urlscan.io logo urlscan.io
SecurityTrails logo

window-replacement-us-043024fb.info Open in urlscan Pro
104.17.157.1  Public Scan

Go To Rescan Add Verdict Report
URL: https://window-replacement-us-043024fb.info/
Submission Tags: @phishunt_io
Submission: On April 30 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 39 HTTP transactions. The main IP is 104.17.157.1, located in and belongs to CLOUDFLARENET, US. The main domain is window-replacement-us-043024fb.info.
TLS certificate: Issued by E1 on April 30th 2024. Valid for: 3 months.
This is the only time window-replacement-us-043024fb.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    104.17.157.1 (None, )

ASN13335 (CLOUDFLARENET, US)
window-replacement-us-043024fb.info
1    2600:9000:21da:a400:e:52c5:2040:93a1 (United States)

ASN16509 (AMAZON-02, US)
ob.system1onesource.com
6    108.139.29.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-41.jfk50.r.cloudfront.net
s.flocdn.com
5    2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.system1onesource.com
4    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    142.251.40.100 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f4.1e100.net
www.google.com
6    142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
googleads.g.doubleclick.net
3    172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f2.1e100.net
www.googleadservices.com
1    142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
partner.googleadservices.com
3    2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)
www.adsensecustomsearchads.com
2    3.212.202.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-202-92.compute-1.amazonaws.com
soflopxl.com
Apex Domain
Subdomains		 Transfer
7 google.com
www.google.com — Cisco Umbrella Rank: 2
73 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
4 KB
6 flocdn.com
s.flocdn.com — Cisco Umbrella Rank: 38790
564 KB
6 system1onesource.com
ob.system1onesource.com — Cisco Umbrella Rank: 34084
obs.system1onesource.com — Cisco Umbrella Rank: 31468
40 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 123
partner.googleadservices.com — Cisco Umbrella Rank: 5033
5 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
315 KB
3 adsensecustomsearchads.com
www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2791
1 KB
2 soflopxl.com
soflopxl.com — Cisco Umbrella Rank: 22533
413 B
2 window-replacement-us-043024fb.info
window-replacement-us-043024fb.info
3 KB
39 9
Domain Requested by
7 www.google.com s.flocdn.com
window-replacement-us-043024fb.info
6 googleads.g.doubleclick.net 3 redirects www.googletagmanager.com
6 s.flocdn.com window-replacement-us-043024fb.info
s.flocdn.com
5 obs.system1onesource.com ob.system1onesource.com
window-replacement-us-043024fb.info
4 www.googletagmanager.com ob.system1onesource.com
www.googletagmanager.com
3 www.adsensecustomsearchads.com www.google.com
3 www.googleadservices.com www.googletagmanager.com
2 soflopxl.com s.flocdn.com
2 window-replacement-us-043024fb.info
1 partner.googleadservices.com www.google.com
1 ob.system1onesource.com window-replacement-us-043024fb.info
39 11

This site contains no links.

Subject Issuer Validity Valid
window-replacement-us-043024fb.info
E1		 2024-04-30 -
2024-07-29		 3 months crt.sh
*.system1onesource.com
Amazon RSA 2048 M03		 2024-01-11 -
2025-02-08		 a year crt.sh
*.flocdn.com
Amazon RSA 2048 M02		 2023-12-06 -
2025-01-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
pxtres.com
Amazon RSA 2048 M02		 2024-01-20 -
2025-02-16		 a year crt.sh

This page contains 2 frames:

Primary Page: https://window-replacement-us-043024fb.info/
Frame ID: 2E12BBD11E7DA19234FDE495D80599EB
Requests: 39 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1646507740&client=dp-openmail30_3ph_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2Fserp%3Fsc%3DshDiLHo2VToR10%26ivt%3Dfalse&rpqp=query&terms=Window%20Replacement%20in%20My%20Area%2CWindow%20Replacement%20Cost%2CWindow%20Replacement%20Companies%20Near%20Me%2CAffordable%20Window%20Replacement%2CResidential%20Window%20Replacement&kw=Window%20Replacement%20in%20My%20Area&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-2556993030624135&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442&client_gdprApplies=0&format=r5&nocache=1601714472814968&num=0&output=afd_ads&domain_name=window-replacement-us-043024fb.info&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1714472814970&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=ads&drt=0&jsid=caf&jsv=627058929&rurl=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F
Frame ID: 209C42D729EC2486F2CE09A167F72C5C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

window-replacement-us-043024fb.info

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

39
Requests

87 %
HTTPS

36 %
IPv6

9
Domains

11
Subdomains

12
IPs

2
Countries

1005 kB
Transfer

2725 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=130233453&cv=11&fst=1714472814705&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMI-PXr-NzphQMVxDLQBB3N6gN1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LGh0dHBzOi8vd2luZG93LXJlcGxhY2VtZW50LXVzLTA0MzAyNGZiLmluZm8v HTTP 302
  • https://www.google.com/pagead/1p-conversion/1058340534/?random=130233453&cv=11&fst=1714472814705&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMI-PXr-NzphQMVxDLQBB3N6gN1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LGh0dHBzOi8vd2luZG93LXJlcGxhY2VtZW50LXVzLTA0MzAyNGZiLmluZm8v&is_vtc=1&cid=CAQSGwB7FLtqPww4QqRKthLh9lHj91gwTHkYeay1bw&random=710536132
Request Chain 24
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=550125614&cv=11&fst=1714472814729&bg=ffffff&guid=ON&async=1&gtm=45be44t0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMI1Ibt-NzphQMVchzQBB3BqwRKMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LGh0dHBzOi8vd2luZG93LXJlcGxhY2VtZW50LXVzLTA0MzAyNGZiLmluZm8v HTTP 302
  • https://www.google.com/pagead/1p-conversion/932435890/?random=550125614&cv=11&fst=1714472814729&bg=ffffff&guid=ON&async=1&gtm=45be44t0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMI1Ibt-NzphQMVchzQBB3BqwRKMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LGh0dHBzOi8vd2luZG93LXJlcGxhY2VtZW50LXVzLTA0MzAyNGZiLmluZm8v&is_vtc=1&cid=CAQSGwB7FLtq-FKi5LsfjJ8isg_bQ70ykL-cQBTkoQ&random=2699412885
Request Chain 28
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=451864028&cv=11&fst=1714472814816&bg=ffffff&guid=ON&async=1&gtm=45be44t0v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMIuZPv-NzphQMVAgPQBB19Vw8HMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LGh0dHBzOi8vd2luZG93LXJlcGxhY2VtZW50LXVzLTA0MzAyNGZiLmluZm8v HTTP 302
  • https://www.google.com/pagead/1p-conversion/982246529/?random=451864028&cv=11&fst=1714472814816&bg=ffffff&guid=ON&async=1&gtm=45be44t0v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMIuZPv-NzphQMVAgPQBB19Vw8HMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LGh0dHBzOi8vd2luZG93LXJlcGxhY2VtZW50LXVzLTA0MzAyNGZiLmluZm8v&is_vtc=1&cid=CAQSKQB7FLtqJqh6ji1hMir0WAZSw0A-c5U91Bulc5t3GRqgY-QMnjbU3KQN&random=2614026903

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
window-replacement-us-043024fb.info/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://window-replacement-us-043024fb.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a30d87f8bcacf1e29ff3c6cb5ad02f1968b52c72f119be8d3cfe42eaa998d6

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
87c6d60ac92f5c69-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 30 Apr 2024 10:26:53 GMT
server
cloudflare
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALo4A9ch0h+1WaF7eiREQsF8ZSdjSPKx9KkKjCqabhCJSzV17noE3IU0F05CJ672CxyFRxdONAgr69GDBpn7MRECAwEAAQ==_ZzqDQ8HYPuLo6aj2tTJUf0QLvxQ5tQowy4+uzQSCxCmCWxsbu39VI/85DuSOF/+HgnRmjyDRqJt6+RDWDeUEOg==
35289458b2de2bf5220f730bdbc66486.js
ob.system1onesource.com/i/ 		102 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:a400:e:52c5:2040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
835acecb02dbec1184dfaa94051891180c02e26e49590eb02edceebfdea1ef09

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 06:28:56 GMT
content-encoding
gzip
via
1.1 42d3518040c55e24793897f7f5d5f342.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
EWR53-C1
age
14279
etag
"197c0-+C8xEn4ShjtlFGmpnhTelxYiDSY"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
38144
x-amz-cf-id
6OyWlGusqsLTQlEm7m5GYV3esR4htBBIYsalXJ6ob8rGVHM83pTGMQ==
expires
Tue, 30 Apr 2024 18:28:54 GMT
deps.js
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/04f05063e/ 		127 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/04f05063e/deps.js
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4cdefd5a96161d56973e6c28b7c0dc6fb48599634f227234310f2899bc1d68ed

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Origin
https://window-replacement-us-043024fb.info
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 10:26:54 GMT
x-amz-version-id
9KpQQndS0HEg.sDp5HYtmiqG__jIASQB
content-encoding
gzip
last-modified
Tue, 30 Apr 2024 07:40:22 GMT
server
AmazonS3
via
1.1 b601959712c1f21193a489b5759f70ba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
etag
W/"64e5013ef8a5e0bc3cce7af5f7adf182"
access-control-max-age
60000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
LoRUHeL0tC7VgquWbYubC8ZQv9JfYxLpOwWhmS0s1ude4sVcdJf2tA==
runtime.js
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/04f05063e/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/04f05063e/runtime.js
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52c9836027763edf4c94459fe44e695960bb1d4d974669e6afdcbd4b9d3be020

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Origin
https://window-replacement-us-043024fb.info
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 10:26:54 GMT
x-amz-version-id
nejBBNs5SUoaVSE6rEuM4IeNp0h4tzxB
content-encoding
gzip
last-modified
Tue, 30 Apr 2024 07:40:22 GMT
server
AmazonS3
via
1.1 b601959712c1f21193a489b5759f70ba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
etag
W/"1d64d5f0dfaefdd7c95884fc4268f57e"
access-control-max-age
60000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
VlVJF_Pa5kvoBAHRDCZSXcpuQ3E8n0NAl93ucH9ZMOt1Rw46tM8j0Q==
ct
obs.system1onesource.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.system1onesource.com/ct?id=28382&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&sf=0&tpi=&ch=cheq4ppc&uvid=ff4npn9fcs5wcr49g5gqu1c7&tsf=0&tsfmi=&tsfu=&cb=1714472813995&hl=2&op=0&ag=2115704966&rand=549825562851106029566611185260065320683687195991076601680917241257122261201172186582&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDc1MjhdLFsiYm5jaCIsMV0sWyJhYm5jaCIsMV0sWy0xNiwiMCJdLFstMjcsIlsxMDAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstMjAsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yNSwiLSJdLFstNDEsIi0iXSxbLTUyLCItIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltcIl8wXCIsXCIzNDY3MTU2MDAzXCJdLFwiYlwiOltdLFwic1wiOjF9Il0sWy02NCwiWzAsXCJXaW4zMlwiLFt7XCJiXCI6XCJHb29nbGUgQ2hyb21lXCIsXCJ2XCI6XCIxMjRcIn0se1wiYlwiOlwiTm90OkEtQnJhbmRcIixcInZcIjpcIjhcIn0se1wiYlwiOlwiQ2hyb21pdW1cIixcInZcIjpcIjEyNFwifV1dIl0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1FvSkFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRQWEJrUlVVMU5TVW9ERmhaV1d4ZEtRRXBOWEZRSVZsZGNTbFpNUzFwY0YxcFdWQlpRRmdvTUN3RUFEUXdCV3d0ZFhBdGJYd3dMQ3dsZkRnb0pXMTFiV2c4UERRRVBGMU5LQXdnRER3NElEZ2dRIl0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJpbnRlbCBpbmMuXCIsXCJyXCI6XCJpbnRlbCBpcmlzIG9wZW5nbCBlbmdpbmVcIixcInNsdlwiOlwid2ViZ2wgZ2xzbCBlcyAxLjAgKG9wZW5nbCBlcyBnbHNsIGVzIDEuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDEuMCAob3BlbmdsIGVzIDIuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6OCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjE5MzA4MjAyNzksXCJzZWNcIjpcIlwifSJdLFstMjQsIltdIl0sWy02LCJ7XCJ3XCI6W10sXCJuXCI6W10sXCJkXCI6W119Il0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTUzLCIxMDAiXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIi0iXSxbLTUwLCItIl0sWy0xOCwiWzAsMCwwLDFdIl0sWy0yNiwie1widGpoc1wiOjcyNzkzNTgsXCJ1amhzXCI6MzI2MzUzMCxcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstOSwiKyJdLFstMjksIi0iXSxbLTQ5LCItIl0sWy02OCwiLSJdLFstMSwiLSJdLFstNjcsIjI1MzIzMTI4ODg6MzMiXSxbLTMyLCItIl0sWy0xNCwiLSJdLFstNCwiPGh0bWwgbGFuZz1cImVuXCI%2BPGhlYWQgaWQ9XCJoZWFkXCI%2BXG4gICAgPG1ldGEgbmFtZT1cImZhY2Vib29rLWRvbWFpbi12ZXJpZmljYXRpb25cIiBjb250ZW50PVwiZW4zNm4wa3l4ejZ6NXQwODViZGJybjI5bnBicjdkXCI%2BPHRpdGxlPndpbmRvdy1yZXBsYWNlbWVudC11cy0wNDMwMjRmYi5pbmZvPC90aXRsZT48bWV0YSBuYW1lPVwiZGVzY3JpcHRpb25cIiBjb250ZW50PVwiRGVzY3JpcHRpb24gcGxhY2Vob2xkZXJcIj48bWV0YSBuYW1lPVwidmlld3BvcnRcIiBjb250ZW50PVwid2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEsIG1pbmltdW0tc2NhbGU9MVwiPjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL29iLnN5c3RlbTFvbmVzb3VyY2UuY29tL2kvMzUyODk0NThiMmRlMmJmNTIyMGY3MzBiZGJjNjY0ODYuanNcIiBkYXRhLWNoPVwiY2hlcTRwcGNcIiBjbGFzcz1cImN0X2NsaWNrdHJ1ZV8yODM4MlwiIGRhdGEtdXZpZD1cImZmNG5wbjlmY3M1d2NyNDlnNWdxdTFjN1wiPjwvc2NyaXB0PlxuICA8L2hlYWQ%2BXG4gIDxib2R5PlxuICAgIDxkaXYgaWQ9XCJyb290XCI%2BPC9kaXY%2BXG4gICAgXG48c2NyaXB0IHNyYz1cImh0dHBzOi8vcy5mbG9jZG4uY29tL0BzZWFyY2gvYnVuZGxlcy9AczEvc3luZGljYXRpb24vMC4xLjcvMDRmMDUwNjNlL2RlcHMuanNcIiBjcm9zc29yaWdpbj1cIlwiPjwvc2NyaXB0PjwvYm9keT48L2h0bWw%2BLDY3OSJdLFstNjIsIjgwIl0sWy0xMiwibnVsbCJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzUsIlsxNzE0NDcyODEzOTM4LDEwXSJdLFstNjEsIntcIndnc2xcIjpcIjQ7cmVhZG9ubHlfYW5kX3JlYWR3cml0ZV9zdG9yYWdlX3RleHR1cmVzO3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstNTEsIi0iXSxbLTYwLDIwNF0sWy00NywiUGFjaWZpYy9Ib25vbHVsdSxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTMxLCJmYWxzZSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yMywiKyJdLFstNDYsIjAiXSxbLTYzLCIwIl0sWy0yLCIxMSxlQUhXWDEvZjNxekN2Ymt1eW1Rd2dsSWFGM3BFc1JFRVRwb1ZkRlZCUVFwUmNSQkZTS0lJZ2lSSXIwS2hKUnFwU0F0Q0FrUUhwSXp5YmJYcG1aci81L2Q5NmJ6Y3VTQVBKL0d0Il0sWy00MCwiMzMiXSxbLTEwLCItIl0sWy00OCwiMCwwIl0sWy01OSwiZGVmYXVsdCJdLFstNjYsImdlb2xvY2F0aW9uLHN0b3JhZ2VhY2Nlc3MsZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LGxvY2FsZm9udHMsb3RwY3JlZGVudGlhbHMsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksc2VyaWFsLGNhbWVyYSxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsaWRlbnRpdHljcmVkZW50aWFsc2dldCxjaHVhZnVsbHZlcnNpb24sZnVsbHNjcmVlbixjaGRwcix1bmxvYWQsa2V5Ym9hcmRtYXAsY2h1YXBsYXRmb3JtLGd5cm9zY29wZSxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsY2h1YSxwdWJsaWNrZXljcmVkZW50aWFsc2NyZWF0ZSxtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsY2h1YWZvcm1mYWN0b3JzLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxjbGlwYm9hcmR3cml0ZSxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy03LCItIl0sWy04LCItIl0sWy0yMSwiLSJdLFstNjUsIi0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTUsIi0iXSxbLTEzLCItIl0sWy0xNSwiLSJdLFstMTksIlszMCwzMCwzMCwzMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0xNywiMTYiXSxbLTM4LCJsLC0xLC0xLDEsMCwzMDcsMCwwLDc3LDMwNiwtMSwwLCwsMTE0OSwxMTQ5Il0sWy01NSwiMCJdLFstNTgsIi0iXSxbLTM0LCItIl0sWy0zMywiLSJdLFsiZGRiIiwiMCwxMSwwLDEsMCwyLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDEsMCwwLDEsMywwLDAsMTcsMSwyLDAsMCwwLDAsMSwwLDAsMSwxLDAsOSwwLDAsMSwwLDAsMCwzNCwwIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMSwwLDMsMCwwLDEwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsOCwwLDAsMCwwLDAsMCwwLDMsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=HPruD1FknF&pto=1153&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1714472813.7dUxjRqU4tl4Po6g&suid=1.1714472813.ILw7fCvOzmVuuF62&tuid=1.1714472813.IMWvUORpPRZHP7Fr&fbc=-&gtm=-&it=4%2C697%2C286&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
7d03a8a02b7bf54d605ea42a186cf9714935d1580608ee379a5fcf53c16edacc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/javascript
pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1366
expires
Fri, 01 Jan 1990 00:00:00 GMT
UiSyndication.js
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/04f05063e/lib/ 		1 MB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/04f05063e/lib/UiSyndication.js
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cb2dbb5a3f51b6077cbd843ed812accd4ba6dc5c2cd8820b427eee7440a6001

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 19:07:20 GMT
x-amz-version-id
CVLY2sSvGctfM7V4k8Sat3kXwLAMMBDD
content-encoding
gzip
last-modified
Mon, 29 Apr 2024 17:59:45 GMT
server
AmazonS3
via
1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
etag
W/"59b4cc8949f3a35f4e6622638381c3b2"
age
55175
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
X3_bmFieH3c_t4M2XzAzdT1FJ17r8wmkI38Rf2xVkZUNW9DmyH_KlQ==
js
www.googletagmanager.com/gtag/ 		211 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-932435890
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b24b75ee550db49f193042a9bead3fd7223bccb4326543b07886e527a828815b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 10:26:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78177
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Apr 2024 10:26:54 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-982246529
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3693ec346564ec7fd8e58e134340d91c21af15d549971b8670b7a04f67ba7b1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 10:26:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81045
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Apr 2024 10:26:54 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1058340534
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f15e853ea7cd8eeac7932d2ee62549fc36f7feb35e6f11c54afd9a01c00d0a7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 10:26:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81084
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Apr 2024 10:26:54 GMT
tc_imp.gif
obs.system1onesource.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.system1onesource.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126beac332e84f8b999225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c198e652517071a10acf9f29f6718d783dd512c3749af2e7557826fd6619356620571c700015a345609c4e8381a77be26bb25cb43e2913bf05365ac08287a1bdb07ec43f497d7df3cbb2807ff7ecaa8556d8e0e3143714493d60265f760b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7908677a0ddc05afb35cd0e6f2094f79fb6f12a93daf07785715b90ebc33e1d47f16469ab941c32eddead20de03fa15e4d511c44a989b2cc76a34c7cb20dd778cc0b6a69de5e0182bff33a4feb875433eae8b27d4f401b95a59468e030eda97ccd8c6ee8b33c92ddf99b99e37f96d3466d22979c4c2954e6bdbe477a64ca7dd0d9070ef25110514dc31bc1cd1cbee27e9d663895ce6cf849b50bf190a2dfd1e4c00300969c4ec3be20b94dc8020a28e75fa806c82c2a9b03d8ebaa707267f82ee4d12c9a5081a4cb4e0e120fd6dcbae05b0be3cb86efe2389418345a4f4659244639dfa806c2d22721f385d0e64f6b8d932967be357445134eaa85d9dc40a0695bbdcb3a06fc0ebf8f586f8aeed4a4f3cfb479ab7596e8340791ad7635d7570f77baf761edeeac1638a68cb248bab2ec5a40c997b0c203c037c139fc2f8da3c7b569d044495d3dab3accb53059bb0a17c8ad27073dbce0f3f6ef08dc45722b33b985c991aff229d12dad40efeba368f879a86dd1e36fdea29629c77a18cb4af119e6435151b933c2618ebc11eeae850969dfb97529a959b214d721eea2fa117ab4bb3866892364423493b7e619826c9866526ff108afa93709cb94b8e666fbd553975cbfadb185bf070f28f14de0033084bbf2555ffc8910db4357efae779d9bfda89c250c64f176243e07d4e3f80824e18e32eedfedd3fdb82a85f2123f13b64515b917505b1c0b146039a636dc1c3d203dbdeb9cc503ea870e656785ccd52313f8885465381d5e0dffea053bc78b464d539d3d04197bcea2136f3941f81cdebf0d6f9d5ce3d5e9eb96606d92d980a814cb0a739a2c6cdd578ae948cbb820609c8beb5a51a9f039a5840334e2b9fdd&cri=HPruD1FknF&ts=226&cb=1714472814221
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
27807f1e-4bab-4412-9e7c-4e66f0259a1a
https://window-replacement-us-043024fb.info/ 		261 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://window-replacement-us-043024fb.info/27807f1e-4bab-4412-9e7c-4e66f0259a1a
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38f3ad7b60b369ee562824e969a8f7b225e802807801cee51715144ac2897656

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
261
Content-Type
998611ee-037e-43d4-bf41-1718fa96b4f8
https://window-replacement-us-043024fb.info/ 		529 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://window-replacement-us-043024fb.info/998611ee-037e-43d4-bf41-1718fa96b4f8
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a08961b17e99107fe851b3305751c28844a16028c859a7159c59d1b99898bfc

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
529
Content-Type
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
dpl-search.js
s.flocdn.com/@s1/dpl/4.15.0/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/@s1/dpl/4.15.0/dpl-search.js
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/04f05063e/lib/UiSyndication.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e4e995a6c5f630393a2e10ae5e6c48fb73d597835a7ca4894b5d369c5388cf6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 14 Mar 2024 19:26:49 GMT
content-encoding
gzip
via
1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
x-amz-version-id
7vFAJa757erdk2WKjVQ7yYMc87mDzKPA
last-modified
Wed, 13 Mar 2024 21:54:43 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
4028406
etag
"cbe576251bb163f6c0072e2f2c93f563"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
15985
x-amz-cf-id
_radTVphK_veI4v6nQSuabtpqnZNhMW2MbBHRqrj8oydXGecwG1euw==
caf.js
www.google.com/adsense/domains/ 		186 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/04f05063e/lib/UiSyndication.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f4.1e100.net
Software
sffe /
Resource Hash
b7dcff3a52c17ad88994709653d89120b92d79986bfcce0d4706e7fcffa9c8af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 10:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"12176714062366106778"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Tue, 30 Apr 2024 10:26:54 GMT
texture.png
s.flocdn.com/layout/gd05/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.flocdn.com/layout/gd05/texture.png
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 03:38:32 GMT
x-amz-version-id
9nrwm6vbihUL1RldyKfYApKff2o.FEKN
via
1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
last-modified
Tue, 16 May 2017 22:02:26 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
24503
etag
"57bbfe7c227619d47a41639eba996150"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-meta-version-id
HC_iG.nfn0YuLDYFlnJj0jQC5XTNCe04
content-length
84780
x-amz-cf-id
Riz3ivpPVkyAkPemzs02eG9n_B1wIkWwmyGCHLRcCEmIdEG0uz1ItQ==
arrows-rainbow_559.png
s.flocdn.com/layout/pship508/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.flocdn.com/layout/pship508/arrows-rainbow_559.png
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
q0xUrgBtkt1zPXsMOtCQmqJsqJAEmQZm
date
Tue, 30 Apr 2024 07:28:42 GMT
via
1.1 f458ab1245bb4f257969c1da8e708f88.cloudfront.net (CloudFront)
last-modified
Wed, 04 Jan 2023 19:08:13 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
10725
etag
"9ca21edfdf15faf735dad1f024227fbc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
87916
x-amz-cf-id
l7OglrkJrGduRUy6KNjumc-WCDW0QtZwBD-Znbwe2Gs56RPKURkUTw==
js
www.googletagmanager.com/gtag/ 		222 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-982246529&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058340534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1df2cde2199c37160c5f6a18cb63d5366372171ff50ae6e6dc1c50b0f26f1194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 10:26:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81055
x-xss-protection
0
last-modified
Tue, 30 Apr 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Apr 2024 10:26:54 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=1714472814683&cv=11&fst=1714472814683&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058340534
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
9c76cb9b7501a7d73ffafca8b973f0e51da0a27f57ec646e17e4de2404da377a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1396
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/1058340534/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1058340534/?random=1714472814705&cv=11&fst=1714472814705&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058340534
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
e93448c13dfd3a0cc925451100ca8cf802021d1f4d93582198b33085459db40f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1549
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=1714472814717&cv=11&fst=1714472814717&bg=ffffff&guid=ON&async=1&gtm=45be44t0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
65aa8bade8a9a4b2d35910fdb41642e4b6a4eb1fdf82d8de84450c70eed898f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1389
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/932435890/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/932435890/?random=1714472814729&cv=11&fst=1714472814729&bg=ffffff&guid=ON&async=1&gtm=45be44t0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
36adf4da69de4e32ae38d7cc1499c6be17abf312ab4310bd9a800fcbf5913e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1542
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=1714472814778&cv=11&fst=1714472814778&bg=ffffff&guid=ON&async=1&gtm=45be44t0v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
bef8091d86d142772d9020858d72bbf2a5d46086bc968ab4bb03d2ec0fcf5f76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1392
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/982246529/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/982246529/?random=1714472814816&cv=11&fst=1714472814816&bg=ffffff&guid=ON&async=1&gtm=45be44t0v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
c110f283874c8434fc990d22ef84b572ba5ea0329a5a177446c426f7b3d51c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1549
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-conversion/1058340534/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=130233453&cv=11&fst=1714472814705&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w...
  • https://www.google.com/pagead/1p-conversion/1058340534/?random=130233453&cv=11&fst=1714472814705&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=ht...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/1058340534/?random=130233453&cv=11&fst=1714472814705&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMI-PXr-NzphQMVxDLQBB3N6gN1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LGh0dHBzOi8vd2luZG93LXJlcGxhY2VtZW50LXVzLTA0MzAyNGZiLmluZm8v&is_vtc=1&cid=CAQSGwB7FLtqPww4QqRKthLh9lHj91gwTHkYeay1bw&random=710536132
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
H3
Server
142.251.40.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://window-replacement-us-043024fb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:55 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/1058340534/?random=130233453&cv=11&fst=1714472814705&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMI-PXr-NzphQMVxDLQBB3N6gN1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LGh0dHBzOi8vd2luZG93LXJlcGxhY2VtZW50LXVzLTA0MzAyNGZiLmluZm8v&is_vtc=1&cid=CAQSGwB7FLtqPww4QqRKthLh9lHj91gwTHkYeay1bw&random=710536132
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-conversion/932435890/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=550125614&cv=11&fst=1714472814729&bg=ffffff&guid=ON&async=1&gtm=45be44t0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=12...
  • https://www.google.com/pagead/1p-conversion/932435890/?random=550125614&cv=11&fst=1714472814729&bg=ffffff&guid=ON&async=1&gtm=45be44t0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2F...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/932435890/?random=550125614&cv=11&fst=1714472814729&bg=ffffff&guid=ON&async=1&gtm=45be44t0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMI1Ibt-NzphQMVchzQBB3BqwRKMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LGh0dHBzOi8vd2luZG93LXJlcGxhY2VtZW50LXVzLTA0MzAyNGZiLmluZm8v&is_vtc=1&cid=CAQSGwB7FLtq-FKi5LsfjJ8isg_bQ70ykL-cQBTkoQ&random=2699412885
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
H3
Server
142.251.40.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://window-replacement-us-043024fb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:55 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/932435890/?random=550125614&cv=11&fst=1714472814729&bg=ffffff&guid=ON&async=1&gtm=45be44t0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMI1Ibt-NzphQMVchzQBB3BqwRKMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LGh0dHBzOi8vd2luZG93LXJlcGxhY2VtZW50LXVzLTA0MzAyNGZiLmluZm8v&is_vtc=1&cid=CAQSGwB7FLtq-FKi5LsfjJ8isg_bQ70ykL-cQBTkoQ&random=2699412885
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/982246529/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/982246529/?random=1714472814778&cv=11&fst=1714471200000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqBdIGLyY4J2b4tsi1XoAL5sLQSJVQ4A&random=2278183899&rmt_tld=0&ipr=y
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/932435890/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/932435890/?random=1714472814717&cv=11&fst=1714471200000&bg=ffffff&guid=ON&async=1&gtm=45be44t0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqFZEJTAO0KvYPDVYy3NAFlBUwXXMn1A&random=586690382&rmt_tld=0&ipr=y
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1058340534/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1058340534/?random=1714472814683&cv=11&fst=1714471200000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9100102812za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq8J0i1V_henemo6qITDW7YsDJYJRgdw&random=203241363&rmt_tld=0&ipr=y
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-conversion/982246529/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=451864028&cv=11&fst=1714472814816&bg=ffffff&guid=ON&async=1&gtm=45be44t0v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1...
  • https://www.google.com/pagead/1p-conversion/982246529/?random=451864028&cv=11&fst=1714472814816&bg=ffffff&guid=ON&async=1&gtm=45be44t0v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=http...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/982246529/?random=451864028&cv=11&fst=1714472814816&bg=ffffff&guid=ON&async=1&gtm=45be44t0v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMIuZPv-NzphQMVAgPQBB19Vw8HMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LGh0dHBzOi8vd2luZG93LXJlcGxhY2VtZW50LXVzLTA0MzAyNGZiLmluZm8v&is_vtc=1&cid=CAQSKQB7FLtqJqh6ji1hMir0WAZSw0A-c5U91Bulc5t3GRqgY-QMnjbU3KQN&random=2614026903
Requested by
Host: window-replacement-us-043024fb.info
URL: https://window-replacement-us-043024fb.info/
Protocol
H3
Server
142.251.40.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://window-replacement-us-043024fb.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:55 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Apr 2024 10:26:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/982246529/?random=451864028&cv=11&fst=1714472814816&bg=ffffff&guid=ON&async=1&gtm=45be44t0v868528064za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=window-replacement-us-043024fb.info&gtm_ee=1&npa=0&pscdl=noapi&auid=1532574825.1714472815&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMIuZPv-NzphQMVAgPQBB19Vw8HMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6LGh0dHBzOi8vd2luZG93LXJlcGxhY2VtZW50LXVzLTA0MzAyNGZiLmluZm8v&is_vtc=1&cid=CAQSKQB7FLtqJqh6ji1hMir0WAZSw0A-c5U91Bulc5t3GRqgY-QMnjbU3KQN&random=2614026903
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		424 B
281 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=window-replacement-us-043024fb.info&client=dp-openmail30_3ph_js&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
07acdb626ac59c3fb3299da2191fdfbabad553f39323aa203881f958051f0068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 10:26:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
259
x-xss-protection
0
ads
www.adsensecustomsearchads.com/afs/ Frame 209C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1646507740&client=dp-openmail30_3ph_js&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2Fserp%3Fsc%3DshDiLHo2VToR10%26ivt%3Dfalse&rpqp=query&terms=Window%20Replacement%20in%20My%20Area%2CWindow%20Replacement%20Cost%2CWindow%20Replacement%20Companies%20Near%20Me%2CAffordable%20Window%20Replacement%2CResidential%20Window%20Replacement&kw=Window%20Replacement%20in%20My%20Area&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-2556993030624135&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442&client_gdprApplies=0&format=r5&nocache=1601714472814968&num=0&output=afd_ads&domain_name=window-replacement-us-043024fb.info&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1714472814970&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=ads&drt=0&jsid=caf&jsv=627058929&rurl=https%3A%2F%2Fwindow-replacement-us-043024fb.info%2F
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-IwJLhGsXzPyDx0yUZeBugw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://window-replacement-us-043024fb.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
11027
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-IwJLhGsXzPyDx0yUZeBugw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Tue, 30 Apr 2024 10:26:55 GMT
expires
Tue, 30 Apr 2024 10:26:55 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
mon
obs.system1onesource.com/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.system1onesource.com/mon
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://window-replacement-us-043024fb.info
date
Tue, 30 Apr 2024 10:26:55 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
mon
obs.system1onesource.com/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.system1onesource.com/mon
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://window-replacement-us-043024fb.info
date
Tue, 30 Apr 2024 10:26:55 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
dplpxs
soflopxl.com/ 		0
207 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://soflopxl.com/dplpxs
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.15.0/dpl-search.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.202.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-202-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://window-replacement-us-043024fb.info
date
Tue, 30 Apr 2024 10:26:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST
expires
Tue, 30 Apr 2024 10:26:54 GMT
favicon.ico
window-replacement-us-043024fb.info/ 		0
103 B 		Other
General
Check archive.org
Download Go to
Full URL
https://window-replacement-us-043024fb.info/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.157.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 10:26:55 GMT
cache-control
public, max-age=14400
cf-cache-status
MISS
server
cloudflare
cf-ray
87c6d61999e15c69-MIA
vary
Accept-Encoding
expires
Tue, 30 Apr 2024 14:26:55 GMT
dplpxs
soflopxl.com/ 		0
206 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://soflopxl.com/dplpxs
Requested by
Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.15.0/dpl-search.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.202.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-202-92.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://window-replacement-us-043024fb.info
date
Tue, 30 Apr 2024 10:26:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST
expires
Tue, 30 Apr 2024 10:26:54 GMT
gen_204
www.adsensecustomsearchads.com/afs/ 		0
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-openmail30_3ph_js&output=uds_ads_only&zx=6nz3j3al11vl&aqid=b8cwZuSNEerinboP-LGS4A4&psid=1646507740&pbt=bs&adbx=550&adby=60&adbh=810&adbw=500&adbah=155%2C155%2C171%2C155%2C155&adbn=master-1&eawp=partner-dp-openmail30_3ph_js&errv=627058929&csala=4%7C0%7C420%7C192%7C14&lle=0&ifv=1&hpt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-hz3WJtDYLTTD72jNoMgVmA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-hz3WJtDYLTTD72jNoMgVmA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Tue, 30 Apr 2024 10:26:57 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
mon
obs.system1onesource.com/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.system1onesource.com/mon
Requested by
Host: ob.system1onesource.com
URL: https://ob.system1onesource.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://window-replacement-us-043024fb.info
date
Tue, 30 Apr 2024 10:26:57 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
gen_204
www.adsensecustomsearchads.com/afs/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-openmail30_3ph_js&output=uds_ads_only&zx=hzpeaovl8txs&aqid=b8cwZuSNEerinboP-LGS4A4&psid=1646507740&pbt=bv&adbx=550&adby=60&adbh=810&adbw=500&adbah=155%2C155%2C171%2C155%2C155&adbn=master-1&eawp=partner-dp-openmail30_3ph_js&errv=627058929&csala=4%7C0%7C420%7C192%7C14&lle=0&ifv=1&hpt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-A150lMSZOKadU8z7EhnGSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://window-replacement-us-043024fb.info/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-A150lMSZOKadU8z7EhnGSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Tue, 30 Apr 2024 10:26:57 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| __ctcg_ct_28382_exec object| webpackChunkfrontend object| React object| ReactDOM function| logHydrationScriptLoadError function| hydrateSSR object| componentScript object| _cq object| dataLayer object| UISyndication string| onetrustTemplate function| OptanonWrapper object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| s1 object| dpls1s number| googleNDT_ number| googleAltLoader object| google function| __sasCookie number| experimentId_

7 Cookies

Domain/Path Name / Value
window-replacement-us-043024fb.info/ Name: s1_userid
Value: OaDPJlGKQvRISN3TtxJH
.window-replacement-us-043024fb.info/ Name: _cq_duid
Value: 1.1714472813.7dUxjRqU4tl4Po6g
.window-replacement-us-043024fb.info/ Name: _cq_suid
Value: 1.1714472813.ILw7fCvOzmVuuF62
obs.system1onesource.com/ Name: cg_uuid
Value: ae0df08baf2c5d93dbb0bdb151bf2fce
.window-replacement-us-043024fb.info/ Name: _gcl_au
Value: 1.1.1532574825.1714472815
.doubleclick.net/ Name: IDE
Value: AHWqTUl60frtqi8PHeWrYDvbvQSmCpjDEViyVzCWr7NzkYt7QrtyHJ_Did8L0jc3
.window-replacement-us-043024fb.info/ Name: __gsas
Value: ID=497fe1662df1c283:T=1714472815:RT=1714472815:S=ALNI_MbAmGpEZT6TdtDwLRXGWY_1cyzXJA

16 Console Messages

Source Level URL
Text
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
worker verbose URL: blob:https://window-replacement-us-043024fb.info/27807f1e-4bab-4412-9e7c-4e66f0259a1a(Line 1)
Message:
Error
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.google.com/adsense/domains/caf.js(Line 219)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://window-replacement-us-043024fb.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
ob.system1onesource.com
obs.system1onesource.com
partner.googleadservices.com
s.flocdn.com
soflopxl.com
window-replacement-us-043024fb.info
www.adsensecustomsearchads.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.17.157.1
108.139.29.41
142.250.65.226
142.250.80.66
142.251.40.100
172.217.165.130
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:21da:a400:e:52c5:2040:93a1
2607:f8b0:4006:80b::200e
2607:f8b0:4006:821::2008
3.212.202.92
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
07acdb626ac59c3fb3299da2191fdfbabad553f39323aa203881f958051f0068
1df2cde2199c37160c5f6a18cb63d5366372171ff50ae6e6dc1c50b0f26f1194
3693ec346564ec7fd8e58e134340d91c21af15d549971b8670b7a04f67ba7b1c
36adf4da69de4e32ae38d7cc1499c6be17abf312ab4310bd9a800fcbf5913e98
38f3ad7b60b369ee562824e969a8f7b225e802807801cee51715144ac2897656
4cdefd5a96161d56973e6c28b7c0dc6fb48599634f227234310f2899bc1d68ed
52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0
52c9836027763edf4c94459fe44e695960bb1d4d974669e6afdcbd4b9d3be020
5e4e995a6c5f630393a2e10ae5e6c48fb73d597835a7ca4894b5d369c5388cf6
65aa8bade8a9a4b2d35910fdb41642e4b6a4eb1fdf82d8de84450c70eed898f6
6a08961b17e99107fe851b3305751c28844a16028c859a7159c59d1b99898bfc
7cb2dbb5a3f51b6077cbd843ed812accd4ba6dc5c2cd8820b427eee7440a6001
7d03a8a02b7bf54d605ea42a186cf9714935d1580608ee379a5fcf53c16edacc
835acecb02dbec1184dfaa94051891180c02e26e49590eb02edceebfdea1ef09
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9
9c76cb9b7501a7d73ffafca8b973f0e51da0a27f57ec646e17e4de2404da377a
b24b75ee550db49f193042a9bead3fd7223bccb4326543b07886e527a828815b
b7dcff3a52c17ad88994709653d89120b92d79986bfcce0d4706e7fcffa9c8af
bef8091d86d142772d9020858d72bbf2a5d46086bc968ab4bb03d2ec0fcf5f76
c110f283874c8434fc990d22ef84b572ba5ea0329a5a177446c426f7b3d51c20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a30d87f8bcacf1e29ff3c6cb5ad02f1968b52c72f119be8d3cfe42eaa998d6
e93448c13dfd3a0cc925451100ca8cf802021d1f4d93582198b33085459db40f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15e853ea7cd8eeac7932d2ee62549fc36f7feb35e6f11c54afd9a01c00d0a7f