changethewindows.com Open in urlscan Pro
173.201.179.249 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://changethewindows.com/
Submission Tags: @phishunt_io
Submission: On June 06 via api (June 6th 2023, 12:28:31 am UTC) from DE — Scanned from DE

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 18 domains to perform 52 HTTP transactions. The main IP is 173.201.179.249, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is changethewindows.com.

This is the only time changethewindows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	173.201.179.249 173.201.179.249	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
5	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 1	2400:52e0:1e0... 2400:52e0:1e00::1077:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	54.157.100.138 54.157.100.138	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.211.160.236 3.211.160.236	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:7e00:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
8	54.86.8.109 54.86.8.109	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	18.66.188.46 18.66.188.46	16509 (AMAZON-02) (AMAZON-02)
1	54.174.186.60 54.174.186.60	14618 (AMAZON-AES) (AMAZON-AES)
5	34.230.184.73 34.230.184.73	14618 (AMAZON-AES) (AMAZON-AES)
52	23

6 173.201.179.249 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 249.179.201.173.host.secureserver.net

changethewindows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1077:1 (Germany) 1 redirects

ASN200325 (BUNNYCDN, SI)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.firebase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.157.100.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-100-138.compute-1.amazonaws.com

ipgeolocation.abstractapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.160.236 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-160-236.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:7e00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.86.8.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-8-109.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.188.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-188-46.muc50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.174.186.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-186-60.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.230.184.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-184-73.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	leadid.com create.leadid.com — Cisco Umbrella Rank: 14721	5 KB
8	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 24495 cdn.trustedform.com — Cisco Umbrella Rank: 29417	42 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	577 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66 ajax.googleapis.com — Cisco Umbrella Rank: 398 firebase.googleapis.com — Cisco Umbrella Rank: 5658 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 533	36 KB
6	changethewindows.com changethewindows.com	1 MB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	81 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	193 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 15922	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1866	257 B
1	google.de www.google.de — Cisco Umbrella Rank: 5230	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 3	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 51	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 26077	39 KB
1	abstractapi.com ipgeolocation.abstractapi.com — Cisco Umbrella Rank: 74638	1 KB
1	firebase.com cdn.firebase.com — Cisco Umbrella Rank: 74857	42 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	2 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 11782	770 B
52	18

	Domain	Requested by
8	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
6	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
6	www.gstatic.com	changethewindows.com
6	changethewindows.com	changethewindows.com cdn.trustedform.com
5	cdnjs.cloudflare.com	changethewindows.com
3	www.googletagmanager.com	changethewindows.com www.gstatic.com www.googletagmanager.com
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	firebase.googleapis.com	www.gstatic.com
2	cdn.trustedform.com	changethewindows.com api.trustedform.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	changethewindows.com
1	www.google.com	changethewindows.com
1	fonts.gstatic.com	fonts.googleapis.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	create.lidstatic.com	changethewindows.com
1	ipgeolocation.abstractapi.com	ajax.googleapis.com
1	ajax.googleapis.com	changethewindows.com
1	cdn.firebase.com	changethewindows.com
1	cdn.jsdelivr.net	changethewindows.com
1	cdn.rawgit.com	1 redirects
1	fonts.googleapis.com	changethewindows.com
52	23

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.ratoong.com GTS CA 1D4	`2023-05-13` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
ipgeolocation.abstractapi.com Amazon RSA 2048 M02	`2023-04-23` - `2024-05-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-19`	8 months	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2023-02-22` - `2023-10-09`	8 months	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://changethewindows.com/
Frame ID: 582ABE857D671DE7212F76F6783028BC
Requests: 48 HTTP requests in this frame

Frame: http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=8D552222-0380-A3DD-6336-5C5583E28067&lac=5E5079D9-D129-D386-A96A-025690C9B696
Frame ID: 6FEEE0ECB9BAE938E644E473E844C7AE
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=8D552222-0380-A3DD-6336-5C5583E28067&lac=5E5079D9-D129-D386-A96A-025690C9B696
Frame ID: 2FDB686553D96FEBE43596EEA3D014C3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Change The Windows - Get a quote for your windows today

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

52
Requests

81 %
HTTPS

67 %
IPv6

18
Domains

23
Subdomains

23
IPs

2
Countries

2503 kB
Transfer

4006 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://cdn.rawgit.com/Eonasdan/bootstrap-datetimepicker/e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/bootstrap-datetimepicker.css HTTP 301
https://cdn.jsdelivr.net/gh/Eonasdan/bootstrap-datetimepicker@e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/bootstrap-datetimepicker.css

Request Chain 17

http://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860113055710.4253609963021352 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860113055710.4253609963021352

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
changethewindows.com/ 31 KB
10 KB 3179ms
172ms Document
text/html 173.201.179.249
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://changethewindows.com/
Protocol: HTTP/1.1
Server: 173.201.179.249 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 249.179.201.173.host.secureserver.net
Software: Apache /
Resource Hash: a7c5d1855afd2de991f08ca7848b53ee7bd10e4abfb4fbaa8051638513a90083

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 10398
Content-Type: text/html
Date: Tue, 06 Jun 2023 00:28:25 GMT
ETag: "1221f77-7c8a-5fd5280b06dec-gzip"
Keep-Alive: timeout=5
Last-Modified: Sun, 04 Jun 2023 19:07:51 GMT
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ 118 KB
16 KB 65ms
18ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1230586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16149
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-1d970"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMr6i2x8zXtk%2FC7DkVUAvF%2BUMTCAxV4t%2BcaeB7fleojVOCzqonzhPgzbsRXSIigHlnoWuj0nuVN9Ey%2FDCWlnQeWPGOxbK6MX1l5LnYoQgwwbMXDtN7hKYOFnEa7M9OI04zgq%2FplseqdrppiIeraaVf0A"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d2c89022ef12c25-FRA
expires: Sun, 26 May 2024 00:28:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 32 KB
2 KB 56ms
21ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,100,300,700,900|Open+Sans:400,300,600,700,800|Raleway:400,100,200,300,500,600,700,800,900

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b4aa33253c7ed3e3d361b9badc63d6447296bb2b97ba0b7b9c83adc7356e273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Jun 2023 00:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 00:28:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Jun 2023 00:28:25 GMT

GET
H2

200

bootstrap-datetimepicker.css
cdn.jsdelivr.net/gh/Eonasdan/bootstrap-datetimepicker@e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/
Redirect Chain

https://cdn.rawgit.com/Eonasdan/bootstrap-datetimepicker/e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/bootstrap-datetimepicker.css
https://cdn.jsdelivr.net/gh/Eonasdan/bootstrap-datetimepicker@e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/bootstrap-datetimepicker.css

9 KB
2 KB

64ms
8ms

Stylesheet
text/css

2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Eonasdan/bootstrap-datetimepicker@e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/bootstrap-datetimepicker.css

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ca124a8446a32ee80ea54dd30cff6bcc2e192537d77124554ffe5d8794682153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Jun 2023 00:28:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2331644
x-jsd-version: e8bddc60e73c1ec2475f827be36e1957af72e2ea
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1450
x-served-by: cache-fra-eddf8230028-FRA
x-jsd-version-type: commit
etag: W/"2348-HFXjyK2Bcqoa7e9+nOVQvsc3078"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

date: Tue, 06 Jun 2023 00:28:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 860
age: 53866
x-cache: MISS, HIT
cdn-cachedat: 06/06/2023 00:28:25
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 175
x-served-by: cache-fra-eddf8230044-FRA, cache-chi-kigq8000110-CHI
server: BunnyCDN-DE1-1077
cdn-proxyver: 1.03
cdn-requestpullcode: 301
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/gh/Eonasdan/bootstrap-datetimepicker@e8bddc60e73c1ec2475f827be36e1957af72e2ea/build/css/bootstrap-datetimepicker.css
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers: *
cache-control: public, max-age=2592000
cdn-cache: EXPIRED
cdn-requestid: e849ffa45fea5b3fc37807fb997f1bca
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 301
cdn-requestpullsuccess: True

GET
H/1.1 200
OK style01.css
changethewindows.com/ 8 KB
3 KB 161ms
159ms Stylesheet
text/css 173.201.179.249
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://changethewindows.com/style01.css
Requested by: Host: changethewindows.com
URL: http://changethewindows.com/
Protocol: HTTP/1.1
Server: 173.201.179.249 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 249.179.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 621dd30d0cba4be409ab8b00a8c9a5adf6bd4d755355f0ba9b85d5e80c1cc876

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 00:28:25 GMT
Content-Encoding: gzip
Last-Modified: Sun, 04 Jun 2023 13:32:08 GMT
Server: Apache
ETag: "1220bd9-2151-5fd4dd01242e1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2525

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 138 KB
54 KB 86ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-393417643

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbf3dd6d7f524d07835de716e437924d79db0e0c262d24214b9446e9e26d0594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:28:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54423
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Jun 2023 00:28:25 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 84 KB
27 KB 72ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1493288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27198
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1514f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3%2Fd4JOyoa7sILGipb54yZGtotx0sVhtxhcVXeP02zU668yAVAKuVwnStWnwUJI7icNe5AqY0F2BjZqnYyPaM4sDggiu2Xr52n7QVr%2BsftFIT4Ty2iIagt002BM5FMBNj%2FPmqC8NZwY1rK%2BfHudbEQQe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d2c89022ef32c25-FRA
expires: Sun, 26 May 2024 00:28:25 GMT

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 36 KB
9 KB 73ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2432805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8722
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-90b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNiUA8D%2FvTtTcRYQK5pMofG6e8cV8ANSz%2B0GKz3j3Js6Lwzf%2FuTabnPU9tFTYQnkrv9pUOjKj6hZGWb%2FvVD%2BCAcPtIGHc6J3PmuOs7ETOz%2FPoHmBeEFyIXPFvbdv0o74%2Ff5b5%2Fel58Je2caMxpIiagaX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d2c89022ef42c25-FRA
expires: Sun, 26 May 2024 00:28:25 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.15.1/ 58 KB
18 KB 67ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.15.1/moment.min.js

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0f22f979f0bf6aee2c234fae784d024cf82fda704ca81bbdfc88bf01f278578

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4680656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18261
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-e79d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTEz37JcDVtNJv2KP4A0knjl1BkGvpQzhIiKCysTh6tOaCGUZpcQwSMDMXh4t6cLKNmrE4pDGZVcFUT3ezSh%2B7cMVDfzbxTtbA21%2F%2B2tTga%2BBAbuZM6Wxi0HpW6fDBumZc3V0v7WiVAtHcObOaDfTzKK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d2c89022ef52c25-FRA
expires: Sun, 26 May 2024 00:28:25 GMT

GET
H2 200 bootstrap-datetimepicker.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap-datetimepicker/4.17.42/js/ 48 KB
11 KB 65ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datetimepicker/4.17.42/js/bootstrap-datetimepicker.min.js

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23cbc66640368cbd0fa6dc72241bdec0356a3577202217207aa8be183fdac37e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 13213383
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10594
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-be77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GW7Nj0rWkKUGbUYx6LIgfbKYuIQw9PsZWLcGhcf2B8qAEjGaZRAn3%2BJvjeDFEoX3XLlqFEHI8LKV4DZPhRlEPuG13P8nw4iUpoJ9GKt%2B0%2F83Y6zUrOdZzQcn2RQbXkKbbYSxKrq52PZ5Atb26icr6YSV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d2c89022ef62c25-FRA
expires: Sun, 26 May 2024 00:28:25 GMT

GET
H2 200 firebase.js Show response
cdn.firebase.com/js/client/2.2.1/ 126 KB
42 KB 68ms
10ms Script
application/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firebase.com/js/client/2.2.1/firebase.js

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

518b731b6199f76c37019787532becd97b039fac1c702f0796cee256b95755f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
date: Tue, 06 Jun 2023 00:28:25 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 42203
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Wed, 15 Jul 2020 22:46:44 GMT
x-timer: S1686011305.319693,VS0,VE0
etag: "3f28a52a4862dcf057748c28f09e4a9a6d501c1cdd4e794e84507a42f71378aa"
vary: x-fh-requested-host, accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=432000
accept-ranges: bytes
x-cache-hits: 8

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 49ms
15ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 20:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 20:49:40 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.3.0/ 382 KB
113 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.3.0/firebase.js

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8dffa3025ee2104b3cc6656fbc09a7efe9c8e48b702c6c2ff69305571ed9078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 20:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114634
x-xss-protection: 0
last-modified: Thu, 17 Aug 2017 21:11:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 20:59:19 GMT

GET
H/1.1 200
OK script.js Show response
changethewindows.com/ 19 KB
5 KB 161ms
160ms Script
application/javascript 173.201.179.249
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://changethewindows.com/script.js
Requested by: Host: changethewindows.com
URL: http://changethewindows.com/
Protocol: HTTP/1.1
Server: 173.201.179.249 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 249.179.201.173.host.secureserver.net
Software: Apache /
Resource Hash: be261186a68d902831940b85442b3eb7254950cbe1c3a74c6e948ace3e3a61f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 00:28:25 GMT
Content-Encoding: gzip
Last-Modified: Sun, 04 Jun 2023 19:07:54 GMT
Server: Apache
ETag: "1221f73-4dba-5fd5280de7f24-gzip"
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: application/javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 4489

GET
H/1.1 200
OK logon.png
changethewindows.com/ 25 KB
26 KB 161ms
158ms Image
image/png 173.201.179.249
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://changethewindows.com/logon.png
Requested by: Host: changethewindows.com
URL: http://changethewindows.com/
Protocol: HTTP/1.1
Server: 173.201.179.249 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 249.179.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 9c17b3f0528e078c89a2f7e0b38921e5bf3cf500c50b7ab5061f851c05f128b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 00:28:25 GMT
Last-Modified: Sun, 04 Jun 2023 12:46:56 GMT
Server: Apache
ETag: "12215d1-6527-5fd4d2e6493f1"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 25895

GET
H/1.1 200
OK mobile_photo.png
changethewindows.com/ 1 MB
1 MB 158ms
158ms Image
image/png 173.201.179.249
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://changethewindows.com/mobile_photo.png
Requested by: Host: changethewindows.com
URL: http://changethewindows.com/style01.css
Protocol: HTTP/1.1
Server: 173.201.179.249 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 249.179.201.173.host.secureserver.net
Software: Apache /
Resource Hash: f38e3888ded8df6b6c791571511f68dc3cb7a7be8a69c4120a8a056b2186902b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/style01.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 00:28:25 GMT
Last-Modified: Sun, 04 Jun 2023 12:47:00 GMT
Server: Apache
ETag: "1221f70-15dc1a-5fd4d2ea48f32"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1432602

GET
H2 200 / Show response
ipgeolocation.abstractapi.com/v1/ 977 B
1 KB 707ms
100ms XHR
application/json 54.157.100.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ipgeolocation.abstractapi.com/v1/?api_key=a1a67d84a2844af7827fb58fd737ed20

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.157.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-100-138.compute-1.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

49505a71fd15a51afb53369b8c665fc7934711ebe83a1b186d42ef9ff27116ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:28:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx/1.14.0 (Ubuntu)
vary: Cookie, Origin
allow: GET, HEAD, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: *
content-length: 977

GET
H/1.1 200
OK 8d552222-0380-a3dd-6336-5c5583e28067.js Show response
create.lidstatic.com/campaign/ 121 KB
39 KB 568ms
549ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2
Requested by: Host: changethewindows.com
URL: http://changethewindows.com/
Protocol: HTTP/1.1
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ad0e9cd92912ba49b04ee2bb1e3bba0be1573aa2df0ce52912005cbc69f549

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 00:28:26 GMT
x-amz-version-id: AwIr6Ex7rpZoWK8FXpeZb5d56meyrdmp
Content-Encoding: gzip
CF-Cache-Status: MISS
x-amz-request-id: Y8P7HM6K0RX7QM3S
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
x-amz-replication-status: COMPLETED
Connection: keep-alive
x-amz-id-2: wLMAfDGEsXBz14809JSok5NwshtFxqweaCcaCzXh8vaCqNRTxw+TESk6gzOVbEpyH6bSSDk7o4k=
Last-Modified: Fri, 12 May 2023 18:48:48 GMT
Server: cloudflare
ETag: W/"a97f637fe6e3a8df11aaf00a1cfa324a"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
CF-RAY: 7d2c8903fe4f1e31-FRA

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

http://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860113055710.4253609963021352
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860113055710.4253609963021352

7 KB
3 KB

469ms
116ms

Script
application/javascript

2600:9000:223d:7e00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860113055710.4253609963021352
Requested by: Host: changethewindows.com
URL: http://changethewindows.com/
Protocol: H2
Server: 2600:9000:223d:7e00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d95166940395c50be562fe538c85311002d62b83da8f68a8500be092f4bf98fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:28:27 GMT
x-amz-version-id: 3_b23spJZawDo2DonqGySoPkWa3Umuag
content-encoding: gzip
last-modified: Fri, 12 May 2023 16:55:50 GMT
server: AmazonS3
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"88ddf717f635b54023edd7480431e1d1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: Q0rpupyThCExXLBMrc9baeJoQfYcgo9zYynNJPULB5BPRyBntDFp7g==

Redirect headers

Location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860113055710.4253609963021352
Date: Tue, 06 Jun 2023 00:28:25 GMT
Server: awselb/2.0
Connection: keep-alive
Content-Length: 134
Content-Type: text/html

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/9.16.0/ 91 KB
20 KB 28ms
11ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.16.0/firebase-app.js

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb5f8a95267bd9904f7a3ce9d4fcdb0464d4dd5b3ae30bdbc770d1fb2288557e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://changethewindows.com/
Origin: http://changethewindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 14:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20625
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 22:17:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 May 2024 14:27:31 GMT

GET
H3 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/9.16.0/ 115 KB
33 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.16.0/firebase-auth.js

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0c85cca9f8e1200f830be60f65af83ba0da7761536769d466eea44cab90d76c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://changethewindows.com/
Origin: http://changethewindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 18:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33686
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 22:17:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 May 2024 18:11:19 GMT

GET
H3 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/9.16.0/ 24 KB
8 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.16.0/firebase-analytics.js

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7c33fc715ab1fdb85337108e51de9926cf1c52df75719fd519abefe6bd6b289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://changethewindows.com/
Origin: http://changethewindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 15:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8367
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 22:17:17 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 15:15:29 GMT

GET
H3 200 firebase-database.js Show response
www.gstatic.com/firebasejs/9.16.0/ 150 KB
43 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.16.0/firebase-database.js

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d6c12412c738a0728ff74bd0d196da6c3b692160dff500ac06355bc0a246d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://changethewindows.com/
Origin: http://changethewindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 08:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44394
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 22:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Jun 2024 08:48:47 GMT

GET
H3 200 firebase-firestore.js Show response
www.gstatic.com/firebasejs/9.16.0/ 314 KB
314 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.16.0/firebase-firestore.js

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7b7b321919dd9af22c94befea1dc176af4f5cf86b01b04d49d57e96f017be40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://changethewindows.com/
Origin: http://changethewindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 09:23:53 GMT
x-content-type-options: nosniff
age: 486272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 321294
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 22:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 May 2024 09:23:53 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/393417643/ 3 KB
2 KB 60ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/393417643/?random=1686011305586&cv=11&fst=1686011305586&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=http%3A%2F%2Fchangethewindows.com%2F&hn=www.googleadservices.com&frm=0&tiba=Change%20The%20Windows%20-%20Get%20a%20quote%20for%20your%20windows%20today&auid=703073683.1686011306&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-393417643

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bbfb919113cf577c4f11dc548914c0661ba5b172372e221b276c1fd934b7bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 00:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 35ms
10ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,100,300,700,900|Open+Sans:400,300,600,700,800|Raleway:400,100,200,300,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://changethewindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:19:21 GMT
x-content-type-options: nosniff
age: 508144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 May 2024 03:19:21 GMT

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:23653634552:web:b0957f39db7c75a9a1460d/ 349 B
428 B 30ms
28ms Fetch
application/json 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:23653634552:web:b0957f39db7c75a9a1460d/webConfig

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.16.0/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b3803ab430b2f89eb9ee1276b393e9595300ad4e26398329258daf7b8051e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: http://changethewindows.com/
x-goog-api-key: AIzaSyCphrXDEdlCXWUlrQnx_-IgXG5adMMU034
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://changethewindows.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 238
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:23653634552:web:b0957f39db7c75a9a1460d/ Frame 0
0 457ms
16ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:23653634552:web:b0957f39db7c75a9a1460d/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: http://changethewindows.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: http://changethewindows.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 06 Jun 2023 00:28:26 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/393417643/ 42 B
455 B 454ms
19ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/393417643/?random=1686011305586&cv=11&fst=1686009600000&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=http%3A%2F%2Fchangethewindows.com%2F&frm=0&tiba=Change%20The%20Windows%20-%20Get%20a%20quote%20for%20your%20windows%20today&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3359722044&rmt_tld=0&ipr=y

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 00:28:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/393417643/ 42 B
455 B 457ms
20ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/393417643/?random=1686011305586&cv=11&fst=1686009600000&bg=ffffff&guid=ON&async=1&gtm=45be35v0&u_w=1600&u_h=1200&url=http%3A%2F%2Fchangethewindows.com%2F&frm=0&tiba=Change%20The%20Windows%20-%20Get%20a%20quote%20for%20your%20windows%20today&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3359722044&rmt_tld=1&ipr=y

Requested by

Host: changethewindows.com
URL: http://changethewindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 00:28:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/surveys-4f320/ 619 B
684 B 277ms
276ms Fetch
application/json 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/surveys-4f320/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.16.0/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed22e71404fd96c55520c022cb8edc8fbd42ca7aca3a995008b5e4adfed89575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: http://changethewindows.com/
x-goog-api-key: AIzaSyCphrXDEdlCXWUlrQnx_-IgXG5adMMU034
accept-language: de-DE,de;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMSBmaXJlLWNvcmUtZXNtMjAxNy8wLjkuMSBmaXJlLWpzLyBmaXJlLWpzLWFsbC1jZG4vOS4xNi4wIGZpcmUtYXV0aC8wLjIxLjEgZmlyZS1hdXRoLWVzbTIwMTcvMC4yMS4xIGZpcmUtaWlkLzAuNi4xIGZpcmUtaWlkLWVzbTIwMTcvMC42LjEgZmlyZS1hbmFseXRpY3MvMC45LjEgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjkuMSBmaXJlLXJ0ZGIvMC4xNC4xIGZpcmUtcnRkYi1lc20yMDE3LzAuMTQuMSBmaXJlLWZzdC8zLjguMSBmaXJlLWZzdC1lc20yMDE3LzMuOC4xIiwiZGF0ZXMiOlsiMjAyMy0wNi0wNiJdfV19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Jun 2023 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://changethewindows.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 494
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/surveys-4f320/ Frame 0
0 444ms
16ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/surveys-4f320/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: http://changethewindows.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: http://changethewindows.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 06 Jun 2023 00:28:26 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.13/ 36 B
660 B 371ms
157ms XHR
text/plain 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/GenerateToken?msn=1&pid=c33a531f-5401-4693-a099-005cbfc90610&_=148985204

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b0d51e66a276140d872824ae5cc3e859d67af08cea0af63b097226ce9aefbd5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 00:28:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
70 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-SB6MFRQ40E

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.16.0/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3663d0f19b7946ce2a232ba320202cfb4fc4a7579517c28793a3a3d2d14939cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:28:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Jun 2023 00:28:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
70 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SB6MFRQ40E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-393417643

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe3c6cc082e7f3e3ec66c346dba5875d7b3b1732ab76263ba8857ad86774cdf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:28:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71405
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Jun 2023 00:28:26 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 43ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SB6MFRQ40E&gtm=45je35v0&_p=579333283&_fid=eyLm7VOs8rixSJh429zspK&cid=1558218354.1686011306&ul=en-us&sr=1600x1200&ngs=1&_s=1&sid=1686011306&sct=1&seg=0&dl=http%3A%2F%2Fchangethewindows.com%2F&dt=Change%20The%20Windows%20-%20Get%20a%20quote%20for%20your%20windows%20today&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-SB6MFRQ40E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 00:28:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://changethewindows.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 6FEE 3 KB
2 KB 49ms
6ms Document
text/html 18.66.188.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=8D552222-0380-A3DD-6336-5C5583E28067&lac=5E5079D9-D129-D386-A96A-025690C9B696

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

HTTP/1.1

Server

18.66.188.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-188-46.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://changethewindows.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 46184
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 05 Jun 2023 11:39:08 GMT
ETag: W/"643ec1f4-dbb"
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: UmYLhpYJotDt1GIzuDfTgBBGppVA2Dzdh5LaTB_s0xsZSl4Jau23rA==
X-Amz-Cf-Pop: MUC50-P1
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.13/ 0
623 B 96ms
95ms XHR
text/plain 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/SaveDom?msn=2&pid=c33a531f-5401-4693-a099-005cbfc90610&token=59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D&_=148985205

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 00:28:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.13/ 0
623 B 179ms
179ms XHR
text/plain 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/InitFormData?msn=3&pid=c33a531f-5401-4693-a099-005cbfc90610&token=59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D&_=148985206

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 00:28:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 2FDB 4 KB
2 KB 338ms
94ms Document
text/html 54.174.186.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=8D552222-0380-A3DD-6336-5C5583E28067&lac=5E5079D9-D129-D386-A96A-025690C9B696
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=8D552222-0380-A3DD-6336-5C5583E28067&lac=5E5079D9-D129-D386-A96A-025690C9B696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.186.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-186-60.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: http://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Tue, 06 Jun 2023 00:28:26 GMT
etag: W/"646ce712-1049"
expires: Wed, 07 Jun 2023 00:28:26 GMT
last-modified: Tue, 23 May 2023 16:17:22 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H2 200 Snap Show response
create.leadid.com/2.11.13/ 0
623 B 371ms
279ms XHR
text/plain 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/Snap?msn=4&pid=c33a531f-5401-4693-a099-005cbfc90610&token=59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D&_=148985207

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 00:28:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.13/ Frame 2FDB 0
626 B 280ms
96ms Script
text/javascript 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/SaveDeviceId.js?lac=5E5079D9-D129-D386-A96A-025690C9B696&lck=8D552222-0380-A3DD-6336-5C5583E28067&methods=48&token=59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D&uuid=4dfba2bc11b44d75a8f01984ee2fbbf7

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=8D552222-0380-A3DD-6336-5C5583E28067&lac=5E5079D9-D129-D386-A96A-025690C9B696

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:28:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 278ms
93ms XHR
application/json 34.230.184.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: http://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860113055710.4253609963021352
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.230.184.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-184-73.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 686585ed214091a5ab6e8c72f2636e8bb5b7cf694b353da950564172423956ce

Request headers

Referer: http://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jun 2023 00:28:27 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 trustedform-1.8.39.js Show response
cdn.trustedform.com/ 102 KB
37 KB 10ms
10ms Script
application/javascript 2600:9000:223d:7e00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Requested by: Host: api.trustedform.com
URL: http://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16860113055710.4253609963021352
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:7e00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: OadgesbszW_FbzYEqgjtb7SPpT8rHyZy
content-encoding: gzip
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
date: Tue, 06 Jun 2023 00:28:07 GMT
last-modified: Fri, 12 May 2023 16:55:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 21
etag: W/"9c2830f2c2e5b9cb27e0e7f151317cbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gVUYeavJwCzRIVEp7HShOx2EJpxj-bwTgumYCac3W5b34WBsKirPoA==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/cafccef386ccf28cfc0ad8f5328682e7c0dcd649/ 0
159 B 169ms
168ms XHR
text/plain 34.230.184.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/cafccef386ccf28cfc0ad8f5328682e7c0dcd649/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.230.184.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-184-73.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 06 Jun 2023 00:28:27 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H/1.1 200
OK logon.png
changethewindows.com/ 25 KB
26 KB 158ms
158ms Image
image/png 173.201.179.249
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://changethewindows.com/logon.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: HTTP/1.1
Server: 173.201.179.249 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 249.179.201.173.host.secureserver.net
Software: Apache /
Resource Hash: 9c17b3f0528e078c89a2f7e0b38921e5bf3cf500c50b7ab5061f851c05f128b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Tue, 06 Jun 2023 00:28:27 GMT
Last-Modified: Sun, 04 Jun 2023 12:46:56 GMT
Server: Apache
ETag: "12215d1-6527-5fd4d2e6493f1"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 25895

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/cafccef386ccf28cfc0ad8f5328682e7c0dcd649/ 0
159 B 179ms
179ms XHR
text/plain 34.230.184.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/cafccef386ccf28cfc0ad8f5328682e7c0dcd649/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.230.184.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-184-73.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 06 Jun 2023 00:28:27 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://changethewindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 204 events
api.trustedform.com/certs/cafccef386ccf28cfc0ad8f5328682e7c0dcd649/ 0
160 B 275ms
92ms Ping
text/plain 34.230.184.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/cafccef386ccf28cfc0ad8f5328682e7c0dcd649/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.230.184.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-184-73.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Jun 2023 00:28:27 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.13/ 0
623 B 95ms
94ms XHR
text/plain 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/InitFormData?msn=5&pid=c33a531f-5401-4693-a099-005cbfc90610&token=59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D&_=148985208

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 00:28:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.13/ 0
623 B 97ms
97ms XHR
text/plain 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/Snap?msn=6&pid=c33a531f-5401-4693-a099-005cbfc90610&token=59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D&_=148985209

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 00:28:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/cafccef386ccf28cfc0ad8f5328682e7c0dcd649/ 0
159 B 93ms
92ms XHR
text/plain 34.230.184.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/cafccef386ccf28cfc0ad8f5328682e7c0dcd649/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.39.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.230.184.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-184-73.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 06 Jun 2023 00:28:28 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 Snap Show response
create.leadid.com/2.11.13/ 0
623 B 371ms
280ms XHR
text/plain 54.86.8.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/Snap?msn=7&pid=c33a531f-5401-4693-a099-005cbfc90610&token=59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D&_=148985210

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/8d552222-0380-a3dd-6336-5c5583e28067.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.8.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-8-109.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://changethewindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Jun 2023 00:28:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.changethewindows.com/	1970-01-20 14:29:47	Name: _gcl_au Value: 1.1.703073683.1686011306
.doubleclick.net/	1970-01-20 12:20:12	Name: test_cookie Value: CheckForPermission
.changethewindows.com/	1970-01-20 21:56:11	Name: _ga_SB6MFRQ40E Value: GS1.1.1686011306.1.0.1686011306.0.0.0
.changethewindows.com/	1970-01-20 21:56:11	Name: _ga Value: GA1.1.1558218354.1686011306
changethewindows.com/	1970-01-20 12:20:12	Name: leadid_token-5E5079D9-D129-D386-A96A-025690C9B696-8D552222-0380-A3DD-6336-5C5583E28067 Value: 59C03E7B-0E17-2637-5AE9-FE5B0EB4EA0D
.deviceid.trueleadid.com/	1970-01-20 21:56:11	Name: uuid Value: 4dfba2bc11b44d75a8f01984ee2fbbf7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.trustedform.com
cdn.firebase.com
cdn.jsdelivr.net
cdn.rawgit.com
cdn.trustedform.com
cdnjs.cloudflare.com
changethewindows.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ipgeolocation.abstractapi.com
region1.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
151.101.65.195
173.201.179.249
18.66.188.46
2001:4860:4802:34::36
2400:52e0:1e00::1077:1
2600:9000:223d:7e00:1c:7f1a:6680:93a1
2606:4700:10::ac43:29e5
2606:4700::6811:190e
2a00:1450:4001:801::200a
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::200a
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
2a04:4e42::485
3.211.160.236
34.230.184.73
54.157.100.138
54.174.186.60
54.86.8.109
0b3803ab430b2f89eb9ee1276b393e9595300ad4e26398329258daf7b8051e56
23cbc66640368cbd0fa6dc72241bdec0356a3577202217207aa8be183fdac37e
28ad0e9cd92912ba49b04ee2bb1e3bba0be1573aa2df0ce52912005cbc69f549
3663d0f19b7946ce2a232ba320202cfb4fc4a7579517c28793a3a3d2d14939cf
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
49505a71fd15a51afb53369b8c665fc7934711ebe83a1b186d42ef9ff27116ad
518b731b6199f76c37019787532becd97b039fac1c702f0796cee256b95755f2
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
621dd30d0cba4be409ab8b00a8c9a5adf6bd4d755355f0ba9b85d5e80c1cc876
686585ed214091a5ab6e8c72f2636e8bb5b7cf694b353da950564172423956ce
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
7b4aa33253c7ed3e3d361b9badc63d6447296bb2b97ba0b7b9c83adc7356e273
7d6c12412c738a0728ff74bd0d196da6c3b692160dff500ac06355bc0a246d26
9bbfb919113cf577c4f11dc548914c0661ba5b172372e221b276c1fd934b7bdb
9c17b3f0528e078c89a2f7e0b38921e5bf3cf500c50b7ab5061f851c05f128b9
a7c5d1855afd2de991f08ca7848b53ee7bd10e4abfb4fbaa8051638513a90083
b0d51e66a276140d872824ae5cc3e859d67af08cea0af63b097226ce9aefbd5f
b8dffa3025ee2104b3cc6656fbc09a7efe9c8e48b702c6c2ff69305571ed9078
be261186a68d902831940b85442b3eb7254950cbe1c3a74c6e948ace3e3a61f3
ca124a8446a32ee80ea54dd30cff6bcc2e192537d77124554ffe5d8794682153
d0c85cca9f8e1200f830be60f65af83ba0da7761536769d466eea44cab90d76c
d7b7b321919dd9af22c94befea1dc176af4f5cf86b01b04d49d57e96f017be40
d7c33fc715ab1fdb85337108e51de9926cf1c52df75719fd519abefe6bd6b289
d95166940395c50be562fe538c85311002d62b83da8f68a8500be092f4bf98fd
e0f22f979f0bf6aee2c234fae784d024cf82fda704ca81bbdfc88bf01f278578
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5f8a95267bd9904f7a3ce9d4fcdb0464d4dd5b3ae30bdbc770d1fb2288557e
ed22e71404fd96c55520c022cb8edc8fbd42ca7aca3a995008b5e4adfed89575
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f38e3888ded8df6b6c791571511f68dc3cb7a7be8a69c4120a8a056b2186902b
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fbf3dd6d7f524d07835de716e437924d79db0e0c262d24214b9446e9e26d0594
fe3c6cc082e7f3e3ec66c346dba5875d7b3b1732ab76263ba8857ad86774cdf7
fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14

changethewindows.com Open in urlscan Pro 173.201.179.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

81 %HTTPS

67 %IPv6

18 Domains

23 Subdomains

23 IPs

2 Countries

2503 kBTransfer

4006 kBSize

6 Cookies

0 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

changethewindows.com Open in urlscan Pro
173.201.179.249 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

81 %
HTTPS

67 %
IPv6

18
Domains

23
Subdomains

23
IPs

2
Countries

2503 kB
Transfer

4006 kB
Size

6
Cookies

52 HTTP transactions
1 data transactions