replacement-windows-ct.windowcompanyct.com Open in urlscan Pro
108.167.140.167 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://replacement-windows-ct.windowcompanyct.com/
Submission Tags: @phishunt_io
Submission: On January 13 via api (January 13th 2021, 12:09:35 pm UTC) from ES

Summary HTTP 19 Redirects Links 10 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 108.167.140.167, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is replacement-windows-ct.windowcompanyct.com.
TLS certificate: Issued by R3 on January 12th 2021. Valid for: 3 months.

This is the only time replacement-windows-ct.windowcompanyct.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
6	108.167.140.167 108.167.140.167		46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
19	2

6 108.167.140.167 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 108-167-140-167.unifiedlayer.com

replacement-windows-ct.windowcompanyct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
replacement-windows-ct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	replacement-windows-ct.com replacement-windows-ct.com	340 KB
1	windowcompanyct.com replacement-windows-ct.windowcompanyct.com	8 KB
19	2

	Domain	Requested by
5	replacement-windows-ct.com	replacement-windows-ct.windowcompanyct.com
1	replacement-windows-ct.windowcompanyct.com
19	2

This site contains links to these domains. Also see Links.

Domain
replacement-windows-ct.com
www.clouds.pl

Subject Issuer	Validity	Valid
webmail.replacement-windows-ct.com R3	`2021-01-12` - `2021-04-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://replacement-windows-ct.windowcompanyct.com/
Frame ID: 5063A57DD3F1C66DECBAA99BCA5E8336
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

19
Requests

5 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

349 kB
Transfer

365 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://replacement-windows-ct.com/

Search URL Search Domain Scan URL

URL: http://replacement-windows-ct.com/window-buying/
Title: Window buying

Search URL Search Domain Scan URL

URL: http://replacement-windows-ct.com/how-to-read-a-window-label/
Title: How to read a window label

Search URL Search Domain Scan URL

URL: http://replacement-windows-ct.com/high-performance-glass/
Title: High performance glass

Search URL Search Domain Scan URL

URL: http://replacement-windows-ct.com/energy-savings/
Title: Energy savings

Search URL Search Domain Scan URL

URL: http://replacement-windows-ct.com/comfort/
Title: Comfort

Search URL Search Domain Scan URL

URL: http://replacement-windows-ct.com/easy-cleaning/
Title: Easy cleaning

Search URL Search Domain Scan URL

URL: http://replacement-windows-ct.com/curb-appeal/
Title: Curb appeal

Search URL Search Domain Scan URL

URL: http://replacement-windows-ct.com/window-companies/
Title: Window companies

Search URL Search Domain Scan URL

URL: http://www.clouds.pl/
Title: Strony internetowe Białystok

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response replacement-windows-ct.windowcompanyct.com/	26 KB 8 KB	721ms 184ms	Document text/html	108.167.140.167 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://replacement-windows-ct.windowcompanyct.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.167.140.167 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-167-140-167.unifiedlayer.com Software Apache / Resource Hash `08639d0b4641825125945d8c7059c88f0d38f0dd2aae2a333185b44c2b7f6f27` Request headers :method GET :authority replacement-windows-ct.windowcompanyct.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 13 Jan 2021 12:09:15 GMT server Apache last-modified Thu, 07 Jan 2021 08:12:51 GMT accept-ranges bytes cache-control max-age=600 expires Wed, 13 Jan 2021 12:19:15 GMT vary Accept-Encoding content-encoding gzip x-endurance-cache-level 2 content-length 8473 content-type text/html
GET H/1.1	200 OK	logo-e1550655786272.png replacement-windows-ct.com/wp-content/uploads/2019/02/	17 KB 17 KB	325ms 302ms	Image image/png	108.167.140.167 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://replacement-windows-ct.com/wp-content/uploads/2019/02/logo-e1550655786272.png Requested by Host: replacement-windows-ct.windowcompanyct.com URL: https://replacement-windows-ct.windowcompanyct.com/ Protocol HTTP/1.1 Server 108.167.140.167 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-167-140-167.unifiedlayer.com Software Apache / Resource Hash `7d05d3713ab0ca9c2d8058916de1cf754a4b4f9903f69a3b6879f6b7db40003b` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 13 Jan 2021 12:09:16 GMT Last-Modified Wed, 20 Feb 2019 09:43:06 GMT Server Apache X-Endurance-Cache-Level 2 Upgrade h2,h2c Cache-Control max-age=21600 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=75 Content-Length 17231 Expires Wed, 13 Jan 2021 18:09:16 GMT
GET		wp-emoji-release.min.js replacement-windows-ct.com/wp-includes/js/	0 0

GET		style.min.css replacement-windows-ct.com/wp-includes/css/dist/block-library/	0 0

GET		style.css replacement-windows-ct.com/wp-content/themes/clsgnakedtwo/	0 0

GET		dashicons.min.css replacement-windows-ct.com/wp-includes/css/	0 0

GET		jquery.js replacement-windows-ct.com/wp-includes/js/jquery/	0 0

GET		jquery-migrate.min.js replacement-windows-ct.com/wp-includes/js/jquery/	0 0

GET		flexslider.css replacement-windows-ct.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/	0 0

GET		public.css replacement-windows-ct.com/wp-content/plugins/ml-slider/assets/metaslider/	0 0

GET		replacement-windows-ct-01.jpg replacement-windows-ct.com/wp-content/uploads/2019/02/	0 0

GET		replacement-windows-ct-02.jpg replacement-windows-ct.com/wp-content/uploads/2019/02/	0 0

GET H/1.1	200 OK	replacement-windows-ct-05.jpg replacement-windows-ct.com/wp-content/uploads/2019/02/	85 KB 86 KB	335ms 304ms	Image image/jpeg	108.167.140.167 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://replacement-windows-ct.com/wp-content/uploads/2019/02/replacement-windows-ct-05.jpg Requested by Host: replacement-windows-ct.windowcompanyct.com URL: https://replacement-windows-ct.windowcompanyct.com/ Protocol HTTP/1.1 Server 108.167.140.167 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-167-140-167.unifiedlayer.com Software Apache / Resource Hash `1eab38a7c1792139bb5c3cdca951dd7f421c99f8ee2f3178951f1a003c659047` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 13 Jan 2021 12:09:16 GMT Last-Modified Wed, 20 Feb 2019 10:18:17 GMT Server Apache X-Endurance-Cache-Level 2 Upgrade h2,h2c Cache-Control max-age=21600 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=5, max=75 Content-Length 87340 Expires Wed, 13 Jan 2021 18:09:16 GMT
GET H/1.1	200 OK	replacement-windows-ct-03.jpg replacement-windows-ct.com/wp-content/uploads/2019/02/	56 KB 56 KB	322ms 293ms	Image image/jpeg	108.167.140.167 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://replacement-windows-ct.com/wp-content/uploads/2019/02/replacement-windows-ct-03.jpg Requested by Host: replacement-windows-ct.windowcompanyct.com URL: https://replacement-windows-ct.windowcompanyct.com/ Protocol HTTP/1.1 Server 108.167.140.167 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-167-140-167.unifiedlayer.com Software Apache / Resource Hash `c71a785ba7e3caf9071e57e5417fdacf80c863b8374cc4b214a107ef8f179f7c` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 13 Jan 2021 12:09:16 GMT Last-Modified Wed, 20 Feb 2019 10:21:16 GMT Server Apache X-Endurance-Cache-Level 2 Upgrade h2,h2c Cache-Control max-age=21600 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=5, max=75 Content-Length 57180 Expires Wed, 13 Jan 2021 18:09:16 GMT
GET H/1.1	200 OK	replacement-windows-ct-04.jpg replacement-windows-ct.com/wp-content/uploads/2019/02/	91 KB 91 KB	324ms 297ms	Image image/jpeg	108.167.140.167 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://replacement-windows-ct.com/wp-content/uploads/2019/02/replacement-windows-ct-04.jpg Requested by Host: replacement-windows-ct.windowcompanyct.com URL: https://replacement-windows-ct.windowcompanyct.com/ Protocol HTTP/1.1 Server 108.167.140.167 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-167-140-167.unifiedlayer.com Software Apache / Resource Hash `2b82448ea10c5cbb121212e6b91ff783774bf2f2e83925045cce2daa29b9b099` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 13 Jan 2021 12:09:16 GMT Last-Modified Wed, 20 Feb 2019 10:26:24 GMT Server Apache X-Endurance-Cache-Level 2 Upgrade h2,h2c Cache-Control max-age=21600 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=5, max=75 Content-Length 93321 Expires Wed, 13 Jan 2021 18:09:16 GMT
GET H/1.1	200 OK	replacement-windows-ct-06.jpg replacement-windows-ct.com/wp-content/uploads/2019/02/	89 KB 90 KB	331ms 305ms	Image image/jpeg	108.167.140.167 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://replacement-windows-ct.com/wp-content/uploads/2019/02/replacement-windows-ct-06.jpg Requested by Host: replacement-windows-ct.windowcompanyct.com URL: https://replacement-windows-ct.windowcompanyct.com/ Protocol HTTP/1.1 Server 108.167.140.167 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-167-140-167.unifiedlayer.com Software Apache / Resource Hash `abf092af0078013d3070722e40e6626d8a7c4f3037c147733c5c3465e61665f2` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 13 Jan 2021 12:09:16 GMT Last-Modified Wed, 20 Feb 2019 10:31:43 GMT Server Apache X-Endurance-Cache-Level 2 Upgrade h2,h2c Cache-Control max-age=21600 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=5, max=75 Content-Length 91568 Expires Wed, 13 Jan 2021 18:09:16 GMT
GET		scripts-dist.js replacement-windows-ct.com/wp-content/themes/clsgnakedtwo/assets/js/	0 0

GET		wp-embed.min.js replacement-windows-ct.com/wp-includes/js/	0 0

GET		jquery.flexslider.min.js replacement-windows-ct.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: replacement-windows-ct.com
URL: http://replacement-windows-ct.com/wp-includes/js/wp-emoji-release.min.js?ver=5.0.11

Domain: replacement-windows-ct.com
URL: http://replacement-windows-ct.com/wp-includes/css/dist/block-library/style.min.css?ver=5.0.11

Domain: replacement-windows-ct.com
URL: http://replacement-windows-ct.com/wp-content/themes/clsgnakedtwo/style.css?ver=5.0.11

Domain: replacement-windows-ct.com
URL: http://replacement-windows-ct.com/wp-includes/css/dashicons.min.css?ver=5.0.11

Domain: replacement-windows-ct.com
URL: http://replacement-windows-ct.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Domain: replacement-windows-ct.com
URL: http://replacement-windows-ct.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Domain: replacement-windows-ct.com
URL: http://replacement-windows-ct.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.11.1

Domain: replacement-windows-ct.com
URL: http://replacement-windows-ct.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.11.1

Domain: replacement-windows-ct.com
URL: http://replacement-windows-ct.com/wp-content/uploads/2019/02/replacement-windows-ct-01.jpg

Domain: replacement-windows-ct.com
URL: http://replacement-windows-ct.com/wp-content/uploads/2019/02/replacement-windows-ct-02.jpg

Domain: replacement-windows-ct.com
URL: http://replacement-windows-ct.com/wp-content/themes/clsgnakedtwo/assets/js/scripts-dist.js?ver=1

Domain: replacement-windows-ct.com
URL: http://replacement-windows-ct.com/wp-includes/js/wp-embed.min.js?ver=5.0.11

Domain: replacement-windows-ct.com
URL: http://replacement-windows-ct.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.11.1

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings function| metaslider_9 function| timer_metaslider_9

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

replacement-windows-ct.com
replacement-windows-ct.windowcompanyct.com
replacement-windows-ct.com
108.167.140.167
08639d0b4641825125945d8c7059c88f0d38f0dd2aae2a333185b44c2b7f6f27
1eab38a7c1792139bb5c3cdca951dd7f421c99f8ee2f3178951f1a003c659047
2b82448ea10c5cbb121212e6b91ff783774bf2f2e83925045cce2daa29b9b099
7d05d3713ab0ca9c2d8058916de1cf754a4b4f9903f69a3b6879f6b7db40003b
abf092af0078013d3070722e40e6626d8a7c4f3037c147733c5c3465e61665f2
c71a785ba7e3caf9071e57e5417fdacf80c863b8374cc4b214a107ef8f179f7c