low-e-replacementwindows.com Open in urlscan Pro
207.150.194.101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://swingiifestyle.com/r.php?t=c&d=27119&l=1410&c=14698
Effective URL:
https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=2945...
Submission: On January 14 via manual (January 14th 2021, 1:16:07 am UTC) from US

Summary HTTP 81 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 23 domains to perform 81 HTTP transactions. The main IP is 207.150.194.101, located in Austin, United States and belongs to HWSERVICES-32400, US. The main domain is low-e-replacementwindows.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 10th 2019. Valid for: 2 years.

This is the only time low-e-replacementwindows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.157.178.54 45.157.178.54	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
1	72.11.130.133 72.11.130.133	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
2 2	34.237.29.129 34.237.29.129	14618 (AMAZON-AES) (AMAZON-AES)
32	207.150.194.101 207.150.194.101	32400 (HWSERVICE...) (HWSERVICES-32400)
3	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	34.236.210.22 34.236.210.22	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:220... 2600:9000:2204:c000:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
6	34.203.158.217 34.203.158.217	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.214.177 143.204.214.177	16509 (AMAZON-02) (AMAZON-02)
81	21

1 45.157.178.54 (None, ) 1 redirects

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: v220201047002129792.powersrv.de

swingiifestyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.11.130.133 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: jocktorkshi.info

www.celspuvi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.29.129 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-29-129.compute-1.amazonaws.com

mrktrecord11.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trkstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 207.150.194.101 (Austin, United States)

ASN32400 (HWSERVICES-32400, US)
PTR: mail.EcDashboard.com

low-e-replacementwindows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hits.ecdashboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.236.210.22 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-210-22.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2204:c000:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.203.158.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-158-217.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.177 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-177.fra53.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	low-e-replacementwindows.com low-e-replacementwindows.com	878 KB
7	trustedform.com 1 redirects api.trustedform.com cdn.trustedform.com	28 KB
6	leadid.com create.leadid.com	2 KB
4	facebook.com 1 redirects www.facebook.com	976 B
4	gstatic.com fonts.gstatic.com	55 KB
3	google.de www.google.de	749 B
3	google.com www.google.com	527 B
3	bing.com bat.bing.com	9 KB
3	google-analytics.com www.google-analytics.com	53 KB
3	facebook.net connect.facebook.net	162 KB
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	4 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	ecdashboard.com hits.ecdashboard.com	4 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
2	googleadservices.com www.googleadservices.com	25 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net
1	atdmt.com cx.atdmt.com	639 B
1	lidstatic.com create.lidstatic.com	39 KB
1	ravenjs.com cdn.ravenjs.com	13 KB
1	trkstar.com 1 redirects trkstar.com	858 B
1	mrktrecord11.com 1 redirects mrktrecord11.com	303 B
1	celspuvi.com www.celspuvi.com	474 B
1	swingiifestyle.com 1 redirects swingiifestyle.com	408 B
81	23

	Domain	Requested by
30	low-e-replacementwindows.com	www.celspuvi.com low-e-replacementwindows.com cdn.trustedform.com
6	create.leadid.com	cdn.ravenjs.com
5	api.trustedform.com	1 redirects cdn.ravenjs.com
4	www.facebook.com	1 redirects low-e-replacementwindows.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google.de	low-e-replacementwindows.com
3	www.google.com	low-e-replacementwindows.com
3	bat.bing.com	low-e-replacementwindows.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdn.ravenjs.com
3	connect.facebook.net	low-e-replacementwindows.com connect.facebook.net
3	fonts.googleapis.com	low-e-replacementwindows.com
2	cdn.trustedform.com	low-e-replacementwindows.com api.trustedform.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	hits.ecdashboard.com	low-e-replacementwindows.com
2	www.googletagmanager.com	low-e-replacementwindows.com www.googletagmanager.com
2	www.googleadservices.com	low-e-replacementwindows.com www.googletagmanager.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	stats.g.doubleclick.net	cdn.ravenjs.com
1	cx.atdmt.com	low-e-replacementwindows.com
1	create.lidstatic.com	low-e-replacementwindows.com
1	cdn.ravenjs.com	low-e-replacementwindows.com
1	trkstar.com	1 redirects
1	mrktrecord11.com	1 redirects
1	www.celspuvi.com
1	swingiifestyle.com	1 redirects
81	25

This site contains links to these domains. Also see Links.

Domain
emailcompliancemanager.com

Subject Issuer	Validity	Valid
www.celspuvi.com Let's Encrypt Authority X3	`2020-11-08` - `2021-02-06`	3 months	crt.sh
low-e-replacementwindows.com Go Daddy Secure Certificate Authority - G2	`2019-11-10` - `2022-01-09`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
osff.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-29` - `2021-12-08`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.ecdashboard.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-07` - `2021-03-07`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2020-05-31` - `2021-05-31`	a year	crt.sh
cdn.trustedform.com Amazon	`2020-06-12` - `2021-07-12`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-12-04` - `2021-03-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
create.leadid.com Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
*.trustedform.com Amazon	`2020-11-11` - `2021-12-10`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Frame ID: 072A45A13B90CCB52F51AA6E967BD3B6
Requests: 80 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=B6559FE9-8FA6-8C1D-8C4F-D6D457209AAC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4
Frame ID: 7544509C44CEA15D2A2CB02FF06AFDCD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://swingiifestyle.com/r.php?t=c&d=27119&l=1410&c=14698 HTTP 302
https://www.celspuvi.com/OM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eL... Page URL
https://mrktrecord11.com/?E=hoYT3FUYacpFeJy8BJOLyGtbgnfjHgFmDbfaF54T%2fx8%3d&s1=161401&s2=582648577&s... HTTP 302
https://trkstar.com/?E=hoYT3FUYacpFeJy8BJOLyGtbgnfjHgFmDbfaF54T%2fx8%3d&s1=161401&s2=582648577&s... HTTP 302
https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offer... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

FancyBox (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i

Page Statistics

81
Requests

100 %
HTTPS

65 %
IPv6

23
Domains

25
Subdomains

21
IPs

6
Countries

1354 kB
Transfer

2452 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://emailcompliancemanager.com/rba/?1=1&ctkwd=22976&ecadid=161401
Title: contact us

Search URL Search Domain Scan URL

URL: http://emailcompliancemanager.com/rba/?1=1
Title: contact us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://swingiifestyle.com/r.php?t=c&d=27119&l=1410&c=14698 HTTP 302
https://www.celspuvi.com/OM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~/1410/27119/14698/60 Page URL
https://mrktrecord11.com/?E=hoYT3FUYacpFeJy8BJOLyGtbgnfjHgFmDbfaF54T%2fx8%3d&s1=161401&s2=582648577&s3=1410 HTTP 302
https://trkstar.com/?E=hoYT3FUYacpFeJy8BJOLyGtbgnfjHgFmDbfaF54T%2fx8%3d&s1=161401&s2=582648577&s3=1410&ckmguid=a0a890ee-e70b-453b-89f5-ba08d4f07831 HTTP 302
https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://swingiifestyle.com/r.php?t=c&d=27119&l=1410&c=14698 HTTP 302
https://www.celspuvi.com/OM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~/1410/27119/14698/60

Request Chain 37

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16105869441920.045021815457272796&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16105869441920.045021815457272796&invert_field_sensitivity=false

Request Chain 50

https://www.facebook.com/tr/?id=442453175949583&ev=PageView&dl=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&rl=https%3A%2F%2Fwww.celspuvi.com%2FOM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~%2F1410%2F27119%2F14698%2F60&if=false&ts=1610586944340&sw=1600&sh=1200&v=2.9.32&r=stable&ec=0&o=30&fbp=fb.1.1610586944315.939820029&it=1610586944246&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=11389204437618238068&f=AYyAlRLNOADPef2bL1rB63yfWCP5etSzhNE9MkyC3bxh3fCopJptJYlgNUAfQ7qKZlUBTc1GLr5zJIB2Q2RLqrT3&id=442453175949583&l=3&v=0

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set 60 Show response
www.celspuvi.com/OM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~/1410/27119/14698/
Redirect Chain

http://swingiifestyle.com/r.php?t=c&d=27119&l=1410&c=14698
https://www.celspuvi.com/OM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~/1410/27119/14698/60

170 B
474 B

1082ms
602ms

Document
text/html

72.11.130.133
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.celspuvi.com/OM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~/1410/27119/14698/60
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.11.130.133 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: jocktorkshi.info
Software: Apache /
Resource Hash: 1b0552009ca0b0e0f3459968e9433cf256cad349e33d2db8db6ac11d89d92397

Request headers

Host: www.celspuvi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:41 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 170
Server: Apache
Set-Cookie: uid3776=582648577-20210113201541-44d3def81b7f81f69bf8adb622ccebdf-; domain=celspuvi.com; expires=Sat, 13-Feb-2021 01:15:41 GMT; path=/; SameSite=None; Secure

Redirect headers

Date: Thu, 14 Jan 2021 01:15:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://www.celspuvi.com/OM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~/1410/27119/14698/60
Content-Length: 25
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Primary Request

Cookie set rbamsingle40.aspx Show response
low-e-replacementwindows.com/
Redirect Chain

https://mrktrecord11.com/?E=hoYT3FUYacpFeJy8BJOLyGtbgnfjHgFmDbfaF54T%2fx8%3d&s1=161401&s2=582648577&s3=1410
https://trkstar.com/?E=hoYT3FUYacpFeJy8BJOLyGtbgnfjHgFmDbfaF54T%2fx8%3d&s1=161401&s2=582648577&s3=1410&ckmguid=a0a890ee-e70b-453b-89f5-ba08d4f07831
https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

38 KB
13 KB

688ms
258ms

Document
text/html

207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Requested by: Host: www.celspuvi.com
URL: https://www.celspuvi.com/OM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~/1410/27119/14698/60
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b4cd2dd05c726a983cc5c46e452d8b6fdd711289e98951fd787ede181dd1b697

Request headers

Host: low-e-replacementwindows.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.celspuvi.com/OM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~/1410/27119/14698/60
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.celspuvi.com/OM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~/1410/27119/14698/60

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=xn530a2woyai33h2msasbnwt; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 14 Jan 2021 01:15:42 GMT
Content-Length: 13209

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Thu, 14 Jan 2021 01:15:41 GMT
Location: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sl=7G+p7Z4F3lHN92QS6sh0Cf9R7H5MOO0B/GtuURHe9nwtAlKvUm1Pkw==; domain=.trkstar.com; path=/; SameSite=None; secure; HttpOnly tfl=u8WiUnGo9Ix89zP32Y31av9R7H5MOO0B/GtuURHe9nwtAlKvUm1Pkw==; domain=.trkstar.com; expires=Tue, 13-Jan-2026 20:15:42 GMT; path=/; SameSite=None; secure; HttpOnly c31702=7G+p7Z4F3lFn7epJUGZonqlISuzUq7b2eKwocjNpG3bp3tpEimCygw==; domain=.trkstar.com; expires=Sat, 13-Feb-2021 01:15:42 GMT; path=/; SameSite=None; secure; HttpOnly
Content-Length: 275

GET
H2 200 css
fonts.googleapis.com/ 8 KB
832 B 39ms
17ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

167f812934de4a97aa53e7c4ad6e8e4c0a4c3b32d3636db3a71726479f380aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 01:15:43 GMT
server: ESF
date: Thu, 14 Jan 2021 01:15:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jan 2021 01:15:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:700

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95ef5b080ecf0e2726835bafef2613d3fd328832e84f81da38c5f4f26dab8755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jan 2021 23:15:53 GMT
server: ESF
date: Thu, 14 Jan 2021 01:15:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jan 2021 01:15:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
511 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,600,700,900

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e38b4085919e456f5f9861ba323952f1478e9dac662a3377c51db8f35fa894cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 00:32:58 GMT
server: ESF
date: Thu, 14 Jan 2021 01:15:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jan 2021 01:15:43 GMT

GET
H/1.1 200
OK bootstrap-m.min.css
low-e-replacementwindows.com/css/ 141 KB
20 KB 143ms
139ms Stylesheet
text/css 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://low-e-replacementwindows.com/css/bootstrap-m.min.css
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 15:47:57 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80f4d4d471c5d51:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 20531

GET
H/1.1 200
OK style-m-Sing2.css
low-e-replacementwindows.com/css/ 10 KB
3 KB 395ms
135ms Stylesheet
text/css 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://low-e-replacementwindows.com/css/style-m-Sing2.css
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e1f84aa453f86e094c8c6fe94cb988f4e6795895f638bf16f123d621b33b68d5

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Dec 2020 16:11:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "094ba33d2d61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2441

GET
H/1.1 200
OK icons5.css
low-e-replacementwindows.com/css/ 1 KB
949 B 408ms
135ms Stylesheet
text/css 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://low-e-replacementwindows.com/css/icons5.css
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b61e9a1003c55f654a8c711c33ca5afbf6076d6ec620e1149b5608e2f8c88f1b

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 May 2018 14:45:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "539d702692ebd31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 656

GET
H/1.1 200
OK jquery.fancybox.css
low-e-replacementwindows.com/scripts/lightbox/ 5 KB
2 KB 408ms
135ms Stylesheet
text/css 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://low-e-replacementwindows.com/scripts/lightbox/jquery.fancybox.css
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2017 13:27:07 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8087c85359a9d21:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1426

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
low-e-replacementwindows.com/scripts/ 122 KB
39 KB 532ms
259ms Script
application/javascript 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://low-e-replacementwindows.com/scripts/jquery-1.11.3.min.js
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7c12bcd32e7341ac42ed3d1bca791845b217c9aeedb6e5d2fe4d0ee035691e3c

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2017 13:27:05 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "805a975259a9d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 39455

GET
H/1.1 200
OK jquery.maskedinput.js Show response
low-e-replacementwindows.com/scripts/ 7 KB
3 KB 408ms
135ms Script
application/javascript 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://low-e-replacementwindows.com/scripts/jquery.maskedinput.js
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 66f4b78b6d602a8ef77322719b59a4d054a42bb3d07e9810afb61eeb2bfc5738

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2017 13:27:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0f12f5359a9d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2814

GET
H/1.1 200
OK jquery.fancybox.pack.js Show response
low-e-replacementwindows.com/scripts/lightbox/ 23 KB
9 KB 530ms
257ms Script
application/javascript 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://low-e-replacementwindows.com/scripts/lightbox/jquery.fancybox.pack.js
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2017 13:27:07 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8087c85359a9d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8646

GET
H/1.1 200
OK Functions.js Show response
low-e-replacementwindows.com/scripts/ 3 KB
1 KB 529ms
135ms Script
application/javascript 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://low-e-replacementwindows.com/scripts/Functions.js
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a5e0860aed3bbd75e1099af62088283a7c482e963d0558016d4c4c367acfc89e

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 12:55:28 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "020d047171d61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1104

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.25.1/ 36 KB
13 KB 41ms
13ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 9c2f66520befdb2169bc7bf9e5a5fcff65a6cfd13d3851ed501300a54ff3da0c

Request headers

Origin: https://low-e-replacementwindows.com
Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:15:43 GMT
content-encoding: gzip
last-modified: Fri, 11 May 2018 10:52:12 GMT
server: Fastly
age: 29538
etag: "4ec430b4503750456338547d547cc721"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 13527

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 85ms
32ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

12a1947e2cf4f9da7d3f11cb8b69a6dc1b4eec915612398ebad5019bc11ee684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11879
x-xss-protection: 0
server: cafe
etag: 17740049192423889369
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Jan 2021 01:15:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135317677-1

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fdc6fe9a666c1d4fbaa2c3651f52d30398dce735d694eb7390cdecf14d83e7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:15:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39020
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 00:54:02 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Jan 2021 01:15:44 GMT

GET
H/1.1 200
OK FP.js Show response
hits.ecdashboard.com/JS/ 14 KB
4 KB 569ms
135ms Script
application/javascript 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://hits.ecdashboard.com/JS/FP.js
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 07d81e29da2b847c60281b9e084fe58ddf894ba5c6a60f395adf10aa4ad3d405

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Mar 2020 12:52:41 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80f2d4c8daf6d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3840

GET
H/1.1 200
OK logo-renewal-horizontal-black-lg.png
low-e-replacementwindows.com/img/ 17 KB
17 KB 142ms
141ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/logo-renewal-horizontal-black-lg.png
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b14bbdc96b5aa570352e62257a63330c0464bfab797c51e0561a8dd7fc7d6b44

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:43 GMT
Last-Modified: Mon, 14 Dec 2020 16:11:01 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2739ab733d2d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 17377

GET
H/1.1 200
OK WebResource.axd Show response
low-e-replacementwindows.com/ 26 KB
7 KB 138ms
137ms Script
application/x-javascript 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://low-e-replacementwindows.com/WebResource.axd?d=nAEDFYEUZ6BJv0tGuPX4fIq6XERsN7coOlcY7KInH9z4_Q0vfJn9y72zcAZoTk-gK4KACq5NYg4v_-I2n692EADGx17VRfaawhIvtmJzBeQ1&t=637346628242505677
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Sep 2020 21:00:24 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 7228
Expires: Thu, 13 Jan 2022 09:37:06 GMT

GET
H/1.1 200
OK img-virtual-consult.jpg
low-e-replacementwindows.com/img/ 75 KB
75 KB 141ms
140ms Image
image/jpeg 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/img-virtual-consult.jpg
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ebca92594050101d0435019520be668e9649c970706f9f8bee34d27033821ff8

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:43 GMT
Last-Modified: Fri, 13 Nov 2020 18:51:22 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "85abd6faedb9d61:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 77023

GET
H/1.1 200
OK icon-bulb.png
low-e-replacementwindows.com/img/ 5 KB
5 KB 138ms
136ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/icon-bulb.png
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 99b6e82179397346bf1a4f001854c0875cbabc49b93e1997986224e87faa93c7

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:43 GMT
Last-Modified: Tue, 07 Jan 2020 15:48:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "91fb1edf71c5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4980

GET
H/1.1 200
OK icon-range.png
low-e-replacementwindows.com/img/ 14 KB
14 KB 260ms
258ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/icon-range.png
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3e07167ecda8fe70e9e2aad32dd829169f1e4370a62bc52c5363435a73c0ed3e

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:43 GMT
Last-Modified: Tue, 07 Jan 2020 15:48:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "28fcffde71c5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 14377

GET
H/1.1 200
OK icon-home.png
low-e-replacementwindows.com/img/ 3 KB
4 KB 137ms
135ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/icon-home.png
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 47d0df60c9715f118139bbc261912d76280085d72c99dbbd60248e29606cbc33

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:43 GMT
Last-Modified: Tue, 07 Jan 2020 15:48:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "69237df71c5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3360

GET
H/1.1 200
OK icon-reliable.png
low-e-replacementwindows.com/img/ 5 KB
5 KB 137ms
135ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/icon-reliable.png
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ed1f7e779188d22301b1fbf52192cad100f0162b0ce09e7737ea286362cd999f

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:43 GMT
Last-Modified: Tue, 07 Jan 2020 15:48:13 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "a9adf1de71c5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5303

GET
H/1.1 200
OK icon-check.png
low-e-replacementwindows.com/img/ 3 KB
3 KB 136ms
135ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/icon-check.png
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d8d02f8f49a72d63432ea99afbcf510f078a20d0ff4cdfb1b700708ed440326d

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:43 GMT
Last-Modified: Mon, 22 May 2017 16:34:45 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f5fd185219d3d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3002

GET
H/1.1 200
OK icon-service.png
low-e-replacementwindows.com/img/ 4 KB
4 KB 136ms
135ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/icon-service.png
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 580bea36f1a01dfb1a649cc8a79f761823c378b49e9b17e01e9fe01d68e69f0d

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:43 GMT
Last-Modified: Tue, 07 Jan 2020 15:48:13 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c1fce0de71c5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4119

GET
H/1.1 200
OK logo-footer.jpg
low-e-replacementwindows.com/img/ 19 KB
19 KB 259ms
258ms Image
image/jpeg 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/logo-footer.jpg
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8f316e4ded4e4d565dabaa1c86dd690678ca8e612070bceb5a09bb8af4bd19fc

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:43 GMT
Last-Modified: Mon, 26 Oct 2020 14:15:27 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "89a3074a2abd61:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 19361

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/874974045/ 3 KB
2 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874974045/?random=1610586944115&cv=9&fst=1610586944115&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&ref=https%3A%2F%2Fwww.celspuvi.com%2FOM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~%2F1410%2F27119%2F14698%2F60&tiba=Renewal%20By%20Andersen%20-%20Window%20Replacement&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e1ad06f9ca6e374dfb642d85141303eb879972adb29089f8e3172309c4678d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1202
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
24 KB 21ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-fb-rlafr: 0
pragma: public
x-fb-debug: 88kxDwS+TaKrDjH01conHoTVKtwkHTDuuXcPbhGd5wARL7j12RepMVFi5tVfFcdPvfnK0B+avMoQyJR/tHaOSQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 14 Jan 2021 01:15:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 204
No Content Track.aspx
hits.ecdashboard.com/ 0
234 B 137ms
137ms Image
text/html 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hits.ecdashboard.com/Track.aspx?EVTID=1547&ECCMP=4726%7C%7C22976%7C%7C161401%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C&ECUID=1610586944542.6997%7C%7C1/14/2021%202%3A15%3A44&AMT=0&cvid=&cvprm1=&cvprm2=&ECURL=https%3A//www.celspuvi.com/OM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw%7E%7E/1410/27119/14698/60%7C%7Chttps%3A//low-e-replacementwindows.com/rbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&ECSUP=%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C0%7C%7C&rnd=1610586944134.369&FH=true&CurURL=https%3A//low-e-replacementwindows.com/rbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&PT=Renewal%20By%20Andersen%20-%20Window%20Replacement&res=1600x1200&bws=Netscape
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:15:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Cache-Control: no-cache, no-store
Expires: -1

GET
H/1.1 200
OK hero4.jpg
low-e-replacementwindows.com/img/ 230 KB
231 KB 204ms
141ms Image
image/jpeg 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/hero4.jpg
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/css/style-m-Sing2.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4c4b65aabdd82950aa1ec56d130662fec9e99d1afc0cbb19f079525219db3a53

Request headers

Referer: https://low-e-replacementwindows.com/css/style-m-Sing2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:43 GMT
Last-Modified: Tue, 07 Jan 2020 15:48:15 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "99f8b9df71c5d51:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 235830

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://low-e-replacementwindows.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,600,700,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 11:59:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 566166
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Fri, 07 Jan 2022 11:59:38 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 13 KB
14 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://low-e-replacementwindows.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,600,700,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 12:32:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
age: 564173
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Fri, 07 Jan 2022 12:32:51 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://low-e-replacementwindows.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,600,700,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 07:00:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 152095
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Wed, 12 Jan 2022 07:00:49 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://low-e-replacementwindows.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,600,700,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 08:34:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 492098
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Sat, 08 Jan 2022 08:34:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135317677-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6243
date: Wed, 13 Jan 2021 23:31:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 14 Jan 2021 01:31:41 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 73ms
60ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-643051510&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135317677-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

481ed44da38bccec3a93ab9d5c3bdc69963c1573433db0a092107bd2e05bb6f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:15:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38982
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 00:54:02 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Jan 2021 01:15:44 GMT

GET
H2 200 eb4a05a4-8a53-c2b0-b337-640a489815f4.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 441ms
412ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c603264bc5d61a5a9b77474a252af2b685437c1ab19cb4e32a790767076a9bed

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:15:44 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: 4AC4B192B09E1F30
cf-ray: 611381f15e6e0742-FRA
x-amz-replication-status: COMPLETED
x-amz-id-2: wtkSm6FpxUZPzwjf1lKhPz3i9dVFJVFEmo1nlZD0EuAkt6Y6cx0BuFXDX9HS05MSg8qY2Bsz9Gw=
last-modified: Tue, 21 Apr 2020 15:46:29 GMT
server: cloudflare
etag: W/"c5f554594f6931a5b19d9b8d3377e901"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Lr6sHSpQ8Xu_nAOGDHeYIq3_.JjU7ClD
cache-control: max-age=1800
cf-request-id: 07a00f8adb00000742d7aff000000001
content-type: text/javascript

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16105869441920.045021815457272796&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16105869441920.045021815457272796&invert_field_sensitivity=false

14 KB
6 KB

263ms
220ms

Script
application/javascript

2600:9000:2204:c000:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16105869441920.045021815457272796&invert_field_sensitivity=false
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:c000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 549850451d6991309ae88bff54c17c94e594a8b04cb846e034732782d032dcc1

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:15:45 GMT
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 14:37:19 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
etag: W/"0a699d04879bd99dbc998f9b56c0111d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 575b0bfed88abe713ca72d1b4c29e4f3.cloudfront.net (CloudFront)
x-amz-version-id: 7BK7BvkEXLhjWR9ZJmnEu647ipHXYVp0
x-amz-cf-id: 4FUj1hmjkp4X-fYTm8jvqRrdBt_Z3QsE316-JOEz1cYs8yWZvkd0zQ==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16105869441920.045021815457272796&invert_field_sensitivity=false
date: Thu, 14 Jan 2021 01:15:44 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 46ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:15:44 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: 1FE9324F608343D2802D13EB0B94460F Ref B: FRAEDGE1310 Ref C: 2021-01-14T01:15:44Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H/1.1 200
OK hero1a.jpg
low-e-replacementwindows.com/img/ 253 KB
254 KB 139ms
139ms Image
image/jpeg 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/hero1a.jpg
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/css/style-m-Sing2.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7766879b4de58b922af39e8659c33fda7db5dab08782ea47fa3ffe1cc023dad9

Request headers

Referer: https://low-e-replacementwindows.com/css/style-m-Sing2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:43 GMT
Last-Modified: Tue, 07 Jan 2020 15:48:15 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "d0f616e071c5d51:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 259405

GET
H2 200 /
www.google.com/pagead/1p-user-list/874974045/ 42 B
154 B 21ms
19ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/874974045/?random=1610586944115&cv=9&fst=1610586000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&ref=https%3A%2F%2Fwww.celspuvi.com%2FOM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~%2F1410%2F27119%2F14698%2F60&tiba=Renewal%20By%20Andersen%20-%20Window%20Replacement&fmt=3&is_vtc=1&random=535885399&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:15:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/874974045/ 42 B
154 B 20ms
18ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/874974045/?random=1610586944115&cv=9&fst=1610586000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&ref=https%3A%2F%2Fwww.celspuvi.com%2FOM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~%2F1410%2F27119%2F14698%2F60&tiba=Renewal%20By%20Andersen%20-%20Window%20Replacement&fmt=3&is_vtc=1&random=535885399&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:15:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 448499548883718 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 45ms
45ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/448499548883718?v=2.9.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4403de74b0e19775f39d7f2f0ec6a247becc687f734fe9f2200ed96c83ca47dd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: iQccIrRW9y4azLJ6JwKUsGVFhDsVkWgngGlMmuo44KbmfPZkR7xKIUHpRZMLemgQFj4IHT14J6PVZIQcShZ2mg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 14 Jan 2021 01:15:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1572622009
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 85 KB
34 KB 49ms
47ms Script
application/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KQ7GNL5&t=gtag_UA_135317677_1&cid=416527408.1610586944

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b3b7d54741912eede74f05d9ca73d2046dd7e1679554c2f79230df6e4b52bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:15:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34487
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 00:54:02 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Jan 2021 01:15:44 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56111058&Ver=2&mid=bd303f87-6998-4e2d-bde3-c691f948f764&sid=066e0450560611eba17451e3aeec505e&vid=066ded70560611eba6d3818faa63897c&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Renewal%20By%20Andersen%20-%20Window%20Replacement&p=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&r=https%3A%2F%2Fwww.celspuvi.com%2FOM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~%2F1410%2F27119%2F14698%2F60&lt=2665&evt=pageLoad&msclkid=N&sv=1&rn=55496
Requested by: Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 14 Jan 2021 01:15:44 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 72404F94E4EC491AA4C785517456B7B1 Ref B: FRAEDGE1310 Ref C: 2021-01-14T01:15:44Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 45ms
30ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-643051510&l=dataLayer&cx=c

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e79436d1f00cd00ece18c935a3835b2db0dc1f36db9146ba08ea9b1bfefa2fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12183
x-xss-protection: 0
server: cafe
etag: 13630185657052990885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Jan 2021 01:15:44 GMT

GET
H2 200 442453175949583 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/442453175949583?v=2.9.32&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a3e1c3bc8be134b8f84455a47aaa523c4a697b5a83460de5d4a6684df313df1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70616
x-fb-rlafr: 0
pragma: public
x-fb-debug: yCdMMDzSSlVR9aK9TAvlAZSeGL14ewEf0aGdE1R5Ce0XA721ztHdJd3cbxvCmDw0lnArTOaEcq6dfcFW3RZhpw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 14 Jan 2021 01:15:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
x-content-id: 1554479922
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=448499548883718&ev=PageView&dl=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&rl=https%3A%2F%2Fwww.celspuvi.com%2FOM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~%2F1410%2F27119%2F14698%2F60&if=false&ts=1610586944316&sw=1600&sh=1200&v=2.9.32&r=stable&ec=0&o=30&fbp=fb.1.1610586944315.939820029&it=1610586944246&coo=false&rqm=GET

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:15:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 14 Jan 2021 01:15:44 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
176 B 14ms
14ms XHR
text/plain 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1541670007&t=pageview&_s=1&dl=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&dr=https%3A%2F%2Fwww.celspuvi.com%2FOM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~%2F1410%2F27119%2F14698%2F60&ul=en-us&de=UTF-8&dt=Renewal%20By%20Andersen%20-%20Window%20Replacement&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAUADQAAAAC~&jid=807786469&gjid=968871136&cid=416527408.1610586944&tid=UA-135317677-1&_gid=2027501256.1610586944&_r=1&gtm=2oubu0&z=40834367

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:15:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://low-e-replacementwindows.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/643051510/ 3 KB
2 KB 144ms
131ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/643051510/?random=1610586944333&cv=9&fst=1610586944333&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&ref=https%3A%2F%2Fwww.celspuvi.com%2FOM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~%2F1410%2F27119%2F14698%2F60&tiba=Renewal%20By%20Andersen%20-%20Window%20Replacement&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71584a23446d3187b63edba3b85d318cda89973396c291bdba9a9756d3c62a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1243
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=442453175949583&ev=PageView&dl=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26...
https://cx.atdmt.com/?c=11389204437618238068&f=AYyAlRLNOADPef2bL1rB63yfWCP5etSzhNE9MkyC3bxh3fCopJptJYlgNUAfQ7qKZlUBTc1GLr5zJIB2Q2RLqrT3&id=442453175949583&l=3&v=0

43 B
639 B

45ms
32ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=11389204437618238068&f=AYyAlRLNOADPef2bL1rB63yfWCP5etSzhNE9MkyC3bxh3fCopJptJYlgNUAfQ7qKZlUBTc1GLr5zJIB2Q2RLqrT3&id=442453175949583&l=3&v=0

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
x-fb-debug: 0EGP3oFtVgRGQwyntxtXNSF+u3mK4I9FIEgsLWz1BLdFqX8Vi1kt3tIQfJBCcSfUjiofOjJqC95jsF9iQZT3zQ==
content-encoding: br
x-content-type-options: nosniff
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 13 Jan 2021 17:15:44 PST
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-fb-rlafr: 0
expires: Wed, 13 Jan 2021 17:15:44 PST

Redirect headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:15:44 GMT
server: proxygen-bolt
content-type: text/plain
location: https://cx.atdmt.com/?c=11389204437618238068&f=AYyAlRLNOADPef2bL1rB63yfWCP5etSzhNE9MkyC3bxh3fCopJptJYlgNUAfQ7qKZlUBTc1GLr5zJIB2Q2RLqrT3&id=442453175949583&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
97 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-135317677-1&cid=416527408.1610586944&jid=807786469&gjid=968871136&_gid=2027501256.1610586944&_u=KGBAAUACQAAAAC~&z=49841687

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 14 Jan 2021 01:15:44 GMT
content-type: text/plain
access-control-allow-origin: https://low-e-replacementwindows.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
261 B 18ms
17ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-135317677-1&cid=416527408.1610586944&jid=807786469&_u=KGBAAUACQAAAAC~&z=139778150

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:15:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 39ms
24ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-135317677-1&cid=416527408.1610586944&jid=807786469&_u=KGBAAUACQAAAAC~&z=139778150

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:15:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/643051510/ 42 B
112 B 21ms
20ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/643051510/?random=1610586944333&cv=9&fst=1610586000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&ref=https%3A%2F%2Fwww.celspuvi.com%2FOM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~%2F1410%2F27119%2F14698%2F60&tiba=Renewal%20By%20Andersen%20-%20Window%20Replacement&async=1&fmt=3&is_vtc=1&random=3726248177&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:15:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/643051510/ 42 B
112 B 19ms
19ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/643051510/?random=1610586944333&cv=9&fst=1610586000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&ref=https%3A%2F%2Fwww.celspuvi.com%2FOM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~%2F1410%2F27119%2F14698%2F60&tiba=Renewal%20By%20Andersen%20-%20Window%20Replacement&async=1&fmt=3&is_vtc=1&random=3726248177&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: low-e-replacementwindows.com
URL: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:15:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.7.0/ 36 B
333 B 361ms
151ms XHR
text/plain 34.203.158.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/GenerateToken?msn=1&pid=caa3e878-cc99-4b60-ad1e-eb6f652fd4bc&_=993826837
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.158.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-158-217.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: 32316d2711ea07d5bf74d6736941d0661750cb2594f41b7b36f8e83d24d13f9d

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jan 2021 01:15:44 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 751 B
962 B 300ms
101ms XHR
application/json 34.236.210.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.210.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-210-22.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 25d1e74c9f8d2e194eff32bbefddc8fcc883753d3bcf0a231f16c93f1ebb0a1a

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Jan 2021 01:15:45 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 751

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 7544 0
0 75ms
22ms Document
text/html 143.204.214.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=B6559FE9-8FA6-8C1D-8C4F-D6D457209AAC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.7.0&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.177 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-177.fra53.r.cloudfront.net
Software: nginx/1.17.6 /
Resource Hash

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 13 Jan 2021 07:32:59 GMT
Server: nginx/1.17.6
Last-Modified: Sun, 10 Jan 2021 15:43:26 GMT
ETag: W/"5ffb209e-dbc"
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: VSkXIFdgciEuHirS6GSf07VX-Cigju60QkCIN0k7OK9WtHyt4-m4ag==
Age: 63766

POST
H2 200 SaveDom Show response
create.leadid.com/2.7.0/ 0
298 B 104ms
103ms XHR
text/plain 34.203.158.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/SaveDom?msn=2&pid=caa3e878-cc99-4b60-ad1e-eb6f652fd4bc&token=B6559FE9-8FA6-8C1D-8C4F-D6D457209AAC&_=993826838
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.158.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-158-217.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jan 2021 01:15:45 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.7.0/ 0
298 B 107ms
107ms XHR
text/plain 34.203.158.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/InitFormData?msn=3&pid=caa3e878-cc99-4b60-ad1e-eb6f652fd4bc&token=B6559FE9-8FA6-8C1D-8C4F-D6D457209AAC&_=993826839
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.158.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-158-217.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jan 2021 01:15:45 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 trustedform-1.2.8.js Show response
cdn.trustedform.com/ 58 KB
21 KB 25ms
25ms Script
application/javascript 2600:9000:2204:c000:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.2.8.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16105869441920.045021815457272796&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:c000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7f2472004ffef2ee77e6ac62d5f364dd29238c236c429261e430022b3af8456

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: dMDd1la1NHRl73XXKORDdfWlIESiR47Q
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 14:37:08 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
etag: W/"34fb69297d78329951f526e34fdbe301"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 575b0bfed88abe713ca72d1b4c29e4f3.cloudfront.net (CloudFront)
date: Thu, 14 Jan 2021 01:15:45 GMT
x-amz-cf-id: ntc29vX2kFG3bcJD_AM8iXiIO9WgmnsOnIX83r23diIMsq4AV2EqCA==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/5db4e55cd9b5bd4343245e6844dcd3da7421d471/ 0
159 B 145ms
144ms XHR
text/plain 34.236.210.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/5db4e55cd9b5bd4343245e6844dcd3da7421d471/snapshot
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.210.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-210-22.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 14 Jan 2021 01:15:45 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H/1.1 200
OK logo-renewal-horizontal-black-lg.png
low-e-replacementwindows.com/img/ 17 KB
17 KB 138ms
136ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/logo-renewal-horizontal-black-lg.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b14bbdc96b5aa570352e62257a63330c0464bfab797c51e0561a8dd7fc7d6b44

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:44 GMT
Last-Modified: Mon, 14 Dec 2020 16:11:01 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2739ab733d2d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 17377

GET
H/1.1 200
OK img-virtual-consult.jpg
low-e-replacementwindows.com/img/ 75 KB
75 KB 139ms
137ms Image
image/jpeg 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/img-virtual-consult.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ebca92594050101d0435019520be668e9649c970706f9f8bee34d27033821ff8

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:44 GMT
Last-Modified: Fri, 13 Nov 2020 18:51:22 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "85abd6faedb9d61:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 77023

GET
H/1.1 200
OK icon-bulb.png
low-e-replacementwindows.com/img/ 5 KB
5 KB 139ms
137ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/icon-bulb.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 99b6e82179397346bf1a4f001854c0875cbabc49b93e1997986224e87faa93c7

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:44 GMT
Last-Modified: Tue, 07 Jan 2020 15:48:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "91fb1edf71c5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4980

GET
H/1.1 200
OK icon-range.png
low-e-replacementwindows.com/img/ 14 KB
14 KB 141ms
139ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/icon-range.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3e07167ecda8fe70e9e2aad32dd829169f1e4370a62bc52c5363435a73c0ed3e

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:44 GMT
Last-Modified: Tue, 07 Jan 2020 15:48:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "28fcffde71c5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 14377

GET
H/1.1 200
OK icon-home.png
low-e-replacementwindows.com/img/ 3 KB
4 KB 139ms
137ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/icon-home.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 47d0df60c9715f118139bbc261912d76280085d72c99dbbd60248e29606cbc33

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:44 GMT
Last-Modified: Tue, 07 Jan 2020 15:48:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "69237df71c5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3360

GET
H/1.1 200
OK icon-reliable.png
low-e-replacementwindows.com/img/ 5 KB
5 KB 140ms
138ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/icon-reliable.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ed1f7e779188d22301b1fbf52192cad100f0162b0ce09e7737ea286362cd999f

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:44 GMT
Last-Modified: Tue, 07 Jan 2020 15:48:13 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "a9adf1de71c5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5303

GET
H/1.1 200
OK icon-check.png
low-e-replacementwindows.com/img/ 3 KB
3 KB 141ms
136ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/icon-check.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d8d02f8f49a72d63432ea99afbcf510f078a20d0ff4cdfb1b700708ed440326d

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:44 GMT
Last-Modified: Mon, 22 May 2017 16:34:45 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f5fd185219d3d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3002

GET
H/1.1 200
OK icon-service.png
low-e-replacementwindows.com/img/ 4 KB
4 KB 139ms
137ms Image
image/png 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/icon-service.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 580bea36f1a01dfb1a649cc8a79f761823c378b49e9b17e01e9fe01d68e69f0d

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:44 GMT
Last-Modified: Tue, 07 Jan 2020 15:48:13 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c1fce0de71c5d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4119

GET
H/1.1 200
OK logo-footer.jpg
low-e-replacementwindows.com/img/ 19 KB
19 KB 139ms
137ms Image
image/jpeg 207.150.194.101
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://low-e-replacementwindows.com/img/logo-footer.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 207.150.194.101 Austin, United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: mail.EcDashboard.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8f316e4ded4e4d565dabaa1c86dd690678ca8e612070bceb5a09bb8af4bd19fc

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:15:44 GMT
Last-Modified: Mon, 26 Oct 2020 14:15:27 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "89a3074a2abd61:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 19361

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/5db4e55cd9b5bd4343245e6844dcd3da7421d471/ 0
159 B 140ms
140ms XHR
text/plain 34.236.210.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/5db4e55cd9b5bd4343245e6844dcd3da7421d471/fingerprints
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.210.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-210-22.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 14 Jan 2021 01:15:45 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H2 204 0
bat.bing.com/action/ 0
117 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56111058&Ver=2&mid=bd303f87-6998-4e2d-bde3-c691f948f764&sid=066e0450560611eba17451e3aeec505e&vid=066ded70560611eba6d3818faa63897c&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Renewal%20By%20Andersen%20-%20Window%20Replacement&p=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&r=https%3A%2F%2Fwww.celspuvi.com%2FOM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~%2F1410%2F27119%2F14698%2F60&lt=2665&evt=pageLoad&msclkid=N&sv=1&rn=55496
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 14 Jan 2021 01:15:45 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 0DC844CBDDC64A5BBE91F7F0745CC259 Ref B: FRAEDGE1310 Ref C: 2021-01-14T01:15:45Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.7.0/ 0
298 B 104ms
104ms XHR
text/plain 34.203.158.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/InitFormData?msn=4&pid=caa3e878-cc99-4b60-ad1e-eb6f652fd4bc&token=B6559FE9-8FA6-8C1D-8C4F-D6D457209AAC&_=993826840
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.158.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-158-217.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jan 2021 01:15:45 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 379ms
263ms XHR
text/plain 34.203.158.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=5&pid=caa3e878-cc99-4b60-ad1e-eb6f652fd4bc&token=B6559FE9-8FA6-8C1D-8C4F-D6D457209AAC&_=993826841
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.158.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-158-217.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jan 2021 01:15:46 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=448499548883718&ev=Microdata&dl=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&rl=https%3A%2F%2Fwww.celspuvi.com%2FOM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~%2F1410%2F27119%2F14698%2F60&if=false&ts=1610586945819&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtRenewal%20By%20Andersen%20-%20Window%20Replacement%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.32&r=stable&ec=1&o=30&fbp=fb.1.1610586944315.939820029&it=1610586944246&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:15:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 14 Jan 2021 01:15:45 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=442453175949583&ev=Microdata&dl=https%3A%2F%2Flow-e-replacementwindows.com%2Frbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490&rl=https%3A%2F%2Fwww.celspuvi.com%2FOM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw~~%2F1410%2F27119%2F14698%2F60&if=false&ts=1610586945842&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtRenewal%20By%20Andersen%20-%20Window%20Replacement%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.32&r=stable&ec=1&o=30&fbp=fb.1.1610586944315.939820029&it=1610586944246&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:15:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 14 Jan 2021 01:15:45 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.7.0/ 0
298 B 266ms
265ms XHR
text/plain 34.203.158.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.7.0/Snap?msn=6&pid=caa3e878-cc99-4b60-ad1e-eb6f652fd4bc&token=B6559FE9-8FA6-8C1D-8C4F-D6D457209AAC&_=993826842
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.158.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-158-217.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jan 2021 01:15:46 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/5db4e55cd9b5bd4343245e6844dcd3da7421d471/ 0
159 B 101ms
101ms XHR
text/plain 34.236.210.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/5db4e55cd9b5bd4343245e6844dcd3da7421d471/events
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.210.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-210-22.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://low-e-replacementwindows.com/rbamsingle40.aspx?ctcampaign=4726&ctsource=0&ctkwd=22976&ecadid=161401&Offerid=31702&reqses=294549490
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 14 Jan 2021 01:15:46 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.low-e-replacementwindows.com/	1970-01-19 17:32:42	Name: _fbp Value: fb.1.1610586944315.939820029
.low-e-replacementwindows.com/	1970-01-19 15:24:33	Name: _gid Value: GA1.2.2027501256.1610586944
.low-e-replacementwindows.com/	1970-01-19 16:49:30	Name: EC_SUP Value: %7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C0%7C%7C
.low-e-replacementwindows.com/	1970-01-19 16:49:30	Name: EC_URL Value: https%3A//www.celspuvi.com/OM91roa3UmHdVS8IlU5PRSwksTNgDUpJDBLGGRxC83xTbydz9SSnM3bPB_q-ZCyt2SJyLP_th7eLVwJ1GtsUJw%7E%7E/1410/27119/14698/60%7C%7Chttps%3A//low-e-replacementwindows.com/rbamsingle40.aspx%3Fctcampaign%3D4726%26ctsource%3D0%26ctkwd%3D22976%26ecadid%3D161401%26Offerid%3D31702%26reqses%3D294549490
.low-e-replacementwindows.com/	1970-01-20 08:54:18	Name: _ga Value: GA1.2.416527408.1610586944
.low-e-replacementwindows.com/	1970-01-19 16:49:30	Name: EC_CMP Value: 4726%7C%7C22976%7C%7C161401%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.low-e-replacementwindows.com/	1970-01-19 15:24:33	Name: _uetsid Value: 066e0450560611eba17451e3aeec505e
.low-e-replacementwindows.com/	1970-01-19 16:49:30	Name: EC_UID Value: 1610586944542.6997%7C%7C1/14/2021%202%3A15%3A44
.low-e-replacementwindows.com/	1970-01-19 15:23:07	Name: _gat_gtag_UA_135317677_1 Value: 1
.low-e-replacementwindows.com/	1970-01-19 15:46:30	Name: _uetvid Value: 066ded70560611eba6d3818faa63897c
low-e-replacementwindows.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: xn530a2woyai33h2msasbnwt

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
bat.bing.com
cdn.ravenjs.com
cdn.trustedform.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
cx.atdmt.com
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hits.ecdashboard.com
low-e-replacementwindows.com
mrktrecord11.com
stats.g.doubleclick.net
swingiifestyle.com
trkstar.com
www.celspuvi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
143.204.214.177
172.217.16.130
207.150.194.101
2600:9000:2204:c000:1c:7f1a:6680:93a1
2606:4700:10::ac43:29e5
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:806::2003
2a00:1450:4001:816::2008
2a00:1450:4001:816::200e
2a00:1450:4001:820::2002
2a00:1450:4001:821::200a
2a00:1450:400c:c0c::9c
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::729
34.203.158.217
34.236.210.22
34.237.29.129
45.157.178.54
72.11.130.133
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
07d81e29da2b847c60281b9e084fe58ddf894ba5c6a60f395adf10aa4ad3d405
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12a1947e2cf4f9da7d3f11cb8b69a6dc1b4eec915612398ebad5019bc11ee684
167f812934de4a97aa53e7c4ad6e8e4c0a4c3b32d3636db3a71726479f380aa9
1b0552009ca0b0e0f3459968e9433cf256cad349e33d2db8db6ac11d89d92397
25d1e74c9f8d2e194eff32bbefddc8fcc883753d3bcf0a231f16c93f1ebb0a1a
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
32316d2711ea07d5bf74d6736941d0661750cb2594f41b7b36f8e83d24d13f9d
3e07167ecda8fe70e9e2aad32dd829169f1e4370a62bc52c5363435a73c0ed3e
4403de74b0e19775f39d7f2f0ec6a247becc687f734fe9f2200ed96c83ca47dd
47d0df60c9715f118139bbc261912d76280085d72c99dbbd60248e29606cbc33
481ed44da38bccec3a93ab9d5c3bdc69963c1573433db0a092107bd2e05bb6f4
4c4b65aabdd82950aa1ec56d130662fec9e99d1afc0cbb19f079525219db3a53
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549850451d6991309ae88bff54c17c94e594a8b04cb846e034732782d032dcc1
580bea36f1a01dfb1a649cc8a79f761823c378b49e9b17e01e9fe01d68e69f0d
5b3b7d54741912eede74f05d9ca73d2046dd7e1679554c2f79230df6e4b52bdf
5e79436d1f00cd00ece18c935a3835b2db0dc1f36db9146ba08ea9b1bfefa2fc
66f4b78b6d602a8ef77322719b59a4d054a42bb3d07e9810afb61eeb2bfc5738
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
71584a23446d3187b63edba3b85d318cda89973396c291bdba9a9756d3c62a29
7766879b4de58b922af39e8659c33fda7db5dab08782ea47fa3ffe1cc023dad9
7c12bcd32e7341ac42ed3d1bca791845b217c9aeedb6e5d2fe4d0ee035691e3c
7e1ad06f9ca6e374dfb642d85141303eb879972adb29089f8e3172309c4678d5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f316e4ded4e4d565dabaa1c86dd690678ca8e612070bceb5a09bb8af4bd19fc
95ef5b080ecf0e2726835bafef2613d3fd328832e84f81da38c5f4f26dab8755
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
99b6e82179397346bf1a4f001854c0875cbabc49b93e1997986224e87faa93c7
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9c2f66520befdb2169bc7bf9e5a5fcff65a6cfd13d3851ed501300a54ff3da0c
a3e1c3bc8be134b8f84455a47aaa523c4a697b5a83460de5d4a6684df313df1a
a5e0860aed3bbd75e1099af62088283a7c482e963d0558016d4c4c367acfc89e
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
b14bbdc96b5aa570352e62257a63330c0464bfab797c51e0561a8dd7fc7d6b44
b4cd2dd05c726a983cc5c46e452d8b6fdd711289e98951fd787ede181dd1b697
b61e9a1003c55f654a8c711c33ca5afbf6076d6ec620e1149b5608e2f8c88f1b
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
c603264bc5d61a5a9b77474a252af2b685437c1ab19cb4e32a790767076a9bed
d8d02f8f49a72d63432ea99afbcf510f078a20d0ff4cdfb1b700708ed440326d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1f84aa453f86e094c8c6fe94cb988f4e6795895f638bf16f123d621b33b68d5
e38b4085919e456f5f9861ba323952f1478e9dac662a3377c51db8f35fa894cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ebca92594050101d0435019520be668e9649c970706f9f8bee34d27033821ff8
ed1f7e779188d22301b1fbf52192cad100f0162b0ce09e7737ea286362cd999f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f7f2472004ffef2ee77e6ac62d5f364dd29238c236c429261e430022b3af8456
fdc6fe9a666c1d4fbaa2c3651f52d30398dce735d694eb7390cdecf14d83e7c8

low-e-replacementwindows.com Open in urlscan Pro 207.150.194.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

100 %HTTPS

65 %IPv6

23 Domains

25 Subdomains

21 IPs

6 Countries

1354 kBTransfer

2452 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

low-e-replacementwindows.com Open in urlscan Pro
207.150.194.101 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

100 %
HTTPS

65 %
IPv6

23
Domains

25
Subdomains

21
IPs

6
Countries

1354 kB
Transfer

2452 kB
Size

11
Cookies

81 HTTP transactions
0 data transactions