replacementwindowsusa.com
Open in
urlscan Pro
50.28.1.120
Public Scan
Submission Tags: @phishunt_io
Submission: On January 12 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 11th 2022. Valid for: 3 months.
This is the only time replacementwindowsusa.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN32244 (LIQUIDWEB, US)
PTR: host.honestinsite.com
replacementwindowsusa.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-158-147.compute-1.amazonaws.com
create.leadid.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-125.fra2.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-129-35.compute-1.amazonaws.com
deviceid.trueleadid.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
leadid.com
create.leadid.com — Cisco Umbrella Rank: 11837 |
3 KB |
5 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
61 KB |
5 |
replacementwindowsusa.com
replacementwindowsusa.com |
57 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33 |
20 KB |
2 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 844 |
86 KB |
1 |
trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 1932 |
2 KB |
1 |
cloudfront.net
d2m2wsoho8qq12.cloudfront.net |
2 KB |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6151 |
565 B |
1 |
googleadservices.com
1 redirects
www.googleadservices.com — Cisco Umbrella Rank: 97 |
513 B |
1 |
lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 20666 |
39 KB |
1 |
comparehvacexperts.com
comparehvacexperts.com |
315 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
46 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37 |
1 KB |
1 |
walkintubadvice.com
walkintubadvice.com |
13 KB |
27 | 14 |
Domain | Requested by | |
---|---|---|
5 | create.leadid.com |
create.lidstatic.com
deviceid.trueleadid.com |
5 | replacementwindowsusa.com |
replacementwindowsusa.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.gstatic.com |
www.googletagmanager.com
www.gstatic.com |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | use.fontawesome.com |
replacementwindowsusa.com
use.fontawesome.com |
1 | deviceid.trueleadid.com |
d2m2wsoho8qq12.cloudfront.net
|
1 | d2m2wsoho8qq12.cloudfront.net |
create.lidstatic.com
|
1 | www.google.de |
replacementwindowsusa.com
|
1 | www.googleadservices.com | 1 redirects |
1 | create.lidstatic.com |
replacementwindowsusa.com
|
1 | comparehvacexperts.com |
replacementwindowsusa.com
|
1 | www.googletagmanager.com |
replacementwindowsusa.com
|
1 | fonts.googleapis.com |
replacementwindowsusa.com
|
1 | walkintubadvice.com |
replacementwindowsusa.com
|
27 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
optinconfirmations.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
replacementwindowsusa.com cPanel, Inc. Certification Authority |
2022-01-11 - 2022-04-11 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-30 - 2022-07-29 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
lidstatic.com Cloudflare Inc ECC CA-3 |
2021-04-30 - 2022-04-29 |
a year | crt.sh |
create.leadid.com Amazon |
2021-10-22 - 2022-11-19 |
a year | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
deviceid.trueleadid.com Amazon |
2022-01-07 - 2023-02-05 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://replacementwindowsusa.com/
Frame ID: F8233FBB842A59866AC4C3EDE1081E92
Requests: 24 HTTP requests in this frame
Frame:
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=537D1095-57AD-8459-1F3B-A1914E18E638&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C5F34CBB-C699-8877-A439-3F8DB29A8BA4&lac=513B5E2E-DA56-11E1-B447-22000A1DBECD
Frame ID: 95208CB04C04BC9E55F63DD39B166781
Requests: 1 HTTP requests in this frame
Frame:
https://deviceid.trueleadid.com/iframe.html?token=537D1095-57AD-8459-1F3B-A1914E18E638&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C5F34CBB-C699-8877-A439-3F8DB29A8BA4&lac=513B5E2E-DA56-11E1-B447-22000A1DBECD
Frame ID: CDD99B00A71D2F7CD6745CEFC8CD111A
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Replacement Windows USADetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- googleapis\.com/.+webfont
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Contact Us
Search URL Search Domain Scan URL
Title: California Data Privacy Act
Search URL Search Domain Scan URL
Title: Unsubscribe
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://www.googleadservices.com/pagead/conversion/616925330/wcm?cc=ZZ&dn=8337570485&cl=v7eJCIGOu9YBEJKRlqYC&ct_eid=2 HTTP 302
- https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8337570485&cl=v7eJCIGOu9YBEJKRlqYC
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
replacementwindowsusa.com/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
replacementwindowsusa.com/css/ |
206 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom3.css
replacementwindowsusa.com/css/ |
1 KB 611 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
walkintubadvice.com/fontawesome/css/ |
69 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.8.1/css/ |
54 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
replacementwindowsusa.com/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
secure.png
replacementwindowsusa.com/images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
117 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hvacbk.jpg
comparehvacexperts.com/images/ |
314 KB 315 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ |
73 KB 73 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c5f34cbb-c699-8877-a439-3f8db29a8ba4.js
create.lidstatic.com/campaign/ |
123 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.gstatic.com/wcm/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
call-tracking_7.js
www.gstatic.com/call-tracking/ |
54 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wcm
www.google.de/pagead/attribution/ Redirect Chain
|
80 B 565 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
GenerateToken
create.leadid.com/2.11.9/ |
36 B 660 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 9520 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
SaveDom
create.leadid.com/2.11.9/ |
0 622 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
InitFormData
create.leadid.com/2.11.9/ |
0 623 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.html
deviceid.trueleadid.com/ Frame CDD9 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Snap
create.leadid.com/2.11.9/ |
0 622 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SaveDeviceId.js
create.leadid.com/2.11.9/ Frame CDD9 |
0 626 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onsecuritypolicyviolation object| onslotchange object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| _googWcmImpl string| _googWcmAk object| gaplugins object| gaGlobal object| gaData function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl string| google_wcc_status object| LeadiDconfig object| LeadiD string| label string| id boolean| sensitiveData object| defaultStyleFrame6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.replacementwindowsusa.com/ | Name: _gcl_au Value: 1.1.1109133903.1642013818 |
|
.replacementwindowsusa.com/ | Name: _ga Value: GA1.2.1017456869.1642013818 |
|
.replacementwindowsusa.com/ | Name: _gid Value: GA1.2.176439333.1642013818 |
|
.replacementwindowsusa.com/ | Name: _gat_UA-46895927-22 Value: 1 |
|
replacementwindowsusa.com/ | Name: leadid_token-513B5E2E-DA56-11E1-B447-22000A1DBECD-C5F34CBB-C699-8877-A439-3F8DB29A8BA4 Value: 537D1095-57AD-8459-1F3B-A1914E18E638 |
|
.deviceid.trueleadid.com/ | Name: uuid Value: 4eef16647aad4bba808fb3fa9ec8e9e5 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
comparehvacexperts.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
replacementwindowsusa.com
use.fontawesome.com
walkintubadvice.com
www.google-analytics.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
13.225.84.125
142.250.184.226
2606:4700:10::6816:26b6
2606:4700:3034::6815:4e03
2606:4700:3036::6815:54fd
2606:4700:3037::6815:4e07
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
50.28.1.120
52.204.158.147
52.22.129.35
05b29e731ac5a3e11c7b0fcde0785296c564342bcd8831c9c9206ca967224d88
0d14a3a656216743eb1e133b5af93d6eaa98c6260b411a01894323e62166f80f
281745d02ecd9da3f2adaaed06841ad80fc94c4db8f3ddd23a319f5c37270989
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
8490874156eb6225f8708a36b29078bf94f35c31e90fbb5143c18c4335eb211f
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ad152562fa9884ff4b170771c422782ed61be026f983260faad700fac2575e23
b3ca92594847cac8137a708d613418fbc13eef77dc0c1eeacfaa0e2b88b3a2c7
b93e852878e83e6da82d5e93f2049f2b88c332256baa71e858760d9a06bb2774
bbfefcedf78c0b3a2ca4c83aeeb67d76262aa665e263201f50d5f90a36631b8e
c0dbc79c475991a64136a90ee18385efb77821a24583782dc0052a28df9704a2
d0bc18babac99be94877a3c9ff3ddf9ba6fed4f4ab05ed6fc95523402e050d6e
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dd7dc6a90fb749f2d571b68d622a49e26d3f0b89d4693f4a42a5571e9de0ca52
e1ec85df845902ca575b56240e9101014402e00ffa9849df62d881ce9ddf16f7
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df