function| Application function| loadTrustedForm number| __lo_site_id object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| setImmediate function| clearImmediate boolean| proofInitialized object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| _loq object| LeadiDconfig object| LeadiD string| label string| id boolean| sensitiveData object| defaultStyleFrame boolean| __lo_csr_added object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_918283 object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| regeneratorRuntime

8 Cookies

Domain/Path Name / Value
www.homewindowsavings.com/ Name: aid
Value: 26071
.homewindowsavings.com/ Name: _ga
Value: GA1.2.1691068840.1672499618
.homewindowsavings.com/ Name: _gid
Value: GA1.2.329867081.1672499618
.homewindowsavings.com/ Name: _gat_gtag_UA_207515269_1
Value: 1
.homewindowsavings.com/ Name: _fbp
Value: fb.1.1672499617963.704990329
.nr-data.net/ Name: JSESSIONID
Value: 8592a017ec4a2628
www.homewindowsavings.com/ Name: leadid_token-CCD83497-4573-8E50-2E69-12A2BB09C9F9-64720EC4-6D15-889B-EEBA-18EC1FDB5751
Value: 7EAB6BA8-EB2E-4F4C-1FB3-7BB1F3816D7D
.deviceid.trueleadid.com/ Name: uuid
Value: 2bba7f0151c44b5c8a03aa48fa9df2a0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.proofapi.com
api.trustedform.com
api.useproof.com
bam.nr-data.net
cdn.trustedform.com
cdn.useproof.com
cdnjs.cloudflare.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d10lpsik1i8c69.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.gstatic.com
js-agent.newrelic.com
settings.luckyorange.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.homewindowsavings.com
104.26.10.16
13.225.84.206
143.204.214.192
151.101.194.137
162.247.241.14
2600:9000:223d:5c00:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2606:4700:3035::6815:2f0c
2606:4700:3037::6815:5e1c
2606:4700::6811:180e
2a00:1450:4001:810::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2008
2a00:1450:400d:80a::2004
2a00:1450:400d:80a::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::c
3.213.210.214
54.156.11.63
54.204.112.111
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fcc59bc378e4ae56953e25be7420257062df72b05bbb754548ddf259442b895
2091bab6e5bc22099d757af2f769be30e043cfa6b31ce7033cfcd65d154bc046
35463a68bc362a42d6c125e21be7e741fde2b970fc716a3179f21ede77a465cc
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4d0b66a8626cd9016c677e031517379ac000294a0352912d9351b93028dd0e21
5356be290ba86a275679423da60da843ca39061f894c39313d65fb89647d2557
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73274aa79cc0a0120d5ad58a247f22766952164862643147866dc042ab8056f1
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
798f8d1ee65970ce3ac48c7d88329ed8c8df6045cd5b67d87fbb22b8e502fec8
7d0461803fe4e5a956ef0d5e8a1dc1af770177956faaf357d7409e3bbe635478
85060ea534ed90db89537166297f8f1716b91785440b8964e62b84801652d5e4
9ae9bc0f5aca62c1ec4fb101384b34a00b158fb9cd2542722c1d794394b41fe6
a55c8982680c6b686323c61392e7f11f1be3c06260678bee2b3f36dbc5a5e915
a7d02a111821fe19cb2ad0002a2c06efb810178b3a7532f58b73619b9cea08ef
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
adbee25c7c07dced68188f991993fda33f68dce364540bcfc1856876412ddde6
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c1e508eb79c78f17888a5a352b6d013408696d542fef7c17172ff299bc8fb4a1
c717a69b0af3ee001b59abe551a3d622d2b937bf4be7919f86f13effbab7d42c
dde1c7dee5540fb7ad80575daaf151d7a95760b9d2878dac187d5e236a0940fb
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40e952fffd779db9077b2fa0928a825dbf8c95c00581159555b4b510ca5236e
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e