windowsavingsnow.com Open in urlscan Pro
35.206.100.242 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://windowsavingsnow.com/
Submission Tags: phishingrod
Submission: On January 29 via api (January 29th 2023, 3:41:25 pm UTC) from DE — Scanned from DE

Summary HTTP 104 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 16 domains to perform 104 HTTP transactions. The main IP is 35.206.100.242, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is windowsavingsnow.com.
TLS certificate: Issued by R3 on January 29th 2023. Valid for: 3 months.

This is the only time windowsavingsnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	35.206.100.242 35.206.100.242	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
9	35.168.77.57 35.168.77.57	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
13	13.224.189.70 13.224.189.70	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.46 13.224.189.46	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	130.35.144.65 130.35.144.65	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1 4	67.202.17.219 67.202.17.219	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:20e... 2600:9000:20eb:3e00:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.225.84.132 13.225.84.132	16509 (AMAZON-02) (AMAZON-02)
104	19

24 35.206.100.242 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 242.100.206.35.bc.googleusercontent.com

windowsavingsnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.168.77.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-77-57.compute-1.amazonaws.com

windowsavingsusa.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

lucrordesign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.224.189.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-70.fra2.r.cloudfront.net

static.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-46.fra2.r.cloudfront.net

polyfill.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2a (Netherlands) 1 redirects

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
releases.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.35.144.65 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.202.17.219 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-67-202-17-219.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:3e00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.84.132 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-132.fra2.r.cloudfront.net

d2zdr2rqflfo3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	windowsavingsnow.com windowsavingsnow.com	2 MB
23	leadshook.io windowsavingsusa.leadshook.io static.leadshook.io — Cisco Umbrella Rank: 492076 polyfill.leadshook.io — Cisco Umbrella Rank: 537317	4 MB
6	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 22470 cdn.trustedform.com — Cisco Umbrella Rank: 27912	42 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	272 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	271 KB
4	gstatic.com fonts.gstatic.com	32 KB
3	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 3942	50 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	105 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	9 KB
2	cloudfront.net d2zdr2rqflfo3.cloudfront.net	826 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 359	80 KB
2	jquery.com 1 redirects code.jquery.com — Cisco Umbrella Rank: 673 releases.jquery.com — Cisco Umbrella Rank: 51827	28 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 76	63 KB
1	oraclecloudapps.com gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com	2 KB
1	lucrordesign.com lucrordesign.com
0	freegeoip.app Failed freegeoip.app Failed
104	16

	Domain	Requested by
24	windowsavingsnow.com	windowsavingsnow.com
13	static.leadshook.io	windowsavingsusa.leadshook.io cdn.trustedform.com
9	windowsavingsusa.leadshook.io	windowsavingsnow.com windowsavingsusa.leadshook.io browser.sentry-cdn.com
4	api.trustedform.com	1 redirects browser.sentry-cdn.com
4	www.facebook.com	windowsavingsnow.com windowsavingsusa.leadshook.io
4	connect.facebook.net	windowsavingsnow.com connect.facebook.net windowsavingsusa.leadshook.io
4	fonts.gstatic.com	fonts.googleapis.com
3	browser.sentry-cdn.com	windowsavingsusa.leadshook.io
3	cdnjs.cloudflare.com	windowsavingsusa.leadshook.io cdnjs.cloudflare.com
3	fonts.googleapis.com	windowsavingsnow.com windowsavingsusa.leadshook.io
2	d2zdr2rqflfo3.cloudfront.net	windowsavingsusa.leadshook.io cdn.trustedform.com
2	cdn.trustedform.com	windowsavingsusa.leadshook.io api.trustedform.com
2	cdn.jsdelivr.net	windowsavingsusa.leadshook.io
2	www.youtube.com	windowsavingsusa.leadshook.io www.youtube.com
1	gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com	windowsavingsusa.leadshook.io browser.sentry-cdn.com
1	releases.jquery.com	windowsavingsusa.leadshook.io
1	code.jquery.com	1 redirects
1	polyfill.leadshook.io	windowsavingsusa.leadshook.io
1	lucrordesign.com	windowsavingsnow.com
0	freegeoip.app Failed	browser.sentry-cdn.com
104	20

This site contains no links.

Subject Issuer	Validity	Valid
*.windowsavingsnow.com R3	`2023-01-29` - `2023-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
leadshook.io Amazon	`2022-11-06` - `2023-12-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.lucrordesign.com GTS CA 1P5	`2022-12-28` - `2023-03-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-07` - `2023-02-05`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
adb.us-ashburn-1.oraclecloudapps.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-18` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.trustedform.com Amazon	`2022-09-11` - `2023-10-09`	a year	crt.sh
cdn.trustedform.com Amazon	`2022-04-14` - `2023-05-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://windowsavingsnow.com/
Frame ID: 2BAD3B6D131F3D61F29D02B3B39009A7
Requests: 46 HTTP requests in this frame

Frame: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Frame ID: EDC38A3CFE02C50672B98CACFC44A592
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Window Savings Now – Useful Money Saving Tips

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

104
Requests

77 %
HTTPS

61 %
IPv6

16
Domains

20
Subdomains

19
IPs

4
Countries

6651 kB
Transfer

13754 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://code.jquery.com/git/jquery-git.min.js HTTP 301
https://releases.jquery.com/git/jquery-git.min.js

Request Chain 62

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=16750068789730.9663062148343942&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=16750068789730.9663062148343942&invert_field_sensitivity=false

104 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
windowsavingsnow.com/ 59 KB
12 KB 655ms
243ms Document
text/html 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsavingsnow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

242.100.206.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

433727b6e5f0b68d0449c3ff8a56cf5c4fcc7c0680b47f43e153693f9a49f8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 15:41:16 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://windowsavingsnow.com/wp-json/>; rel="https://api.w.org/" <https://windowsavingsnow.com/wp-json/wp/v2/pages/19>; rel="alternate"; type="application/json" <https://windowsavingsnow.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache-enabled: True
x-content-type-options: nosniff
x-httpd-modphp: 1
x-proxy-cache: HIT
x-xss-protection: 1; mode=block

GET
H2 200 siteground-optimizer-combined-css-2c5ec93f0d5216c7203eb3000acb96b7.css
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/ 765 KB
94 KB 153ms
152ms Stylesheet
text/css 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-2c5ec93f0d5216c7203eb3000acb96b7.css
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c10837bb6e05b2ecacadf51653245aad6b7a8f7bb7a6e546e9fa65e22472dd19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:16 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 19:36:55 GMT
server: nginx
etag: W/"634f0057-bf4a0"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 127ms
45ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.1.1

Requested by

Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

224db2aed80c2f0d017ba0071d2b94d326404344f940f0ebc66139459c1e4a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 15:29:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Jan 2023 15:41:17 GMT

GET
H2 200 jquery.min.js Show response
windowsavingsnow.com/wp-includes/js/jquery/ 88 KB
30 KB 275ms
274ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 09:32:40 GMT
server: nginx
etag: W/"63638ab8-15e54"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 jquery-migrate.min.js Show response
windowsavingsnow.com/wp-includes/js/jquery/ 11 KB
4 KB 275ms
274ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Fri, 13 Aug 2021 21:44:44 GMT
server: nginx
etag: W/"6116e7cc-2bd8"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 jquery.bind-first-0.2.3.min.js Show response
windowsavingsnow.com/wp-content/plugins/pixelyoursite/dist/scripts/ 1 KB
872 B 167ms
165ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 09:33:12 GMT
server: nginx
etag: W/"63638ad8-525"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 js.cookie-2.1.3.min.js Show response
windowsavingsnow.com/wp-content/plugins/pixelyoursite/dist/scripts/ 2 KB
1 KB 174ms
172ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 09:33:12 GMT
server: nginx
etag: W/"63638ad8-6ad"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 pys.min.js Show response
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/ 35 KB
9 KB 181ms
180ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/pys.min.js
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4e8cdf14e0d06b2e547b331a52fb1095975f29399a3ac571c42e71bc524cb29c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 09:33:12 GMT
server: nginx
etag: W/"63638ad8-8a0a"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 dummy.png
windowsavingsnow.com/wp-content/plugins/revslider/public/assets/assets/ 68 B
295 B 188ms
187ms Image
image/png 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsavingsnow.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
last-modified: Thu, 03 Nov 2022 09:32:50 GMT
server: nginx
etag: "63638ac2-44"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 68
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 js_embed Show response
windowsavingsusa.leadshook.io/s/ 12 KB
5 KB 434ms
111ms Script
text/html 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/s/js_embed
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: 2451f34eb685958d0461a204f78cb21e61673b84ea677973434ec102cae2d37a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: gzip
server: nginx/1.19.9
x-powered-by: Express
x-cache-status: MISS
vary: Accept-Encoding
etag: W/"3068-b4y/LVV/geUJzot35ztLKPOjA4A"
content-type: text/html; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 3 KB
743 B 74ms
74ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:500%7CRoboto:400&display=swap

Requested by

Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

856a174277bfd015478e39068c99c48cc89fb90a1e4455b432c83df720c715f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 15:41:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Jan 2023 15:41:17 GMT

GET
H2 200 swv.min.js Show response
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/ 10 KB
3 KB 193ms
192ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/swv.min.js
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7f982e420b3c266ea754b657025ecd71170366d0827bbf3b5204619a4cacbade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 09:33:07 GMT
server: nginx
etag: W/"63638ad3-26a4"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 contact-form-7.min.js Show response
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/ 12 KB
4 KB 199ms
198ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/contact-form-7.min.js
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 50e56f151aef3bbd8b38cc8c719ce1124f2cd3464e17f40d57a6f5d75fb5ee6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 09:33:07 GMT
server: nginx
etag: W/"63638ad3-2f97"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 rbtools.min.js Show response
windowsavingsnow.com/wp-content/plugins/revslider/public/assets/js/ 161 KB
58 KB 214ms
212ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 09:32:50 GMT
server: nginx
etag: W/"63638ac2-285db"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 rs6.min.js Show response
windowsavingsnow.com/wp-content/plugins/revslider/public/assets/js/ 398 KB
96 KB 266ms
265ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7b7d5a7040c734484063484276d1643c07c1d8a88c2e4c54818bb6d5fedfd18d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Thu, 03 Nov 2022 09:32:50 GMT
server: nginx
etag: W/"63638ac2-63723"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 lazysizes.min.js Show response
windowsavingsnow.com/wp-content/plugins/sg-cachepress/assets/js/ 8 KB
4 KB 304ms
303ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/plugins/sg-cachepress/assets/js/lazysizes.min.js
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cb34d2ee2a93fd11b734c124a6fc661339585c63382d08eb31bf921b66519eac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Tue, 22 Nov 2022 16:13:34 GMT
server: nginx
etag: W/"637cf52e-1ed0"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 xtra.min.js Show response
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/ 19 KB
6 KB 306ms
305ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/xtra.min.js
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 313b31e0386c1b7afb16ad7bd2e78b526a04afe24cf6a12a9a4c1b1a3704d743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Thu, 09 Sep 2021 16:06:42 GMT
server: nginx
etag: W/"613a3112-4b87"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 codevz-plus.min.js Show response
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/ 46 KB
13 KB 320ms
319ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/codevz-plus.min.js
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7e7e84874d4184fb3713ccd3d5d638fea7c71097bac90f8d5e61b72a1fef48c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 15:54:47 GMT
server: nginx
etag: W/"634ecc47-b80a"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 codevz-plus-share.min.js Show response
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/ 1 KB
768 B 323ms
322ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/codevz-plus-share.min.js
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 28b9f17b585b3722b4fc4883a2bb4e6c1ffc2be41e45081cbe3752bd752d02a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 15:54:47 GMT
server: nginx
etag: W/"634ecc47-439"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 js_composer_front.min.js Show response
windowsavingsnow.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
5 KB 140ms
138ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.10.0
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 15:54:59 GMT
server: nginx
etag: W/"634ecc53-4e52"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 title.js Show response
windowsavingsnow.com/wp-content/plugins/codevz-plus/wpbakery/assets/js/ 1 KB
660 B 151ms
149ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/plugins/codevz-plus/wpbakery/assets/js/title.js?ver=4.4.17
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7ccd3ac2b3e9256ef32e91ad965fcb391e7442af6a6815381656e5ecf058a49c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 15:54:47 GMT
server: nginx
etag: W/"634ecc47-4cc"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 image.js Show response
windowsavingsnow.com/wp-content/plugins/codevz-plus/wpbakery/assets/js/ 579 B
521 B 158ms
156ms Script
application/javascript 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsnow.com/wp-content/plugins/codevz-plus/wpbakery/assets/js/image.js?ver=4.4.17
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 490205bd0e29007df27f327f3c888514d90b0b87f77d54f6a51f3329f0c8ed04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 15:54:47 GMT
server: nginx
etag: W/"634ecc47-243"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4f0091d654925b99652679bd060c889704aa70aebd07e1322acda3d38014f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0696bb3df09627caefc874274365ad085818ea01a24cacadd90064b78ed64aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 416 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ed0d520e5505edd3862515a661448e740ce6446332f07e6046b190f12860485

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 166ms
50ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsavingsnow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 22:20:50 GMT
x-content-type-options: nosniff
age: 235227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 22:20:50 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 177ms
61ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsavingsnow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 07:19:38 GMT
x-content-type-options: nosniff
age: 289299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 07:19:38 GMT

GET
DATA 200
OK truncated
/ 92 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 477f2c7acf54b2994c85f1a07720eb99f56979f5b134efb37a9ef84713c0e318

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 92 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4b22a674c4b9431ebe3fd474ef353534ada4bfc252d4a3236c2d6c964754f9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 92 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 316a853bb4ac612ad41aedf4ba8958156b7e64295f2d0b2ede3c20a910928dff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 123 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9eaba4ee4769286a5a60125fda070144c81cf2f3f24f23e4eece81d8dfeeb672

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 156ms
54ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsavingsnow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 15:59:12 GMT
x-content-type-options: nosniff
age: 517325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 15:59:12 GMT

GET
H2 404 row-bg.jpg
lucrordesign.com/chris/wp-content/uploads/sites/46/2020/01/ 0
0 2320ms
2261ms Image
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lucrordesign.com/chris/wp-content/uploads/sites/46/2020/01/row-bg.jpg?id=1303
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 css_embed
windowsavingsusa.leadshook.io/s/ 10 KB
3 KB 111ms
110ms Stylesheet
text/css 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/s/css_embed
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/s/js_embed
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: d1bd27467c354f76309622e8ee3ccab8622ea35b8a68300911c48721db894641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
content-encoding: gzip
server: nginx/1.19.9
x-powered-by: Express
x-cache-status: MISS
vary: Accept-Encoding
etag: W/"29ee-Itz+Q3mdDaHi6T0lHtM+/Unz6Jo"
content-type: text/css; charset=utf-8

GET
H2 200 lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv Show response
windowsavingsusa.leadshook.io/survey/ Frame EDC3 210 KB
28 KB 144ms
143ms Document
text/html 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/s/js_embed
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: 6de7afe40d5538cdec040c4b19366afbcd9f3b665610e288d0a9d87129524ce8

Request headers

Referer: https://windowsavingsnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 29 Jan 2023 15:41:17 GMT
etag: W/"34603-sdtT49J4+fqVibTAtWhzdyV4FkA"
expires: 0
pragma: no-cache
server: nginx/1.19.9
vary: Accept-Encoding
x-cache-status: MISS
x-powered-by: Express
x-username: undefined

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 158ms
64ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/s/js_embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 29 Jan 2023 15:41:17 GMT

GET
H2 200 loader.gif
windowsavingsnow.com/wp-content/plugins/revslider/public/assets/assets/ 2 KB
3 KB 130ms
130ms Image
image/gif 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsavingsnow.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-2c5ec93f0d5216c7203eb3000acb96b7.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-2c5ec93f0d5216c7203eb3000acb96b7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
last-modified: Thu, 03 Nov 2022 09:32:50 GMT
server: nginx
etag: "63638ac2-9f1"
x-proxy-cache-info: DT:1
content-type: image/gif
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 2545
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 35ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/pys.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 29 Jan 2023 15:41:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MjCeLvMDYuo1gZj3t5e40H1g2j/FgtYByAX0FV2be40rm5STQOrG8+xtpu0zUacszkZzGH6TCnFdcSCvl1pxIA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 portfolio2.jpg
windowsavingsnow.com/wp-content/uploads/2021/09/ 310 KB
310 KB 132ms
131ms Image
image/webp 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsavingsnow.com/wp-content/uploads/2021/09/portfolio2.jpg
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ab9400a816d15900855f00f4dbb936346538a5713b06b4e23d2c2ad2404974e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:17 GMT
last-modified: Thu, 09 Sep 2021 07:04:23 GMT
server: nginx
etag: "6139b1f7-4d786"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 317318
expires: Mon, 29 Jan 2024 15:41:17 GMT

GET
H2 200 345912956288246 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 86ms
86ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/345912956288246?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8f9eba69a9dca06faf4573a308eaa7915c259cc634bde613aaf933aef89fa6e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 29 Jan 2023 15:41:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jaDf3QJbQDjo9p5rMGiMJLRIlPR+o5u7Ks9TTUFwbBVkYHX1WrU4fWlWctbeizg4lkwwo5Fcq24QAIvIBNjyXg==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 d3fed649.frontend_vendor.css
static.leadshook.io/app/ Frame EDC3 29 KB
5 KB 40ms
8ms Stylesheet
text/css 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/d3fed649.frontend_vendor.css
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 04:53:29 GMT
content-encoding: gzip
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Thu, 26 Jan 2023 00:30:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 40654
etag: W/"d3fed6497d41e35427f8a3440db188fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
x-amz-cf-id: gjA8vZM4_V0wChY8gMJS0a9IxmOCsJIAUlES49pdTyqm6N1KT57A8A==

GET
H2 200 9721ed50.app.css
static.leadshook.io/app/ Frame EDC3 255 KB
46 KB 40ms
8ms Stylesheet
text/css 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/9721ed50.app.css
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1061bc2b7156ef50111328b1c2514fb441169f5c9738172fd399af2484f820c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 00:23:14 GMT
content-encoding: gzip
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Thu, 26 Jan 2023 00:30:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 55282
etag: W/"9721ed505acf6127fa123f4b9202d8fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
x-amz-cf-id: 2Ksc3xv-6zvgv1RrGC22vEEHSrih22oHXixDWZfHi2n1y-XbQfRSKA==

GET
H2 200 pollyfill.js Show response
polyfill.leadshook.io/ Frame EDC3 101 B
535 B 57ms
24ms Script
application/javascript 13.224.189.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.leadshook.io/pollyfill.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-46.fra2.r.cloudfront.net

Software

CloudFront /

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 01:23:12 GMT
content-security-policy: default-src 'self'
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
age: 310686
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
feature-policy: camera 'none'; microphone 'none'; speaker 'none'
content-length: 101
x-amz-cf-id: t3a1DAKHA26YA5j6sxoaOMIExoHs4N0T4NVecpRO5dKQvdvcqZ8d9w==

GET
H2

200

jquery-git.min.js Show response
releases.jquery.com/git/ Frame EDC3
Redirect Chain

https://code.jquery.com/git/jquery-git.min.js
https://releases.jquery.com/git/jquery-git.min.js

77 KB
27 KB

642ms
631ms

Script
application/javascript

2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://releases.jquery.com/git/jquery-git.min.js
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: e4882a153137cb8bf38a887cf83e5ccf1630b8ddbb3997ce719f3db11ce8e106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:18 GMT
content-encoding: gzip
x-sp-metadata: HS256.CK7D2p4GEo8BCiQwMzFmYzBjMi1mOWJkLTQ1ZmEtYTQzZS00MjQ4Nzc1ZDY0OGMQuK6asvr2+wIaBgiep9qeBiIUMmEwMzoxYjIwOjY6ZjAxMTo6NmUokrwDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKhIkYTMwMDY2ZTItNDczYi00YWIwLWE1NzQtMDlhN2E2ODFmZTE1GJfXASIaCAISFGNkczEyMy5hbTUuaHdjZG4ubmV0GAk=.Q5sAd5eOSzWL7JvmLFIIe3gAHDr1NXT+d4xEK5CbI9A=
last-modified: Mon, 23 Jan 2023 22:36:44 GMT
server: nginx
etag: "63cf0bfc-134a8"
x-hw: 1675006878.dop156.am5.t,1675006878.cds128.am5.hn,1675006878.cds123.am5.pr
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300, public
accept-ranges: bytes
content-length: 27543

Redirect headers

date: Sun, 29 Jan 2023 15:41:18 GMT
content-encoding: gzip
x-sp-metadata: HS256.CK7D2p4GEo8BCiRhZGIwNjRiZS05MzgwLTRjNDAtOWE1YS01MmQxOWQ3Mzg5YWMQ+OiCoKvU+wIaBgiep9qeBiIUMmEwMzoxYjIwOjY6ZjAxMTo6NmUokrwDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiQ0MWI5OTE2OC03MjI1LTQ3NjAtOTM4NS0xZDg5Yjg0YzE3ZGYYgwEiGAgCEhRjZHMzMDIuYW01Lmh3Y2RuLm5ldA==.b0KszrdTXWnkC17E6+YQEtP3ZDLfq/2+hEFem6Mh+Rc=
server: nginx
x-hw: 1675006878.dop156.am5.t,1675006878.cds128.am5.hn,1675006878.cds302.am5.c
content-type: text/html
location: https://releases.jquery.com/git/jquery-git.min.js
cache-control: max-age=27048624
accept-ranges: bytes
content-length: 131

GET
H2 200 rrweb.min.js Show response
cdn.jsdelivr.net/npm/rrweb@latest/dist/ Frame EDC3 137 KB
43 KB 30ms
9ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/rrweb@latest/dist/rrweb.min.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

86a006a77aaf44645501f4bb6c27813d095dbaddc18ec10087e08997ecca8854

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 29 Jan 2023 15:41:17 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 35139
x-jsd-version: 2.0.0-alpha.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43774
x-served-by: cache-fra-eddf8230120-FRA, cache-hhn-etou8220077-HHN
x-jsd-version-type: version
etag: W/"224e5-HOqK1bmU7a2aPc1zsHtbhVp6JrU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 index.js Show response
cdn.jsdelivr.net/npm/rrweb-player@latest/dist/ Frame EDC3 112 KB
36 KB 37ms
15ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/rrweb-player@latest/dist/index.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

650a554cda8e5c47d8b0d9575cddd6dde949f2eb1f55a5204a47f6dc88ef641f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 29 Jan 2023 15:41:17 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 10656
x-jsd-version: 1.0.0-alpha.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 37046
x-served-by: cache-fra-eddf8230127-FRA, cache-hhn-etou8220077-HHN
x-jsd-version-type: version
etag: W/"1c1c8-rMJxlkkJxT1Tmq4lmaJJTC3QzaA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 1 Show response
gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/scripts/ Frame EDC3 2 KB
2 KB 837ms
406ms Script
text/javascript 130.35.144.65
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/scripts/1
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.35.144.65 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: aa7c94a4bc1ebba2597b8ac0f47a81f8b2ef0b5896f6bde14647e12ce1e7a252

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sun, 29 Jan 2023 15:41:18 GMT
Connection: keep-alive
ETag: "V09kKKWIh8OuXHItQpENMh2YNV3q3BR8P+ILyPrDlDpO0n4fjBO+OFZ9QHwyrw8ayudV2t9k2t2iy8cW3Cv+sQ=="
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame EDC3 30 KB
6 KB 67ms
25ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 237821
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nYaRbz5MmqB8XhTMLZETkFZSie1GI%2B3VCfbOLUUQ56hTpdhfWEb%2FwizSt2Ebq5mwd9O3eU3zXL2yuj%2BsMd%2BbM0ghaGJp%2FA1MjME6KM7Q1ijqQxLo%2B%2BZfj8PHeRuq8vmTaSaBX2X7zSfj%2BIU8RR0nASm"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7913123b996091d8-FRA
expires: Fri, 19 Jan 2024 15:41:18 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/ 183 KB
62 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:39:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62798
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 29 Jan 2024 15:39:32 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 32ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=345912956288246&ev=PageView&dl=https%3A%2F%2Fwindowsavingsnow.com%2F&rl=&if=false&ts=1675006878048&cd[page_title]=Home&cd[post_type]=page&cd[post_id]=19&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=windowsavingsnow.com%2F&sw=1600&sh=1200&v=2.9.92&r=stable&a=dvpixelyoursite&ec=0&o=30&fbp=fb.1.1675006878047.2033385984&it=1675006877929&coo=false&rqm=GET

Requested by

Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 29 Jan 2023 15:41:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame EDC3 223 KB
7 KB 48ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e2e7102fcfd7598f2fb2c5cad061991a4581118a5c8bcd5a6ed21335e8c3f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 15:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 15:29:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Jan 2023 15:41:18 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ Frame EDC3 63 KB
23 KB 39ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1162875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22890
last-modified: Sat, 25 Dec 2021 03:05:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61c68a7c-596a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1efzfx%2BekRJivYuqf3SPTkLLtM6kWbYeoqrkhiTvl2%2B%2Fv3hWmKfdUMZBgwbysEAy23yfBWgFYkXoM5ALmM%2B51Ghk6SpCa9FWtIKk3V2crfh%2BdvObvCJlqSDlloHAgIFLsfxsdrlzdy%2Fc9sVzEEIlHrT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7913123bea1591d8-FRA
expires: Fri, 19 Jan 2024 15:41:18 GMT

GET
H2 200 8fbc9d0c.frontend_vendor.js Show response
static.leadshook.io/app/ Frame EDC3 2 MB
528 KB 10ms
8ms Script
application/javascript 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/8fbc9d0c.frontend_vendor.js
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ece7b4a6584431d0a25dbdc353c6cba44d3c63aa986a3a9efc2e78d6cb5e3c62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 03:15:50 GMT
content-encoding: gzip
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Thu, 26 Jan 2023 00:30:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 44764
etag: W/"8fbc9d0c1af3fe08877000d4b6a9e902"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: KkmlmT6i66Dai17KkF0xyd11A55W3epowIxvdGqe0KlDPfc89xT8jw==

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/6.17.4/ Frame EDC3 63 KB
20 KB 42ms
24ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/bundle.min.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://windowsavingsusa.leadshook.io/
Origin: https://windowsavingsusa.leadshook.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 2183625
etag: "456782718f10c0d95baf1a859662a1e9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20491
expires: Thu, 04 Jan 2024 09:07:33 GMT

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/6.17.4/ Frame EDC3 89 KB
28 KB 44ms
26ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ab75d2b0c8cc42eb0741c91c456679dd5fa0d6ea201ad0c7e50b06fe916f2c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://windowsavingsusa.leadshook.io/
Origin: https://windowsavingsusa.leadshook.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 1733466
etag: "d79feee5fcf01c4d7aae920cbcbc5c06"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 28623
expires: Tue, 09 Jan 2024 14:10:11 GMT

GET
H2 200 angular.min.js Show response
browser.sentry-cdn.com/6.17.4/ Frame EDC3 4 KB
2 KB 49ms
31ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/angular.min.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4791f9629b2ab03e00aa962848b886d9d8e709d5185fa2517b1ce4e97027f636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://windowsavingsusa.leadshook.io/
Origin: https://windowsavingsusa.leadshook.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 5103505
etag: "88a049ef735409b4f4e297d1b058b3ab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1770
expires: Fri, 01 Dec 2023 14:02:53 GMT

GET
H2 200 3807be8a.frontend_app.js Show response
static.leadshook.io/app/ Frame EDC3 3 MB
321 KB 9ms
8ms Script
application/javascript 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/3807be8a.frontend_app.js
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35dda36cd657b41c621cbf4b4b4dd64e01d5dd41d27561b6a83c0c310239b1b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 04:20:10 GMT
content-encoding: gzip
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Sun, 22 Jan 2023 19:20:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 40869
etag: W/"8259b8d63dd9489a6acf67dafd14d7c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: pnCTp71s8XokjBLFmwEoGRfq8xKjpKglmG01OhQSX2OxZ0mcTFVeYw==

GET
H2 200 Window-Savings-Now.png
windowsavingsnow.com/wp-content/uploads/2021/09/ 83 KB
83 KB 148ms
147ms Image
image/webp 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsavingsnow.com/wp-content/uploads/2021/09/Window-Savings-Now.png
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f4d9eb584be3bd82a980f5f35ab8e10d4803f53c80fda95912c778d4a566577c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:18 GMT
last-modified: Thu, 02 Sep 2021 06:20:54 GMT
server: nginx
etag: "61306d46-14b36"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 84790
expires: Mon, 29 Jan 2024 15:41:18 GMT

GET
H2 200 carrycot-1888587_1920.jpg
windowsavingsnow.com/wp-content/uploads/2021/09/ 1 MB
1 MB 156ms
156ms Image
image/webp 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsavingsnow.com/wp-content/uploads/2021/09/carrycot-1888587_1920.jpg
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f56eec219c331da765c35568a9a8c420bee5121da53e4a69d10b3a61c882f22c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:18 GMT
last-modified: Wed, 01 Sep 2021 09:58:06 GMT
server: nginx
etag: "612f4eae-1205aa"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 1181098
expires: Mon, 29 Jan 2024 15:41:18 GMT

GET
H2 200 pexels-waldemar-brandt-2290609-2048x1365.jpg
windowsavingsnow.com/wp-content/uploads/2021/09/ 455 KB
455 KB 291ms
290ms Image
image/webp 35.206.100.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsavingsnow.com/wp-content/uploads/2021/09/pexels-waldemar-brandt-2290609-2048x1365.jpg
Requested by: Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.206.100.242 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 242.100.206.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b771b570e60c8e50333e424783ca6cfa7b00b044ad6a169ee6b71f2760bf1c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:18 GMT
last-modified: Wed, 01 Sep 2021 09:57:41 GMT
server: nginx
etag: "612f4e95-71a42"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 465474
expires: Mon, 29 Jan 2024 15:41:18 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame EDC3 106 KB
27 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 29 Jan 2023 15:41:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MjCeLvMDYuo1gZj3t5e40H1g2j/FgtYByAX0FV2be40rm5STQOrG8+xtpu0zUacszkZzGH6TCnFdcSCvl1pxIA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 48ms
47ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsavingsnow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 15:34:40 GMT
x-content-type-options: nosniff
age: 173198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 15:34:40 GMT

GET
H3 200 876288816239243 Show response
connect.facebook.net/signals/config/ Frame EDC3 377 KB
108 KB 138ms
137ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/876288816239243?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59840057fa6c3dce397fb77e57175e62b75030fee7179abfd2075d3a5b6624e0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 29 Jan 2023 15:41:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: dQMudtFIYlG+L4L5YnwULpPj1IP17ro3fSyhTsgm9glUCI3sygTaALEqztveRDd9Wr5DjjAh4N0Uyi/gS5EcBg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/ Frame EDC3
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=16750068789730.9663062148343942&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=16750068789730.9663062148343942&invert_field_sensitivity=false

8 KB
4 KB

179ms
143ms

Script
application/javascript

2600:9000:20eb:3e00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=16750068789730.9663062148343942&invert_field_sensitivity=false
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Server: 2600:9000:20eb:3e00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2b6c34c5bc6983e8fecc9bf30f0cf13df801e7e2109579dea786fb86880bbe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:20 GMT
x-amz-version-id: mGsiKszEOvLychB1h9uHpdFpT70J3aoc
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 16:07:22 GMT
server: AmazonS3
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"90474758772e8fd27bc16a6e21bb75e8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: nHW6ltgxB7mJk1p2CYjH_FyqJdIwYpAtL6AnNCYaR5Ax4hk8BKy1gQ==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=16750068789730.9663062148343942&invert_field_sensitivity=false
date: Sun, 29 Jan 2023 15:41:19 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

POST
H2 204 nodetracker Show response
windowsavingsusa.leadshook.io/api/ Frame EDC3 0
194 B 115ms
115ms XHR
text/plain 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/api/nodetracker
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://windowsavingsusa.leadshook.io
date: Sun, 29 Jan 2023 15:41:19 GMT
access-control-allow-credentials: true
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
vary: X-HTTP-Method-Override, Origin

GET
H2 200 pixel.png
d2zdr2rqflfo3.cloudfront.net/ Frame EDC3 95 B
410 B 449ms
417ms Image
image/png 13.225.84.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2zdr2rqflfo3.cloudfront.net/pixel.png?host=windowsavingsusa.leadshook.io&subdomain=windowsavingsusa&accountId=1401&quizId=43813&leadId=346428389&quizVersionId=7
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-132.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:20 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 28 Sep 2019 18:11:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "9591c410148e6883727c5339fd1c02cd"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 95
x-amz-cf-id: VDLa7WAVl9r2-RClD8ierlCd_dnkN4Abw0IyLS8amTFiRuheXk1DcQ==

GET
H2 200 phil-hearing-iyfp2ixe9nm-unsplash%20(1)-1585714393195.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame EDC3 609 KB
610 KB 465ms
464ms Image
image/jpeg 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/phil-hearing-iyfp2ixe9nm-unsplash%20(1)-1585714393195.jpg
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1d13b6e488425debec1aa7606609aa1516a288b6ef44948ccff360afdffd6e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:20 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:19:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "c8dc64c588a920e8a1610f61f68450e7"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 623406
x-amz-cf-id: NOpaTTCGfNaKn8dZxQ9otpgNDa-BUIRcN41710y3rGSBK_H71kSyQw==

GET
H2 200 mobile%20home-1585767200554.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame EDC3 398 KB
399 KB 447ms
446ms Image
image/jpeg 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/mobile%20home-1585767200554.jpg
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd33b485f1a4b9da75b12b4497f6621346981ea0a68ecfa0dd3773a546ccd592

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:20 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:19:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "853aa6a217bcd4cf8ba3e9ef937e8953"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 407374
x-amz-cf-id: IXgGaTuU6dhV6e7JO_SSpwdBa0RiLy_uTq1c36G2gYrDooOnQ3_MjA==

GET
H2 200 apt-1585767199365.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame EDC3 176 KB
176 KB 440ms
440ms Image
image/jpeg 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/apt-1585767199365.jpg
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43639d8ed64a965fb70c6b2d10de35dfd9d78271bd171c1512117818b14341e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:20 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:19:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "60415190d5497308b405723cb654b20c"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 179955
x-amz-cf-id: UtGJmhz3EQbDu6IkZ1KX8D-EvtzNY2yEYOOgn0ln2CV8w0I6-vtKpQ==

GET
H2 200 other-1585767202215.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame EDC3 42 KB
43 KB 426ms
425ms Image
image/jpeg 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/other-1585767202215.jpg
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b060446306273b1f291d00493b29d7d5d635ba96f7bedbffc17d2b55aac1ff59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:20 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:20:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "d6689798baa214ddbd2398756776cb3b"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 43486
x-amz-cf-id: c1uBN7qS59Ihtem0P0C9lonlM0yhD5g9rnyn2DZJpXPbnnycYnjDpg==

GET
H2 200 -ebsite-background-1629673142831.png
static.leadshook.io/upload/lowermyutilitybill/ Frame EDC3 216 KB
216 KB 470ms
470ms Image
image/png 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/lowermyutilitybill/-ebsite-background-1629673142831.png
Requested by: Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8253b8a5e5fbe53b9bff318355e6c91544ba707dc69c2ec3e8b89f4212168ced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:20 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Sun, 22 Aug 2021 22:59:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "e9d6462ac438e76c1456bbd922f07298"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 221001
x-amz-cf-id: NEsL6-YnwpQF1CpmKmQVSfKqhdG-aLpM0NgRs1AVbTD0lNiU7WYEBg==

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ Frame EDC3 75 KB
76 KB 39ms
26ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://windowsavingsusa.leadshook.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:19 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2066221
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyMUJSgfAyx467GK%2FmGucnk0berVt%2FHzUMAxw6HErfo6GPb%2FnDL1ljyWXibvNJ4mfUt3U7737Vyt1iF2TJDKZjoNeeOBt0auKd3hYjCv1dxZ1%2B2S1KixKr5ZcgMkdq2P1f%2B89%2B2yPNz6OkWwzeag5zQO"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79131242ae922c61-FRA
expires: Fri, 19 Jan 2024 15:41:19 GMT

GET /
freegeoip.app/json/ Frame EDC3 0
0

GET
H2 200 geoip Show response
windowsavingsusa.leadshook.io/api/ Frame EDC3 2 KB
756 B 144ms
144ms XHR
application/json 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/api/geoip?leadId=346428389
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: 745e3aff27cb877bf82b96f90cda69d2b3ac83cb665e0d661b847606bf107df8

Request headers

Accept: */*
Referer: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:19 GMT
content-encoding: gzip
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
etag: W/"7f0-0877XJR3FceQoKhAgeHXGMeZxPU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-cache-status: MISS

GET
H2 200 leaddevice Show response
windowsavingsusa.leadshook.io/api/ Frame EDC3 1 KB
665 B 112ms
111ms XHR
application/json 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/api/leaddevice?leadId=346428389&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F109.0.5414.119+Safari%2F537.36
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: f2977d78b07dcbf44fb3f20f331ffe29a94f94dbd6862a6f0dadb84aacec7be6

Request headers

Accept: */*
Referer: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:19 GMT
content-encoding: gzip
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
etag: W/"567-TFTUF0Necck9in6PKJmvCSVcTHM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-cache-status: MISS

GET
H2 200 /
www.facebook.com/tr/ Frame EDC3 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=876288816239243&ev=PageView&dl=https%3A%2F%2Fwindowsavingsusa.leadshook.io%2Fsurvey%2FlLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv%3Fembed%3Dtrue%26index%3D0&rl=https%3A%2F%2Fwindowsavingsnow.com%2F&if=true&ts=1675006879174&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&it=1675006878809&coo=false&rqm=GET

Requested by

Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 29 Jan 2023 15:41:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 fields Show response
windowsavingsusa.leadshook.io/api/leads/346428389/ Frame EDC3 0
632 B 123ms
123ms XHR
text/plain 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/api/leads/346428389/fields
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://windowsavingsusa.leadshook.io
date: Sun, 29 Jan 2023 15:41:19 GMT
access-control-allow-credentials: true
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
vary: X-HTTP-Method-Override, Origin

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=345912956288246&ev=Microdata&dl=https%3A%2F%2Fwindowsavingsnow.com%2F&rl=&if=false&ts=1675006879555&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Window%20Savings%20Now%20%E2%80%93%20Useful%20Money%20Saving%20Tips%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.92&r=stable&a=dvpixelyoursite&ec=1&o=30&fbp=fb.1.1675006878047.2033385984&it=1675006877929&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 29 Jan 2023 15:41:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

PUT
H2 200 346428389 Show response
windowsavingsusa.leadshook.io/api/leads/ Frame EDC3 762 B
753 B 116ms
116ms XHR
application/json 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsavingsusa.leadshook.io/api/leads/346428389
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-77-57.compute-1.amazonaws.com
Software: nginx/1.19.9 / Express
Resource Hash: cd3c1595166bed4c540ff0ff17b5c9c7ee6c6b76b433c468bda71f06b59de584

Request headers

Accept: application/json, text/plain, */*
Referer: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 29 Jan 2023 15:41:19 GMT
content-encoding: gzip
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
etag: W/"2fa-IC5TGmxmad/Lg/Mg+E44ZvIRvPk"
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://windowsavingsusa.leadshook.io
access-control-allow-credentials: true

POST
H2 404 271929577 Show response
windowsavingsusa.leadshook.io/api/impressions/ Frame EDC3 165 B
472 B 107ms
107ms XHR
text/html 35.168.77.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsavingsusa.leadshook.io/api/impressions/271929577

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.168.77.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-168-77-57.compute-1.amazonaws.com

Software

nginx/1.19.9 / Express

Resource Hash

bd62c8ef603489ab577f33c89fc4f91b36d534b6fe326b81bebd515ef66aca3e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 29 Jan 2023 15:41:19 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
server: nginx/1.19.9
x-username: undefined
x-powered-by: Express
vary: X-HTTP-Method-Override, Origin, Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://windowsavingsusa.leadshook.io
access-control-allow-credentials: true
content-length: 165

POST
H2 201 certs Show response
api.trustedform.com/ Frame EDC3 475 B
686 B 325ms
109ms XHR
application/json 67.202.17.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.202.17.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-67-202-17-219.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 1d5b7c8173341b0b10ce103395950c54543e27284297bbc84f461dda3c994d01

Request headers

Referer: https://windowsavingsusa.leadshook.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Jan 2023 15:41:20 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H3 200 /
www.facebook.com/tr/ Frame EDC3 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=876288816239243&ev=Microdata&dl=https%3A%2F%2Fwindowsavingsusa.leadshook.io%2Fsurvey%2FlLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv%3Fembed%3Dtrue%26index%3D0&rl=https%3A%2F%2Fwindowsavingsnow.com%2F&if=true&ts=1675006880680&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Anderson%20-%20All%20-%20No%20Cost%20-%20Let%27s%20See%20If%20You%20Can%20Get%20New%20Windows%20for%20No%20Cost%20Down.%20What%20Type%20of%20Home%20Do%20You%20Live%20In%3F%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.92&r=stable&ec=1&o=30&it=1675006878809&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 29 Jan 2023 15:41:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 trustedform-1.8.35.js Show response
cdn.trustedform.com/ Frame EDC3 102 KB
37 KB 12ms
12ms Script
application/javascript 2600:9000:20eb:3e00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.35.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=16750068789730.9663062148343942&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3e00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cacdda23e5b945d4ea8105a92bc2c939c60b60fd4ea3c73a62421b76c03ba44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: PsGscq0o6WWOGkSqGH9BYInejEgnNeUZ
content-encoding: gzip
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
date: Sun, 29 Jan 2023 15:41:20 GMT
last-modified: Fri, 06 Jan 2023 16:07:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 25
etag: W/"cef26bd569e1a24279f16aecc87c254b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: f4CQ5u4A3Ck1tfG5tw70rhM2mNvzKSRbLyws28tJ0P0p_TzCwIcEWQ==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/f7e479cc65083d7dced5d0b439d844016c98de7d/ Frame EDC3 0
159 B 224ms
224ms XHR
text/plain 67.202.17.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f7e479cc65083d7dced5d0b439d844016c98de7d/snapshot
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.202.17.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-67-202-17-219.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsavingsusa.leadshook.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 15:41:21 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 pixel.png
d2zdr2rqflfo3.cloudfront.net/ Frame EDC3 95 B
416 B 16ms
16ms Image
image/png 13.225.84.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2zdr2rqflfo3.cloudfront.net/pixel.png?host=windowsavingsusa.leadshook.io&subdomain=windowsavingsusa&accountId=1401&quizId=43813&leadId=346428389&quizVersionId=7
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-132.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:20 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 28 Sep 2019 18:11:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 1
etag: "9591c410148e6883727c5339fd1c02cd"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 95
x-amz-cf-id: A2o5HrYv-dyHDaG6ZBdLq03yMUcAzgQuWeJB8LkM48yWf6yXjPz-Kw==

GET
H2 200 phil-hearing-iyfp2ixe9nm-unsplash%20(1)-1585714393195.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame EDC3 609 KB
610 KB 26ms
25ms Image
image/jpeg 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/phil-hearing-iyfp2ixe9nm-unsplash%20(1)-1585714393195.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1d13b6e488425debec1aa7606609aa1516a288b6ef44948ccff360afdffd6e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:20 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:19:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 1
etag: "c8dc64c588a920e8a1610f61f68450e7"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 623406
x-amz-cf-id: mj_IplS01DOotZf9E-a-Y2WlZENGfIwkirM38lBDeU4j547Po6YXWA==

GET
H2 200 mobile%20home-1585767200554.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame EDC3 398 KB
399 KB 58ms
57ms Image
image/jpeg 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/mobile%20home-1585767200554.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd33b485f1a4b9da75b12b4497f6621346981ea0a68ecfa0dd3773a546ccd592

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:20 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:19:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 1
etag: "853aa6a217bcd4cf8ba3e9ef937e8953"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 407374
x-amz-cf-id: TrJM7-mUVto0N_Y65gggQ9hYxnTGpzi7o5wFI2EztG5hWLY7im5Fhw==

GET
H2 200 apt-1585767199365.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame EDC3 176 KB
176 KB 21ms
20ms Image
image/jpeg 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/apt-1585767199365.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43639d8ed64a965fb70c6b2d10de35dfd9d78271bd171c1512117818b14341e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:20 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:19:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 1
etag: "60415190d5497308b405723cb654b20c"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 179955
x-amz-cf-id: R1EHw1MgPLraAB1VfBz_zAJMnIFjGidUb4qwVlgiXvnA6WT0I-DGow==

GET
H2 200 other-1585767202215.jpg
static.leadshook.io/upload/windowsavingsusa/ Frame EDC3 42 KB
43 KB 16ms
16ms Image
image/jpeg 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/upload/windowsavingsusa/other-1585767202215.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b060446306273b1f291d00493b29d7d5d635ba96f7bedbffc17d2b55aac1ff59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windowsavingsusa.leadshook.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:41:20 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jul 2020 01:20:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 1
etag: "d6689798baa214ddbd2398756776cb3b"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 43486
x-amz-cf-id: yV2ZJF2--0Tt-MB82PbKpPInluIbsRmXqmMsKV9EBMgmE5hrAUxHAQ==

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/f7e479cc65083d7dced5d0b439d844016c98de7d/ Frame EDC3 0
159 B 209ms
209ms XHR
text/plain 67.202.17.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f7e479cc65083d7dced5d0b439d844016c98de7d/fingerprints
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.202.17.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-67-202-17-219.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsavingsusa.leadshook.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 15:41:21 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
DATA 200
OK truncated
/ Frame EDC3 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: text/javascript

POST cert_events
gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/ Frame EDC3 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: freegeoip.app
URL: https://freegeoip.app/json/

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Domain: gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
URL: https://gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com/ords/powercert/a/cert_events

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
windowsavingsnow.com/	1970-01-20 09:16:50	Name: pys_session_limit Value: true
windowsavingsnow.com/	1969-12-31 23:59:59	Name: pys_start_session Value: true
windowsavingsnow.com/	1970-01-20 09:26:51	Name: pys_first_visit Value: true
windowsavingsnow.com/	1970-01-20 09:26:51	Name: pysTrafficSource Value: direct
windowsavingsnow.com/	1970-01-20 09:26:51	Name: pys_landing_page Value: https://windowsavingsnow.com/
windowsavingsnow.com/	1970-01-20 09:26:51	Name: last_pysTrafficSource Value: direct
windowsavingsnow.com/	1970-01-20 09:26:51	Name: last_pys_landing_page Value: https://windowsavingsnow.com/
windowsavingsusa.leadshook.io/	1970-01-20 09:26:51	Name: AWSALBTGCORS Value: mMXZopT0hPcBYpwY6Si4RaFK+0K5HLTqJgn0gYl1M0aSm10Ro4jBXiG9E00PyCcnvxwt/vRF3E10WVZpqZ2XAi6HRNvQmLbzBXW6v9tv0cx69mnARzPvnZcFsZ+29Nd2iWvFaFEMyVe6ux+m1QeRZbDSPGunn3H/lAP9WlCyXdZe0uPa4Qc=
windowsavingsusa.leadshook.io/	1970-01-20 09:59:58	Name: lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv.leadData Value: j%3A%7B%22leadId%22%3A346428389%2C%22leadToken%22%3A%22lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03DmvkdcvZOjU1zsVhPIl4MFvWs4G%22%2C%22quizId%22%3A43813%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Y9cpo-8FhuM
.youtube.com/	1970-01-20 13:35:58	Name: DEVICE_INFO Value: ChxOekU1TkRBNU9UYzFOelV4T1RVM09ESTVNQT09EJ2n2p4GGJ2n2p4G
.youtube.com/	1970-01-20 13:35:58	Name: VISITOR_INFO1_LIVE Value: 3XKfMod68CU
.windowsavingsnow.com/	1970-01-20 11:26:22	Name: _fbp Value: fb.1.1675006878047.2033385984
windowsavingsusa.leadshook.io/	1970-01-20 09:26:51	Name: AWSALBCORS Value: 4uUcdcj5lAJOtZej0RpTEK18uhPLRyytGslBZ+TcvaLSkjo6LIBzMiNkd1fDGeO9Mme3/Ua9zlkQUdio5ImXWxvyvI+wbxHQabG7RGROo8AbXgmUHE4ceCa1LgBbGxzXNscwgKv4fyY+pb/3NBTJkFB8CWysjQSrucJ3rVpMurNr9EgtFM3rbJScR4Vl+w==

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://windowsavingsnow.com/ Message: Mixed Content: The page at 'https://windowsavingsnow.com/' was loaded over HTTPS, but requested an insecure element 'http://windowsavingsnow.com/wp-content/uploads/2021/09/Window-Savings-Now.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://windowsavingsnow.com/ Message: Mixed Content: The page at 'https://windowsavingsnow.com/' was loaded over HTTPS, but requested an insecure element 'http://windowsavingsnow.com/wp-content/uploads/2021/09/Window-Savings-Now.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	error	URL: https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0 Message: Access to XMLHttpRequest at 'https://freegeoip.app/json/' from origin 'https://windowsavingsusa.leadshook.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://freegeoip.app/json/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://lucrordesign.com/chris/wp-content/uploads/sites/46/2020/01/row-bg.jpg?id=1303 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://windowsavingsusa.leadshook.io/api/impressions/271929577 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
browser.sentry-cdn.com
cdn.jsdelivr.net
cdn.trustedform.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
d2zdr2rqflfo3.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
freegeoip.app
gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
lucrordesign.com
polyfill.leadshook.io
releases.jquery.com
static.leadshook.io
windowsavingsnow.com
windowsavingsusa.leadshook.io
www.facebook.com
www.youtube.com
freegeoip.app
gf0fe4d236bb4e8-db202107291325.adb.us-ashburn-1.oraclecloudapps.com
13.224.189.46
13.224.189.70
13.225.84.132
130.35.144.65
2001:4de0:ac18::1:a:2a
2600:9000:20eb:3e00:1c:7f1a:6680:93a1
2606:4700::6811:190e
2a00:1450:4001:811::200e
2a00:1450:4001:82b::200a
2a00:1450:400d:806::2003
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:600::485
2a04:4e42:600::729
2a06:98c1:3121::3
35.168.77.57
35.206.100.242
67.202.17.219
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0696bb3df09627caefc874274365ad085818ea01a24cacadd90064b78ed64aa4
0ed0d520e5505edd3862515a661448e740ce6446332f07e6046b190f12860485
1061bc2b7156ef50111328b1c2514fb441169f5c9738172fd399af2484f820c3
1d5b7c8173341b0b10ce103395950c54543e27284297bbc84f461dda3c994d01
224db2aed80c2f0d017ba0071d2b94d326404344f940f0ebc66139459c1e4a54
2451f34eb685958d0461a204f78cb21e61673b84ea677973434ec102cae2d37a
28b9f17b585b3722b4fc4883a2bb4e6c1ffc2be41e45081cbe3752bd752d02a4
313b31e0386c1b7afb16ad7bd2e78b526a04afe24cf6a12a9a4c1b1a3704d743
316a853bb4ac612ad41aedf4ba8958156b7e64295f2d0b2ede3c20a910928dff
35dda36cd657b41c621cbf4b4b4dd64e01d5dd41d27561b6a83c0c310239b1b5
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
433727b6e5f0b68d0449c3ff8a56cf5c4fcc7c0680b47f43e153693f9a49f8d9
43639d8ed64a965fb70c6b2d10de35dfd9d78271bd171c1512117818b14341e6
477f2c7acf54b2994c85f1a07720eb99f56979f5b134efb37a9ef84713c0e318
4791f9629b2ab03e00aa962848b886d9d8e709d5185fa2517b1ce4e97027f636
490205bd0e29007df27f327f3c888514d90b0b87f77d54f6a51f3329f0c8ed04
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
4e8cdf14e0d06b2e547b331a52fb1095975f29399a3ac571c42e71bc524cb29c
50e56f151aef3bbd8b38cc8c719ce1124f2cd3464e17f40d57a6f5d75fb5ee6a
59840057fa6c3dce397fb77e57175e62b75030fee7179abfd2075d3a5b6624e0
5cacdda23e5b945d4ea8105a92bc2c939c60b60fd4ea3c73a62421b76c03ba44
5e2e7102fcfd7598f2fb2c5cad061991a4581118a5c8bcd5a6ed21335e8c3f4b
650a554cda8e5c47d8b0d9575cddd6dde949f2eb1f55a5204a47f6dc88ef641f
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6de7afe40d5538cdec040c4b19366afbcd9f3b665610e288d0a9d87129524ce8
745e3aff27cb877bf82b96f90cda69d2b3ac83cb665e0d661b847606bf107df8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
7b7d5a7040c734484063484276d1643c07c1d8a88c2e4c54818bb6d5fedfd18d
7ccd3ac2b3e9256ef32e91ad965fcb391e7442af6a6815381656e5ecf058a49c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e7e84874d4184fb3713ccd3d5d638fea7c71097bac90f8d5e61b72a1fef48c9
7f982e420b3c266ea754b657025ecd71170366d0827bbf3b5204619a4cacbade
8253b8a5e5fbe53b9bff318355e6c91544ba707dc69c2ec3e8b89f4212168ced
856a174277bfd015478e39068c99c48cc89fb90a1e4455b432c83df720c715f3
86a006a77aaf44645501f4bb6c27813d095dbaddc18ec10087e08997ecca8854
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9eaba4ee4769286a5a60125fda070144c81cf2f3f24f23e4eece81d8dfeeb672
a2b6c34c5bc6983e8fecc9bf30f0cf13df801e7e2109579dea786fb86880bbe6
a4f0091d654925b99652679bd060c889704aa70aebd07e1322acda3d38014f02
aa7c94a4bc1ebba2597b8ac0f47a81f8b2ef0b5896f6bde14647e12ce1e7a252
ab75d2b0c8cc42eb0741c91c456679dd5fa0d6ea201ad0c7e50b06fe916f2c5d
ab9400a816d15900855f00f4dbb936346538a5713b06b4e23d2c2ad2404974e8
b060446306273b1f291d00493b29d7d5d635ba96f7bedbffc17d2b55aac1ff59
b771b570e60c8e50333e424783ca6cfa7b00b044ad6a169ee6b71f2760bf1c4b
bd62c8ef603489ab577f33c89fc4f91b36d534b6fe326b81bebd515ef66aca3e
bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
c10837bb6e05b2ecacadf51653245aad6b7a8f7bb7a6e546e9fa65e22472dd19
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cb34d2ee2a93fd11b734c124a6fc661339585c63382d08eb31bf921b66519eac
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd3c1595166bed4c540ff0ff17b5c9c7ee6c6b76b433c468bda71f06b59de584
d1bd27467c354f76309622e8ee3ccab8622ea35b8a68300911c48721db894641
d1d13b6e488425debec1aa7606609aa1516a288b6ef44948ccff360afdffd6e4
d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d8f9eba69a9dca06faf4573a308eaa7915c259cc634bde613aaf933aef89fa6e
dd33b485f1a4b9da75b12b4497f6621346981ea0a68ecfa0dd3773a546ccd592
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4882a153137cb8bf38a887cf83e5ccf1630b8ddbb3997ce719f3db11ce8e106
e4b22a674c4b9431ebe3fd474ef353534ada4bfc252d4a3236c2d6c964754f9d
ece7b4a6584431d0a25dbdc353c6cba44d3c63aa986a3a9efc2e78d6cb5e3c62
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f2977d78b07dcbf44fb3f20f331ffe29a94f94dbd6862a6f0dadb84aacec7be6
f4d9eb584be3bd82a980f5f35ab8e10d4803f53c80fda95912c778d4a566577c
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f56eec219c331da765c35568a9a8c420bee5121da53e4a69d10b3a61c882f22c

windowsavingsnow.com Open in urlscan Pro 35.206.100.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

77 %HTTPS

61 %IPv6

16 Domains

20 Subdomains

19 IPs

4 Countries

6651 kBTransfer

13754 kBSize

14 Cookies

0 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

windowsavingsnow.com Open in urlscan Pro
35.206.100.242 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

77 %
HTTPS

61 %
IPv6

16
Domains

20
Subdomains

19
IPs

4
Countries

6651 kB
Transfer

13754 kB
Size

14
Cookies

104 HTTP transactions
8 data transactions