www.qualified-window-survey.americatopquotes.com Open in urlscan Pro
162.144.3.115 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.qualified-window-survey.americatopquotes.com/
Submission Tags: @phishunt_io
Submission: On March 08 via api (March 8th 2023, 1:11:37 am UTC) from DE — Scanned from DE

Summary HTTP 41 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 41 HTTP transactions. The main IP is 162.144.3.115, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.qualified-window-survey.americatopquotes.com.
TLS certificate: Issued by R3 on March 7th 2023. Valid for: 3 months.

This is the only time www.qualified-window-survey.americatopquotes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	162.144.3.115 162.144.3.115	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:805::200a	15169 (GOOGLE) (GOOGLE)
1 3	35.175.162.169 35.175.162.169	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:3800:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80c::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	34.203.172.198 34.203.172.198	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.118.125 13.32.118.125	16509 (AMAZON-02) (AMAZON-02)
1	44.207.228.156 44.207.228.156	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
41	12

14 162.144.3.115 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-144-3-115.unifiedlayer.com

www.qualified-window-survey.americatopquotes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
qualified-window-survey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:805::200a (Ireland)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.175.162.169 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-162-169.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:3800:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.203.172.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-172-198.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.118.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-125.fra60.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.207.228.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-228-156.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	americatopquotes.com www.qualified-window-survey.americatopquotes.com	181 KB
8	leadid.com create.leadid.com — Cisco Umbrella Rank: 13789	5 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 maps.googleapis.com — Cisco Umbrella Rank: 354	223 KB
5	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 24979 cdn.trustedform.com — Cisco Umbrella Rank: 28007	41 KB
4	gstatic.com fonts.gstatic.com maps.gstatic.com	59 KB
2	qualified-window-survey.com qualified-window-survey.com	31 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 15048	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 21055	38 KB
41	9

	Domain	Requested by
12	www.qualified-window-survey.americatopquotes.com	www.qualified-window-survey.americatopquotes.com
8	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
6	maps.googleapis.com	www.qualified-window-survey.americatopquotes.com maps.googleapis.com
3	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
2	maps.gstatic.com
2	fonts.gstatic.com	fonts.googleapis.com www.qualified-window-survey.americatopquotes.com
2	cdn.trustedform.com	www.qualified-window-survey.americatopquotes.com api.trustedform.com
2	qualified-window-survey.com	www.qualified-window-survey.americatopquotes.com cdn.trustedform.com
2	fonts.googleapis.com	www.qualified-window-survey.americatopquotes.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	www.qualified-window-survey.americatopquotes.com
41	12

This site contains links to these domains. Also see Links.

Domain
qualified-window-survey.com

Subject Issuer	Validity	Valid
qualifiedbathromsurvey.com R3	`2023-03-07` - `2023-06-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-19`	8 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2023-02-22` - `2023-10-09`	8 months	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-02-24` - `2023-05-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.qualified-window-survey.americatopquotes.com/
Frame ID: E013AD2F6173602C71AC34CD336AEE54
Requests: 39 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=427473A3-0367-BDF0-F58D-3858F0E66DAD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=CBFCE861-204B-F69C-E517-B3A52E78F2A8&lac=4A8C24CB-F03B-67DD-8A46-05E6F890542E
Frame ID: 21624B9BCA2780AD57FF33792D4BBE32
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=427473A3-0367-BDF0-F58D-3858F0E66DAD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=CBFCE861-204B-F69C-E517-B3A52E78F2A8&lac=4A8C24CB-F03B-67DD-8A46-05E6F890542E
Frame ID: 9C41DD3683129C6AA7AB15FDB068FDDC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lowest Quotes For Your Windows

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

98 %
HTTPS

55 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

593 kB
Transfer

1616 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://qualified-window-survey.com/

Search URL Search Domain Scan URL

URL: https://qualified-window-survey.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://qualified-window-survey.com/terms.html
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://qualified-window-survey.com/do-not-sell.html
Title: Do Not Sell My Information

Search URL Search Domain Scan URL

URL: https://qualified-window-survey.com/opt-out.html
Title: Opt Out

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16782378917600.5847142018375111 HTTP 301
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16782378917600.5847142018375111

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.qualified-window-survey.americatopquotes.com/ 27 KB
6 KB 797ms
167ms Document
text/html 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: 00e247009abefcfd944b71d6da86e0320efc94e082d471e292fbf4ba5afed69b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 5887
content-type: text/html
date: Wed, 08 Mar 2023 01:11:30 GMT
last-modified: Mon, 23 Jan 2023 06:56:19 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
www.qualified-window-survey.americatopquotes.com/data/ 158 KB
36 KB 321ms
319ms Stylesheet
text/css 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualified-window-survey.americatopquotes.com/data/bootstrap.min.css
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: 355391583f29e8e4c3cbba984916f2ec70744cb6ea475b2591549229799121e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:31 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 06:46:10 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 664 B
765 B 127ms
45ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 01:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 23:31:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 01:11:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
792 B 129ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86de19ff3de0cb28ad4bc635daf8aa984634d07d2897c467904cdf07e6182b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 01:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 01:11:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 01:11:31 GMT

GET
H2 200 css2
www.qualified-window-survey.americatopquotes.com/data/ 14 KB
14 KB 163ms
161ms Stylesheet
text/plain 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualified-window-survey.americatopquotes.com/data/css2
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: dc960b538a8d34402a3bfd919d47267a6ad0337e132f972a1905f1adead58817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:31 GMT
last-modified: Fri, 06 Jan 2023 06:46:40 GMT
server: Apache
accept-ranges: bytes
content-length: 14008

GET
H2 200 select2.min.css
www.qualified-window-survey.americatopquotes.com/data/ 24 KB
5 KB 165ms
163ms Stylesheet
text/css 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualified-window-survey.americatopquotes.com/data/select2.min.css
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: fecf9f10bd405a779d4f5dd9f6aab245d90f0b71a726992f34f922352469caca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:31 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 06:46:25 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 5131

GET
H2 200 styles.css
www.qualified-window-survey.americatopquotes.com/data/ 13 KB
4 KB 163ms
162ms Stylesheet
text/css 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualified-window-survey.americatopquotes.com/data/styles.css
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: d575cd0c32a214206e1b48fa9b6048eaa4a5048ad791c68656956c3438511d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:31 GMT
content-encoding: gzip
last-modified: Thu, 16 Feb 2023 12:16:58 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3987

GET
H2 200 logo.svg
qualified-window-survey.com/data/ 16 KB
16 KB 1132ms
163ms Image
image/svg+xml 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualified-window-survey.com/data/logo.svg
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: e191e411817d398a895c4cd074ba2bea2929436ba5663472cbd0a6961fe93cd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:32 GMT
last-modified: Fri, 06 Jan 2023 06:47:59 GMT
server: Apache
accept-ranges: bytes
content-length: 16052
content-type: image/svg+xml

GET
H2 200 jquery.min.js Show response
www.qualified-window-survey.americatopquotes.com/data/ 87 KB
38 KB 170ms
170ms Script
application/javascript 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualified-window-survey.americatopquotes.com/data/jquery.min.js
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:31 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 06:46:31 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 bootstrap.min.js Show response
www.qualified-window-survey.americatopquotes.com/data/ 82 KB
32 KB 164ms
164ms Script
application/javascript 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualified-window-survey.americatopquotes.com/data/bootstrap.min.js
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:31 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 06:46:32 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery.validate.min.js Show response
www.qualified-window-survey.americatopquotes.com/data/ 24 KB
10 KB 169ms
166ms Script
application/javascript 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualified-window-survey.americatopquotes.com/data/jquery.validate.min.js
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: 4c0cc637858d6503cba9262f8be75740c29e853605a153a7bde46a6e2e367eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:31 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 06:46:17 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 9726

GET
H2 200 jquery.plugin.js Show response
www.qualified-window-survey.americatopquotes.com/data/ 14 KB
6 KB 168ms
165ms Script
application/javascript 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualified-window-survey.americatopquotes.com/data/jquery.plugin.js
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: 9fd7a6b614b2f0d1c8caacf1dafee9b90001baa28ba8dd2bf318c34513ba7b31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:31 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 06:46:36 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5900

GET
H2 200 jquery.mask.min.js Show response
www.qualified-window-survey.americatopquotes.com/data/ 8 KB
4 KB 167ms
165ms Script
application/javascript 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualified-window-survey.americatopquotes.com/data/jquery.mask.min.js
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:31 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 06:46:36 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3753

GET
H2 200 select2.min.js Show response
www.qualified-window-survey.americatopquotes.com/data/ 69 KB
25 KB 304ms
303ms Script
application/javascript 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualified-window-survey.americatopquotes.com/data/select2.min.js
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: c8467b98f112bb1b06a33cde66a70de85c05d22a455f91f592554c804a50a729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:31 GMT
content-encoding: gzip
last-modified: Fri, 06 Jan 2023 06:46:13 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 171 KB
56 KB 209ms
94ms Script
text/javascript 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBPhEYmR0pPjTxClN5Lvoa9kPMfiUN4qVo&libraries=places&callback=loadGoogleMap

Requested by

Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

93eada3e7a9f4c35268eec010c957d827a647d7d562d0ecb1855de3a16824467

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:31 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: l2gfet4t7; dur=20, gfet4t7; dur=47
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57302
x-xss-protection: 0
expires: Wed, 08 Mar 2023 01:41:31 GMT

GET
H2 200 custom.js Show response
www.qualified-window-survey.americatopquotes.com/data/ 6 KB
2 KB 164ms
162ms Script
application/javascript 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qualified-window-survey.americatopquotes.com/data/custom.js
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: 4f84d68abea2ea861750fc176852cb7950b07b30bf16a6101216859b49961a93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:31 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2023 06:47:33 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1520

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16782378917600.5847142018375111
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16782378917600.5847142018375111

7 KB
3 KB

264ms
213ms

Script
application/javascript

2600:9000:223d:3800:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16782378917600.5847142018375111
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Server: 2600:9000:223d:3800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:33 GMT
x-amz-version-id: oadcnJCg2vYrfrS_vSmPkc6nBoYFDxSV
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
server: AmazonS3
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"1b4d8abad5e0668a237e388577c6a93c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: F5k7Vr9RvCJeRMQzguihHqUDl3AdZ23PTWgDyw3OjEoFXX1xkFUpDA==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16782378917600.5847142018375111
date: Wed, 08 Mar 2023 01:11:32 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 168ms
50ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.qualified-window-survey.americatopquotes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:03:59 GMT
x-content-type-options: nosniff
age: 518852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 01:03:59 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 212ms
94ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/data/css2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.qualified-window-survey.americatopquotes.com/
Origin: https://www.qualified-window-survey.americatopquotes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:46:44 GMT
x-content-type-options: nosniff
age: 548687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30856
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:46:44 GMT

GET
H2 200 cbfce861-204b-f69c-e517-b3a52e78f2a8.js Show response
create.lidstatic.com/campaign/ 121 KB
38 KB 447ms
415ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/cbfce861-204b-f69c-e517-b3a52e78f2a8.js?snippet_version=2
Requested by: Host: www.qualified-window-survey.americatopquotes.com
URL: https://www.qualified-window-survey.americatopquotes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a14fefef7991f1f6d013540d10a2ffc1d48b6d2dcd51440708561bfd5e3afb34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:32 GMT
x-amz-version-id: XQi3hnQHD9LY_9NchmyJmteV.bXbjCnK
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 06 Jan 2023 07:32:38 GMT
server: cloudflare
x-amz-request-id: GVME4AFMDV7F63PN
etag: W/"8edf1ca43cf4486739336e33610a413a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 7a473467e90b9bfa-FRA
x-amz-id-2: ZiHh80MnVuGP419WY0aSkJeNR5kaXUr984IFEJHT1fg+0GUfVrua2jExeB+S2XCpg8WsfB7XHho=

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 184ms
73ms XHR
application/json 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBPhEYmR0pPjTxClN5Lvoa9kPMfiUN4qVo&libraries=places&callback=loadGoogleMap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.qualified-window-survey.americatopquotes.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.13/ 36 B
659 B 384ms
148ms XHR
text/plain 34.203.172.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/GenerateToken?msn=1&pid=83f09f7b-a171-4247-bcb2-d4620f13ecad&_=921898724

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbfce861-204b-f69c-e517-b3a52e78f2a8.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.172.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-172-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fe71c7245fe97a5bddc8111ff56f99da4135f3e17f8183cafe526c4815c1b4c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.qualified-window-survey.americatopquotes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Mar 2023 01:11:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 2162 3 KB
2 KB 40ms
7ms Document
text/html 13.32.118.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=427473A3-0367-BDF0-F58D-3858F0E66DAD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=CBFCE861-204B-F69C-E517-B3A52E78F2A8&lac=4A8C24CB-F03B-67DD-8A46-05E6F890542E

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbfce861-204b-f69c-e517-b3a52e78f2a8.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-125.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.qualified-window-survey.americatopquotes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 16854
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 07 Mar 2023 20:30:38 GMT
ETag: W/"63ebe88f-dbb"
Last-Modified: Tue, 14 Feb 2023 20:01:19 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: xKlXNJoS8mWrrL3bNnwqH0MkmpMOSS4shZ6X13PX1lZIG_qaWYL3Qw==
X-Amz-Cf-Pop: FRA60-P1
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.13/ 0
621 B 105ms
104ms XHR
text/plain 34.203.172.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/SaveDom?msn=2&pid=83f09f7b-a171-4247-bcb2-d4620f13ecad&token=427473A3-0367-BDF0-F58D-3858F0E66DAD&_=921898725

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbfce861-204b-f69c-e517-b3a52e78f2a8.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.172.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-172-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.qualified-window-survey.americatopquotes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Mar 2023 01:11:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.13/ 0
622 B 205ms
205ms XHR
text/plain 34.203.172.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/InitFormData?msn=3&pid=83f09f7b-a171-4247-bcb2-d4620f13ecad&token=427473A3-0367-BDF0-F58D-3858F0E66DAD&_=921898726

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbfce861-204b-f69c-e517-b3a52e78f2a8.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.172.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-172-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.qualified-window-survey.americatopquotes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Mar 2023 01:11:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 9C41 4 KB
2 KB 640ms
102ms Document
text/html 44.207.228.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=427473A3-0367-BDF0-F58D-3858F0E66DAD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=CBFCE861-204B-F69C-E517-B3A52E78F2A8&lac=4A8C24CB-F03B-67DD-8A46-05E6F890542E
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=427473A3-0367-BDF0-F58D-3858F0E66DAD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=CBFCE861-204B-F69C-E517-B3A52E78F2A8&lac=4A8C24CB-F03B-67DD-8A46-05E6F890542E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.228.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-228-156.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Wed, 08 Mar 2023 01:11:33 GMT
etag: W/"63dbe867-1049"
expires: Thu, 09 Mar 2023 01:11:33 GMT
last-modified: Thu, 02 Feb 2023 16:44:23 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H2 200 Snap Show response
create.leadid.com/2.11.13/ 0
621 B 308ms
207ms XHR
text/plain 34.203.172.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/Snap?msn=4&pid=83f09f7b-a171-4247-bcb2-d4620f13ecad&token=427473A3-0367-BDF0-F58D-3858F0E66DAD&_=921898727

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbfce861-204b-f69c-e517-b3a52e78f2a8.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.172.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-172-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.qualified-window-survey.americatopquotes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Mar 2023 01:11:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.13/ Frame 9C41 0
625 B 309ms
106ms Script
text/javascript 34.203.172.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/SaveDeviceId.js?lac=4A8C24CB-F03B-67DD-8A46-05E6F890542E&lck=CBFCE861-204B-F69C-E517-B3A52E78F2A8&methods=48&token=427473A3-0367-BDF0-F58D-3858F0E66DAD&uuid=b5d0069e0275484cbb2b657c2c32f4e5

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=427473A3-0367-BDF0-F58D-3858F0E66DAD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=CBFCE861-204B-F69C-E517-B3A52E78F2A8&lac=4A8C24CB-F03B-67DD-8A46-05E6F890542E

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.172.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-172-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/ 270 KB
67 KB 50ms
47ms Script
text/javascript 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBPhEYmR0pPjTxClN5Lvoa9kPMfiUN4qVo&libraries=places&callback=loadGoogleMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8605c23e565a96c1361218762063ecd7fd58df5dd67d2bfae48a07468ac4dc7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 453775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68577
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 22:08:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 19:08:38 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/ 159 KB
55 KB 85ms
83ms Script
text/javascript 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBPhEYmR0pPjTxClN5Lvoa9kPMfiUN4qVo&libraries=places&callback=loadGoogleMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d49d943267bb71f96aaea5498acb9544fdd427649b9a0b77a590314058669a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 453775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56038
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 22:08:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 19:08:38 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/ 90 KB
26 KB 112ms
110ms Script
text/javascript 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBPhEYmR0pPjTxClN5Lvoa9kPMfiUN4qVo&libraries=places&callback=loadGoogleMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38785c2c7b929949ea566a4c0c064c824ae9e3de5f4cbfeb8fab67e19f800154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 453652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26581
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 22:08:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 19:10:41 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/ 47 KB
17 KB 101ms
100ms Script
text/javascript 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBPhEYmR0pPjTxClN5Lvoa9kPMfiUN4qVo&libraries=places&callback=loadGoogleMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03b533f17ea1b7f27f1dc10fdf577d9ee7ec3bfb3fe582161ba80c82bc581df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 453652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17034
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 22:08:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 19:10:41 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 307ms
104ms XHR
application/json 35.175.162.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16782378917600.5847142018375111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.162.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-162-169.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 0e8581081266dd13125e870247adafd8d7a56796ed3cf4e9921b26fa811b1f73

Request headers

Referer: https://www.qualified-window-survey.americatopquotes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Mar 2023 01:11:33 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 196ms
80ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:34 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Wed, 08 Mar 2023 01:11:34 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
3 KB 197ms
81ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:34 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Wed, 08 Mar 2023 01:11:34 GMT

GET
H2 200 trustedform-1.8.38.js Show response
cdn.trustedform.com/ 102 KB
37 KB 15ms
15ms Script
application/javascript 2600:9000:223d:3800:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=16782378917600.5847142018375111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp
content-encoding: gzip
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
date: Wed, 08 Mar 2023 01:11:13 GMT
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 27
etag: W/"a71c6d4fa015e7b61cc1fc54ff9b242e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RYOE-moaxRZO_Sw5lHDmT_xWsCuP8ygCzGpSmQSwrIFYNqB2QZWrmA==

POST
H2 200 Snap Show response
create.leadid.com/2.11.13/ 0
622 B 348ms
247ms XHR
text/plain 34.203.172.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/Snap?msn=5&pid=83f09f7b-a171-4247-bcb2-d4620f13ecad&token=427473A3-0367-BDF0-F58D-3858F0E66DAD&_=921898728

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbfce861-204b-f69c-e517-b3a52e78f2a8.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.172.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-172-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.qualified-window-survey.americatopquotes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Mar 2023 01:11:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 snapshot Show response
api.trustedform.com/certs/d4fa75192ec8e2fe583bc4185bd67ce816727847/ 0
159 B 106ms
103ms XHR
text/plain 35.175.162.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/d4fa75192ec8e2fe583bc4185bd67ce816727847/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.162.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-162-169.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.qualified-window-survey.americatopquotes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 08 Mar 2023 01:11:34 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 logo.svg
qualified-window-survey.com/data/ 16 KB
16 KB 164ms
162ms Image
image/svg+xml 162.144.3.115
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualified-window-survey.com/data/logo.svg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.144.3.115 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-144-3-115.unifiedlayer.com
Software: Apache /
Resource Hash: e191e411817d398a895c4cd074ba2bea2929436ba5663472cbd0a6961fe93cd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.qualified-window-survey.americatopquotes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:11:34 GMT
last-modified: Fri, 06 Jan 2023 06:47:59 GMT
server: Apache
accept-ranges: bytes
content-length: 16052
content-type: image/svg+xml

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.13/ 0
622 B 107ms
107ms XHR
text/plain 34.203.172.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/InitFormData?msn=6&pid=83f09f7b-a171-4247-bcb2-d4620f13ecad&token=427473A3-0367-BDF0-F58D-3858F0E66DAD&_=921898729

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbfce861-204b-f69c-e517-b3a52e78f2a8.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.172.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-172-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.qualified-window-survey.americatopquotes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Mar 2023 01:11:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.13/ 0
622 B 107ms
107ms XHR
text/plain 34.203.172.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.13/Snap?msn=7&pid=83f09f7b-a171-4247-bcb2-d4620f13ecad&token=427473A3-0367-BDF0-F58D-3858F0E66DAD&_=921898730

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbfce861-204b-f69c-e517-b3a52e78f2a8.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.172.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-172-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.qualified-window-survey.americatopquotes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Mar 2023 01:11:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.qualified-window-survey.americatopquotes.com/	1970-01-20 10:10:38	Name: leadid_token-4A8C24CB-F03B-67DD-8A46-05E6F890542E-CBFCE861-204B-F69C-E517-B3A52E78F2A8 Value: 427473A3-0367-BDF0-F58D-3858F0E66DAD
			.deviceid.trueleadid.com/	1970-01-20 19:46:37	Name: uuid Value: b5d0069e0275484cbb2b657c2c32f4e5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
maps.gstatic.com
qualified-window-survey.com
www.qualified-window-survey.americatopquotes.com
13.32.118.125
162.144.3.115
2600:9000:223d:3800:1c:7f1a:6680:93a1
2606:4700:10::ac43:29e5
2a00:1450:4001:812::200a
2a00:1450:400d:805::200a
2a00:1450:400d:807::2003
2a00:1450:400d:80c::2003
34.203.172.198
35.175.162.169
44.207.228.156
001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c
00e247009abefcfd944b71d6da86e0320efc94e082d471e292fbf4ba5afed69b
03b533f17ea1b7f27f1dc10fdf577d9ee7ec3bfb3fe582161ba80c82bc581df3
0e8581081266dd13125e870247adafd8d7a56796ed3cf4e9921b26fa811b1f73
355391583f29e8e4c3cbba984916f2ec70744cb6ea475b2591549229799121e1
38785c2c7b929949ea566a4c0c064c824ae9e3de5f4cbfeb8fab67e19f800154
3d49d943267bb71f96aaea5498acb9544fdd427649b9a0b77a590314058669a6
4c0cc637858d6503cba9262f8be75740c29e853605a153a7bde46a6e2e367eb0
4f84d68abea2ea861750fc176852cb7950b07b30bf16a6101216859b49961a93
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
8605c23e565a96c1361218762063ecd7fd58df5dd67d2bfae48a07468ac4dc7c
86de19ff3de0cb28ad4bc635daf8aa984634d07d2897c467904cdf07e6182b30
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93eada3e7a9f4c35268eec010c957d827a647d7d562d0ecb1855de3a16824467
9fd7a6b614b2f0d1c8caacf1dafee9b90001baa28ba8dd2bf318c34513ba7b31
a14fefef7991f1f6d013540d10a2ffc1d48b6d2dcd51440708561bfd5e3afb34
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
c8467b98f112bb1b06a33cde66a70de85c05d22a455f91f592554c804a50a729
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e
d575cd0c32a214206e1b48fa9b6048eaa4a5048ad791c68656956c3438511d9f
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dc960b538a8d34402a3bfd919d47267a6ad0337e132f972a1905f1adead58817
e191e411817d398a895c4cd074ba2bea2929436ba5663472cbd0a6961fe93cd9
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe71c7245fe97a5bddc8111ff56f99da4135f3e17f8183cafe526c4815c1b4c0
fecf9f10bd405a779d4f5dd9f6aab245d90f0b71a726992f34f922352469caca

www.qualified-window-survey.americatopquotes.com Open in urlscan Pro 162.144.3.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

55 %IPv6

9 Domains

12 Subdomains

12 IPs

3 Countries

593 kBTransfer

1616 kBSize

2 Cookies

5 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.qualified-window-survey.americatopquotes.com Open in urlscan Pro
162.144.3.115 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

55 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

593 kB
Transfer

1616 kB
Size

2
Cookies

41 HTTP transactions
1 data transactions