urlscan.io logo urlscan.io
SecurityTrails logo

windowsavingsnow.com Open in urlscan Pro
35.208.106.206  Public Scan

Go To Rescan Add Verdict Report
URL: https://windowsavingsnow.com/
Submission Tags: @phishunt_io
Submission: On August 14 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 14 domains to perform 82 HTTP transactions. The main IP is 35.208.106.206, located in Council Bluffs, United States and belongs to GOOGLE-2, US. The main domain is windowsavingsnow.com.
TLS certificate: Issued by R3 on August 14th 2021. Valid for: 3 months.
This is the only time windowsavingsnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

24    35.208.106.206 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 206.106.208.35.bc.googleusercontent.com
windowsavingsnow.com
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    34.226.157.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-157-170.compute-1.amazonaws.com
lowermyutilitybill.leadshook.io
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3035::ac43:a413 (United States)

ASN13335 (CLOUDFLARENET, US)
lucrordesign.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    35.209.122.3 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 3.122.209.35.bc.googleusercontent.com
pennysaversusa.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
14    13.224.193.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-37.fra2.r.cloudfront.net
static.leadshook.io
1    151.101.13.26 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.polyfill.io
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    52.1.104.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-104-222.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:2057:2c00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
2    52.222.137.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-22.ams50.r.cloudfront.net
d2zdr2rqflfo3.cloudfront.net
2    184.73.106.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-106-146.compute-1.amazonaws.com
apm.leadshook.io
Domain Requested by
24 windowsavingsnow.com windowsavingsnow.com
14 static.leadshook.io lowermyutilitybill.leadshook.io
cdn.trustedform.com
9 lowermyutilitybill.leadshook.io windowsavingsnow.com
lowermyutilitybill.leadshook.io
static.leadshook.io
4 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com windowsavingsnow.com
lowermyutilitybill.leadshook.io
2 apm.leadshook.io static.leadshook.io
2 d2zdr2rqflfo3.cloudfront.net lowermyutilitybill.leadshook.io
cdn.trustedform.com
2 cdn.trustedform.com lowermyutilitybill.leadshook.io
api.trustedform.com
2 www.facebook.com windowsavingsnow.com
2 browser.sentry-cdn.com lowermyutilitybill.leadshook.io
2 maxcdn.bootstrapcdn.com lowermyutilitybill.leadshook.io
maxcdn.bootstrapcdn.com
2 connect.facebook.net windowsavingsnow.com
connect.facebook.net
2 www.youtube.com lowermyutilitybill.leadshook.io
www.youtube.com
1 cdn.polyfill.io lowermyutilitybill.leadshook.io
1 lucrordesign.com windowsavingsnow.com
1 pennysaversusa.com windowsavingsnow.com
82 17

This site contains no links.

Subject Issuer Validity Valid
windowsavingsnow.com
R3		 2021-08-14 -
2021-11-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.leadshook.io
Amazon		 2021-05-30 -
2022-06-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-14 -
2022-08-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
pennysaversusa.com
R3		 2021-07-21 -
2021-10-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
cdn.trustedform.com
Amazon		 2021-05-14 -
2022-06-12		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.trustedform.com
Amazon		 2020-11-11 -
2021-12-10		 a year crt.sh

This page contains 4 frames:

Primary Page: https://windowsavingsnow.com/
Frame ID: 7EBACE5D7F162AB10A004853EAB4A031
Requests: 53 HTTP requests in this frame

Frame: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Frame ID: 7C90F050FA83A6BDAB09643A78F92760
Requests: 32 HTTP requests in this frame

Frame: https://api.trustedform.com/certs
Frame ID: 20B06BDE0D45F25618ACF4DA892F42B3
Requests: 1 HTTP requests in this frame

Frame: https://api.trustedform.com/certs/46d5f510c906b2d58e22af0bf38193bfbd8231dd/snapshot
Frame ID: 69FBE4773BBC5DB8DA56EC4564EA08FC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

82
Requests

93 %
HTTPS

53 %
IPv6

14
Domains

17
Subdomains

18
IPs

2
Countries

5711 kB
Transfer

11597 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=16289574667700.8346068877694504&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=16289574667700.8346068877694504&invert_field_sensitivity=false

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
windowsavingsnow.com/ 		61 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ed4190a357a5cb78a2ada016b6b85499f3ebfc276b93514d1c319f276a9d9944
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
windowsavingsnow.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Sat, 14 Aug 2021 16:11:03 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-content-type-options
nosniff
x-cache-enabled
True
link
<https://windowsavingsnow.com/wp-json/>; rel="https://api.w.org/" <https://windowsavingsnow.com/wp-json/wp/v2/pages/19>; rel="alternate"; type="application/json" <https://windowsavingsnow.com/>; rel=shortlink
x-httpd-modphp
1
x-xss-protection
1; mode=block
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
content-encoding
br
siteground-optimizer-combined-css-a1a9b8f51aa8307f4ccf3f4b066e1ebf.css
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/ 		781 KB
94 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-a1a9b8f51aa8307f4ccf3f4b066e1ebf.css
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
81c41c83b1582cfe8ef8fafe9cc3113b6064ae729d221f37625f35a7c23cc2d7

Request headers

:path
/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-a1a9b8f51aa8307f4ccf3f4b066e1ebf.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:03 GMT
content-encoding
br
last-modified
Fri, 13 Aug 2021 01:33:27 GMT
server
nginx
etag
W/"6115cbe7-c3446"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:03 GMT
css
fonts.googleapis.com/ 		9 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=5.8
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19d31578c07647f1c2f442ff2018dc058bd6f53009730b72da9388412306c712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 14 Aug 2021 16:09:29 GMT
server
ESF
date
Sat, 14 Aug 2021 16:11:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Aug 2021 16:11:03 GMT
jquery.min.js
windowsavingsnow.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:03 GMT
content-encoding
br
last-modified
Fri, 13 Aug 2021 21:44:44 GMT
server
nginx
etag
W/"6116e7cc-15db1"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:03 GMT
jquery-migrate.min.js
windowsavingsnow.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:03 GMT
content-encoding
br
last-modified
Fri, 13 Aug 2021 21:44:44 GMT
server
nginx
etag
W/"6116e7cc-2bd8"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:03 GMT
jquery.bind-first-0.2.3.min.js
windowsavingsnow.com/wp-content/plugins/pixelyoursite/dist/scripts/ 		1 KB
872 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=5.8
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa

Request headers

:path
/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Thu, 22 Jul 2021 08:36:46 GMT
server
nginx
etag
W/"60f92e1e-525"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
js.cookie-2.1.3.min.js
windowsavingsnow.com/wp-content/plugins/pixelyoursite/dist/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0

Request headers

:path
/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Thu, 22 Jul 2021 08:36:46 GMT
server
nginx
etag
W/"60f92e1e-6ad"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
pys.min.js
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/pys.min.js?ver=8.2.5
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8e557eca869251221b0f933c7b1b446c4d7ff48672adcb68598e11743b7d6a80

Request headers

:path
/wp-content/uploads/siteground-optimizer-assets/pys.min.js?ver=8.2.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Thu, 22 Jul 2021 08:36:46 GMT
server
nginx
etag
W/"60f92e1e-7064"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
dummy.png
windowsavingsnow.com/wp-content/plugins/revslider/public/assets/assets/ 		68 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windowsavingsnow.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

:path
/wp-content/plugins/revslider/public/assets/assets/dummy.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
last-modified
Thu, 22 Jul 2021 08:36:24 GMT
server
nginx
etag
"60f92e08-44"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
68
expires
Sun, 14 Aug 2022 16:11:04 GMT
js_embed
lowermyutilitybill.leadshook.io/s/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lowermyutilitybill.leadshook.io/s/js_embed
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.157.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-157-170.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
26ef8fe6d478708043c5d4406829c933e588fcef584d0afe60e105aa39191aa2

Request headers

Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
gzip
etag
W/"2e4b-g670462F9i0g7O8c1MuH96SRGh4"
server
nginx/1.19.9
x-powered-by
Express
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/html; charset=utf-8
css
fonts.googleapis.com/ 		3 KB
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:500%7CRoboto:400
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc9a50b6e11f43a432358bc78186f33e1fdcd34cd499d60145f1500d003506b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 14 Aug 2021 16:11:04 GMT
server
ESF
date
Sat, 14 Aug 2021 16:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Aug 2021 16:11:04 GMT
regenerator-runtime.min.js
windowsavingsnow.com/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

:path
/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Fri, 13 Aug 2021 21:44:44 GMT
server
nginx
etag
W/"6116e7cc-1906"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
wp-polyfill.min.js
windowsavingsnow.com/wp-includes/js/dist/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

:path
/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Fri, 13 Aug 2021 21:44:44 GMT
server
nginx
etag
W/"6116e7cc-4056"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
contact-form-7.min.js
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/contact-form-7.min.js?ver=5.4.2
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e7e1fff5ba31a4aad01b021157ad397f9235410aeca7a00ee9f4d69112b0707e

Request headers

:path
/wp-content/uploads/siteground-optimizer-assets/contact-form-7.min.js?ver=5.4.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Thu, 22 Jul 2021 08:36:38 GMT
server
nginx
etag
W/"60f92e16-325f"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
rbtools.min.js
windowsavingsnow.com/wp-content/plugins/revslider/public/assets/js/ 		121 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
87664d848161d3a5bf83a511f4f483dc05e8472d06aedd5111488d267af298bb

Request headers

:path
/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Thu, 22 Jul 2021 08:36:24 GMT
server
nginx
etag
W/"60f92e08-1e570"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
rs6.min.js
windowsavingsnow.com/wp-content/plugins/revslider/public/assets/js/ 		367 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e4efcd6ec7d1fc476d9d3f43480ec9fb2b37ebcca255edefd2cfad8d2a96c27a

Request headers

:path
/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Thu, 22 Jul 2021 08:36:24 GMT
server
nginx
etag
W/"60f92e08-5bc43"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
lazysizes.min.js
windowsavingsnow.com/wp-content/plugins/sg-cachepress/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-content/plugins/sg-cachepress/assets/js/lazysizes.min.js?ver=5.8.2
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e2b128a72c6e2c5bc7c526c24799ae8b83a2c32ad25f71c3acc14c7c6e2e1469

Request headers

:path
/wp-content/plugins/sg-cachepress/assets/js/lazysizes.min.js?ver=5.8.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Thu, 22 Jul 2021 08:36:49 GMT
server
nginx
etag
W/"60f92e21-1c44"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
xtra.min.js
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/xtra.min.js?ver=4.0.5
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
62a980d514bb0b3386def930fd5efe9891cbc05496146248e9a92c8402c30acf

Request headers

:path
/wp-content/uploads/siteground-optimizer-assets/xtra.min.js?ver=4.0.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Mon, 22 Mar 2021 15:55:34 GMT
server
nginx
etag
W/"6058bdf6-4953"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
codevz-plugin.min.js
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/codevz-plugin.min.js?ver=4.2.1
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fad4a80669f9966beb57e8f7df4671ae96ddf3da8c4c2f9ae2bef86cb1f322e5

Request headers

:path
/wp-content/uploads/siteground-optimizer-assets/codevz-plugin.min.js?ver=4.2.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Thu, 22 Jul 2021 08:36:33 GMT
server
nginx
etag
W/"60f92e11-b3d4"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
codevz-share.min.js
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/ 		1 KB
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/codevz-share.min.js?ver=4.2.1
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
28b9f17b585b3722b4fc4883a2bb4e6c1ffc2be41e45081cbe3752bd752d02a4

Request headers

:path
/wp-content/uploads/siteground-optimizer-assets/codevz-share.min.js?ver=4.2.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Thu, 22 Jul 2021 08:36:33 GMT
server
nginx
etag
W/"60f92e11-439"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
wp-embed.min.js
windowsavingsnow.com/wp-includes/js/ 		1 KB
911 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Fri, 13 Aug 2021 21:44:44 GMT
server
nginx
etag
W/"6116e7cc-592"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
js_composer_front.min.js
windowsavingsnow.com/wp-content/plugins/js_composer/assets/js/dist/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff

Request headers

:path
/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Thu, 22 Jul 2021 08:36:43 GMT
server
nginx
etag
W/"60f92e1b-4e9c"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
image.js
windowsavingsnow.com/wp-content/plugins/codevz-plus/wpbakery/assets/js/ 		579 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsavingsnow.com/wp-content/plugins/codevz-plus/wpbakery/assets/js/image.js?ver=4.2.1
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
490205bd0e29007df27f327f3c888514d90b0b87f77d54f6a51f3329f0c8ed04

Request headers

:path
/wp-content/plugins/codevz-plus/wpbakery/assets/js/image.js?ver=4.2.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
last-modified
Thu, 22 Jul 2021 08:36:33 GMT
server
nginx
etag
W/"60f92e11-243"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 14 Aug 2022 16:11:04 GMT
truncated
/ 		88 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4f0091d654925b99652679bd060c889704aa70aebd07e1322acda3d38014f02

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		88 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0696bb3df09627caefc874274365ad085818ea01a24cacadd90064b78ed64aa4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		416 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ed0d520e5505edd3862515a661448e740ce6446332f07e6046b190f12860485

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=5.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://windowsavingsnow.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 22:05:46 GMT
x-content-type-options
nosniff
age
410718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 22:05:46 GMT
czicons.woff2
pennysaversusa.com/wp-content/plugins/codevz-plus/admin/fields/codevz_fields/icons/ 		0
0
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=5.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://windowsavingsnow.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 09:27:55 GMT
x-content-type-options
nosniff
age
369789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 09:27:55 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=5.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://windowsavingsnow.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 07:49:38 GMT
x-content-type-options
nosniff
age
202886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Aug 2022 07:49:38 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=5.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://windowsavingsnow.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 19:08:26 GMT
x-content-type-options
nosniff
age
421358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 19:08:26 GMT
fa-solid-900.woff2
pennysaversusa.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 		0
0
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1618fc3f7c51e1fdff870f5a0da595360a31b2d6e1cb5478ab70fb3e20628185

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		92 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21ae645e9dd8f5bcad31f5e174317918adce51adb1a1ec04b4d1ffa8eba5b6c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		92 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e127702f3d14536c022f0ce961bcb98dd8f24e26cb4c383bfcc9568f4d8bbce

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		123 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9eaba4ee4769286a5a60125fda070144c81cf2f3f24f23e4eece81d8dfeeb672

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
row-bg.jpg
lucrordesign.com/chris/wp-content/uploads/sites/46/2020/01/ 		183 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lucrordesign.com/chris/wp-content/uploads/sites/46/2020/01/row-bg.jpg?id=1303
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a413 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a574f56b4e64e23015a396c9304078bcb56c05963fcff8b133f769b4fb349df6

Request headers

Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8490
x-cache
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
186988
last-modified
Tue, 02 Jun 2020 15:30:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOjSKsS%2BAfpM%2FG3jLR1XhaZ2eN94m6ZAEfhUcM3LoNZr3QiWt1r3mLNQWVsGWAy04GwlQ1DRdUGT2V2YRObLGE%2B0ocbpwBRtd%2FPTXswZYTR%2BCSdAHalFJYb2OwG3KbD0WsPWp%2Bvneqpr8HIjYrfr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=10368000, public
accept-ranges
bytes
cf-ray
67eb74f7d851dfd7-FRA
expires
Sun, 12 Dec 2021 13:49:33 GMT
css_embed
lowermyutilitybill.leadshook.io/s/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lowermyutilitybill.leadshook.io/s/css_embed
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/s/js_embed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.157.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-157-170.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
88cd789d9d4b86385a619fb82fdd063ddb9e4699259214e873a1f0d2ebbd867a

Request headers

Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
gzip
etag
W/"2901-Yx75bqrXW1e6n5CI+ReFgGmb3lo"
server
nginx/1.19.9
x-powered-by
Express
x-cache-status
EXPIRED
vary
Accept-Encoding
content-type
text/css; charset=utf-8
aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA
lowermyutilitybill.leadshook.io/survey/ Frame 7C90 		207 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/s/js_embed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.157.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-157-170.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
ffcc0dcbac94aae47174145d2d1437dacd7aff019c917d519cd6d28836d934ed

Request headers

:method
GET
:authority
lowermyutilitybill.leadshook.io
:scheme
https
:path
/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://windowsavingsnow.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-type
text/html; charset=utf-8
set-cookie
AWSALBTG=IZdHH9baGUzNaeADpolhx57kvBhp9yAEJq2Si2gmAZhVxnD7hz0h8gqbwCGtiQy/BxNWk/5551aM+MjXWXEnfQUp35tiEmNuY4gAlhsnlQcunAysabZCg3UJlVXdC6/0/ECq54s6orJ7xdxIZX1k4oMRuvkNIvWZihsEs6xk58U7Ts9zpSY=; Expires=Sat, 21 Aug 2021 16:11:04 GMT; Path=/ AWSALBTGCORS=IZdHH9baGUzNaeADpolhx57kvBhp9yAEJq2Si2gmAZhVxnD7hz0h8gqbwCGtiQy/BxNWk/5551aM+MjXWXEnfQUp35tiEmNuY4gAlhsnlQcunAysabZCg3UJlVXdC6/0/ECq54s6orJ7xdxIZX1k4oMRuvkNIvWZihsEs6xk58U7Ts9zpSY=; Expires=Sat, 21 Aug 2021 16:11:04 GMT; Path=/; SameSite=None; Secure AWSALB=+5xzGbgRU4XdhC2d8uy4mGvBue3ExI+UfrVd6CrtKaHgFKy1Q1b2ZshhPQd4MwOJVHPl0S1pLtEp8Llr+l08ZB0Qz/PcBzPD0W072MBaCw4vydGswG97kwcdtqbr; Expires=Sat, 21 Aug 2021 16:11:04 GMT; Path=/ AWSALBCORS=+5xzGbgRU4XdhC2d8uy4mGvBue3ExI+UfrVd6CrtKaHgFKy1Q1b2ZshhPQd4MwOJVHPl0S1pLtEp8Llr+l08ZB0Qz/PcBzPD0W072MBaCw4vydGswG97kwcdtqbr; Expires=Sat, 21 Aug 2021 16:11:04 GMT; Path=/; SameSite=None; Secure aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA.leadData=j%3A%7B%22leadId%22%3A135863001%2C%22leadToken%22%3A%22aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA2Omf1cT9dnj7HKVtNlkR%22%2C%22quizId%22%3A39142%7D; Max-Age=2592000; Path=/; Expires=Mon, 13 Sep 2021 16:11:04 GMT; Secure; SameSite=None
server
nginx/1.19.9
x-powered-by
Express
x-username
undefined
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
etag
W/"33d24-G2HrUtPzslyBkXv8LUA9Clwp584"
vary
Accept-Encoding
content-encoding
gzip
x-cache-status
MISS
iframe_api
www.youtube.com/ 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/s/js_embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
accept-ch-lifetime
2592000
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires
Sat, 14 Aug 2021 16:11:04 GMT
www-widgetapi.js
www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/ 		126 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 14:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 12 Aug 2021 00:18:48 GMT
server
sffe
age
6982
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42941
x-xss-protection
0
expires
Sun, 14 Aug 2022 14:14:42 GMT
loader.gif
pennysaversusa.com/wp-content/plugins/revslider/public/assets/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pennysaversusa.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-a1a9b8f51aa8307f4ccf3f4b066e1ebf.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.122.3 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
3.122.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Request headers

Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:05 GMT
last-modified
Thu, 22 Jul 2021 08:36:24 GMT
server
nginx
etag
"60f92e08-9f1"
x-proxy-cache-info
DT:1
content-type
image/gif
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
2545
expires
Sun, 14 Aug 2022 16:11:05 GMT
slider.jpg
windowsavingsnow.com/wp-content/uploads/revslider/xtra_slider_business/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windowsavingsnow.com/wp-content/uploads/revslider/xtra_slider_business/slider.jpg
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
867b3fe064421366fb4d64335f427ba8cdc9c75bc6e2249f333c117f53817b49

Request headers

:path
/wp-content/uploads/revslider/xtra_slider_business/slider.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
last-modified
Mon, 22 Mar 2021 16:11:50 GMT
server
nginx
etag
"6058c1c6-738c"
x-proxy-cache-info
DT:1
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
29580
expires
Sun, 14 Aug 2022 16:11:04 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/pys.min.js?ver=8.2.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25944
x-xss-protection
0
pragma
public
x-fb-debug
278GulLAuqSqEQF3Ot4vpMqD5PWTtSsuqjOwOuQSijT2zuPvCkLGOSdHoBAUZmXIY7Vy1Lnr+xbGgCyRdAvcaQ==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 14 Aug 2021 16:11:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
345912956288246
connect.facebook.net/signals/config/ 		253 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/345912956288246?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c101b6bb04c1f31effdb1ccb7edb7111061f7ffa92b05c5755d7f0f8a98a43cb
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
3KY7l4un7xIYI8MBoQYurF22dOUa0+uLSIF6IV5/zVgqRNbAe0E2yzLqoBfeb1a7BmYMqe+Z1YU7ZkQ5k+1qKw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 14 Aug 2021 16:11:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
d3fed649.frontend_vendor.css
static.leadshook.io/app/ Frame 7C90 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadshook.io/app/d3fed649.frontend_vendor.css
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 05:06:32 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 16:04:36 GMT
server
AmazonS3
age
39872
etag
"6ee0a53a1d8223ee7d661e6284865ae1"
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
5854
x-amz-cf-id
llT7mv_C3tHB2vNDcPFCrlnLva4q3rPHjgMGohjGULbJzDFLQ9GLzg==
c94d53b6.app.css
static.leadshook.io/app/ Frame 7C90 		239 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadshook.io/app/c94d53b6.app.css
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99ce046f886e71bfffa6f2db1a9a98b5b9091af0bb287f6fc07085281b3f7b96

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 23:57:34 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 18:24:03 GMT
server
AmazonS3
age
58411
etag
W/"c94d53b60df72704048f27cb05ce2594"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
8MTbg3Dl9M_3sLTCa8ksuBNXxIS1RSpFz16_PTCcCHpknrbSCbEWwQ==
polyfill.min.js
cdn.polyfill.io/v2/ Frame 7C90 		222 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.26 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
2042613
detected-user-agent
Chrome/89.0.4389
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Wed, 21 Jul 2021 20:09:20 GMT
date
Sat, 14 Aug 2021 16:11:04 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ Frame 7C90 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
565, 617, 617
age
12510632
cdn-cachedat
2021-03-11 11:58:04
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
af3097212757f6b13d804a73f5f188bc
cf-ray
67eb74facaba1f41-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
elastic-apm-rum.umd.min.js
static.leadshook.io/assets/js/ Frame 7C90 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.leadshook.io/assets/js/elastic-apm-rum.umd.min.js
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b74b25b717c4e6e657a99a586c315890d38dc1867630a971eda2a6c9f29bb710

Request headers

Origin
https://lowermyutilitybill.leadshook.io
Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 19:51:16 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 00:12:36 GMT
server
AmazonS3
age
73190
etag
W/"4faa2da8e7488a0a5c99a4c109ac29a5"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
DHsBraNV_CU9xOt9ZH2ss6n_u2aLLJDNao53BVS1Toj7LywJEnVFDw==
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
c46b800d.frontend_vendor.js
static.leadshook.io/app/ Frame 7C90 		2 MB
633 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.leadshook.io/app/c46b800d.frontend_vendor.js
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de7063b3693ee438a4e630b2a0e1bd865ac0959097796344091729f9233cfe27

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 19:47:09 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 16:04:36 GMT
server
AmazonS3
age
73435
etag
"e5e9da2c02b560bed4a30c1a9021a0ab"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
646622
x-amz-cf-id
DF7Pd0ksCxITvH0EtJDFY_c60cyKJwibwuMO-ZvSVNvVH9hL4TekzA==
bundle.min.js
browser.sentry-cdn.com/6.2.4/ Frame 7C90 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.2.4/bundle.min.js
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
c58d6637c09b8e4fb23d0a5edc17b2ddf36e661e24ff45435a93f901960edddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://lowermyutilitybill.leadshook.io
Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 12:55:06 GMT
server
Fastly
age
11841997
etag
"2c3368edb3ace1657a828b21fdb4d256"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
20678
expires
Wed, 30 Mar 2022 14:44:26 GMT
angular.min.js
browser.sentry-cdn.com/6.2.4/ Frame 7C90 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.2.4/angular.min.js
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dcc8f1e8f413412930f4898766ca3034690a187df934c4dbc16fec3a82a8c41c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://lowermyutilitybill.leadshook.io
Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
last-modified
Tue, 30 Mar 2021 12:55:06 GMT
server
Fastly
age
3300589
etag
W/"f672c3f3bf0ce5bd2a3709cc811fa9ba"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-guploader-response-body-transformations
gunzipped
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
access-control-allow-origin
*
content-length
5908
expires
Thu, 07 Jul 2022 11:21:15 GMT
0b04d364.frontend_app.js
static.leadshook.io/app/ Frame 7C90 		3 MB
408 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.leadshook.io/app/0b04d364.frontend_app.js
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4376a85e69c0e4604b59a807aaa51155cf93a83f59a32e1d473036483086c20

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 18:35:43 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 18:24:03 GMT
server
AmazonS3
age
77722
etag
"79c95cd906cbe53aa04790a5e509ae29"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
416680
x-amz-cf-id
5_ur1PGHVZ1D0pXOlGn1dn2FaFaG5Pb4I6SQrziv9i1hMO6iExrihw==
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=345912956288246&ev=PageView&dl=https%3A%2F%2Fwindowsavingsnow.com%2F&rl=&if=false&ts=1628957464887&cd[page_title]=Home&cd[post_type]=page&cd[post_id]=19&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=windowsavingsnow.com%2F&sw=1600&sh=1200&v=2.9.44&r=stable&a=dvpixelyoursite&ec=0&o=30&fbp=fb.1.1628957464885.205699579&it=1628957464737&coo=false&rqm=GET
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 14 Aug 2021 16:11:04 GMT
PUSA-Logo.jpg
windowsavingsnow.com/wp-content/uploads/2021/05/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windowsavingsnow.com/wp-content/uploads/2021/05/PUSA-Logo.jpg
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
79715ba6aafc2aa64e529eaf1a766965bc66895a6e4bf614f64b9dfa8cee7e4b

Request headers

:path
/wp-content/uploads/2021/05/PUSA-Logo.jpg
pragma
no-cache
cookie
_fbp=fb.1.1628957464885.205699579
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:05 GMT
last-modified
Sat, 22 May 2021 23:34:30 GMT
server
nginx
etag
"60a99506-1392e"
x-proxy-cache-info
DT:1
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
80174
expires
Sun, 14 Aug 2022 16:11:05 GMT
solar-panel-money-hands-men-energy-production-technologies-wooden-house-background-solar-panel-money-hands-men-119718923.jpg
windowsavingsnow.com/wp-content/uploads/2021/05/ 		220 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windowsavingsnow.com/wp-content/uploads/2021/05/solar-panel-money-hands-men-energy-production-technologies-wooden-house-background-solar-panel-money-hands-men-119718923.jpg
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
da0853b8dccf741d1b7506dbc3f335e68f65eccd0662ddfcff38ed58021f79f0

Request headers

:path
/wp-content/uploads/2021/05/solar-panel-money-hands-men-energy-production-technologies-wooden-house-background-solar-panel-money-hands-men-119718923.jpg
pragma
no-cache
cookie
_fbp=fb.1.1628957464885.205699579
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:05 GMT
last-modified
Mon, 03 May 2021 18:01:35 GMT
server
nginx
etag
"60903a7f-37034"
x-proxy-cache-info
DT:1
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
225332
expires
Sun, 14 Aug 2022 16:11:05 GMT
23.jpg
windowsavingsnow.com/wp-content/uploads/2021/05/ 		699 KB
700 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windowsavingsnow.com/wp-content/uploads/2021/05/23.jpg
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.106.206 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
206.106.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3f7e9931b63de1f415818c0fc32bebdf83181f994ed4bfbaf7be16632d49872d

Request headers

:path
/wp-content/uploads/2021/05/23.jpg
pragma
no-cache
cookie
_fbp=fb.1.1628957464885.205699579
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
windowsavingsnow.com
referer
https://windowsavingsnow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:05 GMT
last-modified
Mon, 03 May 2021 18:01:03 GMT
server
nginx
etag
"60903a5f-aec9a"
x-proxy-cache-info
DT:1
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
715930
expires
Sun, 14 Aug 2022 16:11:05 GMT
czicons.woff
pennysaversusa.com/wp-content/plugins/codevz-plus/admin/fields/codevz_fields/icons/ 		0
0
css2
fonts.googleapis.com/ Frame 7C90 		204 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e85fa543d250f248dc12e4e8e2e09dc2aed6377f4904a2b5c78b9ab780abd7e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 14 Aug 2021 16:11:05 GMT
server
ESF
date
Sat, 14 Aug 2021 16:11:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 14 Aug 2021 16:11:05 GMT
fa-solid-900.woff
pennysaversusa.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 		0
0
czicons.ttf
pennysaversusa.com/wp-content/plugins/codevz-plus/admin/fields/codevz_fields/icons/ 		0
0
fa-solid-900.ttf
pennysaversusa.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 		0
0
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=345912956288246&ev=Microdata&dl=https%3A%2F%2Fwindowsavingsnow.com%2F&rl=&if=false&ts=1628957466389&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Window%20Savings%20Now%20%E2%80%93%20Useful%20Money%20Saving%20Tips%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&a=dvpixelyoursite&ec=1&o=30&fbp=fb.1.1628957464885.205699579&it=1628957464737&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windowsavingsnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sat, 14 Aug 2021 16:11:06 GMT
bootstrap.js
cdn.trustedform.com/ Frame 7C90
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=16289574667700.8346068877694504&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=16289574667700.8346068877694504&invert_field_sensitivity=false
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=16289574667700.8346068877694504&invert_field_sensitivity=false
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2c00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1693d11482eca6a33026c4806be73862b3a99e13584706c7a901649d02a589eb

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:08 GMT
content-encoding
gzip
last-modified
Sat, 14 Aug 2021 02:28:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
W/"fdac7b6b3acded319a9a0b30ee46151b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
x-amz-version-id
prHq44kXskA7lBiNH81yeS3BYYIe6kPr
x-amz-cf-id
pAFNzNlodxjr9PMNYgEysE3ZDijRPFDEX8AvykPbcLHW-OXfDHybGQ==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxCertUrl&l=16289574667700.8346068877694504&invert_field_sensitivity=false
date
Sat, 14 Aug 2021 16:11:07 GMT
server
awselb/2.0
content-length
134
content-type
text/html
pixel.png
d2zdr2rqflfo3.cloudfront.net/ Frame 7C90 		95 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2zdr2rqflfo3.cloudfront.net/pixel.png?host=lowermyutilitybill.leadshook.io&subdomain=lowermyutilitybill&accountId=1154&quizId=39142&leadId=135863001&quizVersionId=2
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-22.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:08 GMT
via
1.1 9fce949f3749407c8e6a75087e168b47.cloudfront.net (CloudFront)
last-modified
Sat, 28 Sep 2019 18:11:04 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
etag
"9591c410148e6883727c5339fd1c02cd"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
r8xkc3iDhLtRK2tr3CxLasNvC4bDNVeLwIDck0dzLBC0csKXEZOQNw==
phil-hearing-iyfp2ixe9nm-unsplash%20(1)-1585714393195.jpg
static.leadshook.io/upload/lowermyutilitybill/ Frame 7C90 		609 KB
610 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.leadshook.io/upload/lowermyutilitybill/phil-hearing-iyfp2ixe9nm-unsplash%20(1)-1585714393195.jpg
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1d13b6e488425debec1aa7606609aa1516a288b6ef44948ccff360afdffd6e4

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:06 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2020 04:13:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"c8dc64c588a920e8a1610f61f68450e7"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
623406
x-amz-cf-id
uVYxOqUsRP6OtqQxpLCcBTHC4HGzh40mrjkf-cLf9S8cb-18tZP4Ag==
mobile%20home-1585767200554.jpg
static.leadshook.io/upload/lowermyutilitybill/ Frame 7C90 		398 KB
399 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.leadshook.io/upload/lowermyutilitybill/mobile%20home-1585767200554.jpg
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd33b485f1a4b9da75b12b4497f6621346981ea0a68ecfa0dd3773a546ccd592

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 13:56:13 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2020 18:53:29 GMT
server
AmazonS3
age
8093
etag
"853aa6a217bcd4cf8ba3e9ef937e8953"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
407374
x-amz-cf-id
OlWr2J66ElmpMRvPmUKL-E0PyOum73WMlsNVvSBuIKmVO56SD2YHfg==
apt-1585767199365.jpg
static.leadshook.io/upload/lowermyutilitybill/ Frame 7C90 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.leadshook.io/upload/lowermyutilitybill/apt-1585767199365.jpg
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43639d8ed64a965fb70c6b2d10de35dfd9d78271bd171c1512117818b14341e6

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:06 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2020 18:53:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"60415190d5497308b405723cb654b20c"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
179955
x-amz-cf-id
5ZSTxT4yR2O7JfEXWQv5iaX2wL_ldAYDM9AYhYGJeBCm-ZEXHqi2Pg==
other-1585767202215.jpg
static.leadshook.io/upload/lowermyutilitybill/ Frame 7C90 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.leadshook.io/upload/lowermyutilitybill/other-1585767202215.jpg
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b060446306273b1f291d00493b29d7d5d635ba96f7bedbffc17d2b55aac1ff59

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:06 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2020 18:53:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"d6689798baa214ddbd2398756776cb3b"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
43486
x-amz-cf-id
zHWqVmhl-WBM9n2wJMtVoKksDxHX8ufD3q3hxtuTvb7wZGae8w4NJA==
44-1586374552049.jpg
static.leadshook.io/upload/lowermyutilitybill/ Frame 7C90 		262 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.leadshook.io/upload/lowermyutilitybill/44-1586374552049.jpg
Requested by
Host: lowermyutilitybill.leadshook.io
URL: https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3afb8e76ca5161265ca5bcdf3652738b0c47aab94556908ae930cd263a33d60

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 19:05:54 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
last-modified
Wed, 08 Apr 2020 19:36:03 GMT
server
AmazonS3
age
75913
etag
"6f2a8b05dcde622f9e1826a0d6d4de38"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
268231
x-amz-cf-id
o065_Qr_cbgI7UX4VnJzX9TCKuHGRvtdl5w_3MWm8A4h4wpQKTeGzQ==
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ Frame 7C90 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://lowermyutilitybill.leadshook.io
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
9986421
cdn-cachedat
2021-04-21 03:57:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
66624
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
b5964cbd4515917d05fe7a01bfdbd635
accept-ranges
bytes
cf-ray
67eb75087fbec2ea-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
impressions
lowermyutilitybill.leadshook.io/api/ Frame 7C90 		183 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lowermyutilitybill.leadshook.io/api/impressions
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/assets/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.157.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-157-170.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
ea96b414ae5f6af73c56222da4f0622a04574999a77351b303e063d7dada6cee

Request headers

Accept
application/json, text/plain, */*
Referer
https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
X-Requested-With
XMLHttpRequest
traceparent
00-2f778e2b1f15a28df7e6558e6abcd8a5-f2a9839163c40f22-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 14 Aug 2021 16:11:07 GMT
server
nginx/1.19.9
x-powered-by
Express
x-username
undefined
etag
W/"b7-xUDIkEQeCqY1TF9gAXCZa7+TgO8"
vary
X-HTTP-Method-Override, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lowermyutilitybill.leadshook.io
access-control-allow-credentials
true
content-length
183
nodetracker
lowermyutilitybill.leadshook.io/api/ Frame 7C90 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lowermyutilitybill.leadshook.io/api/nodetracker
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/assets/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.157.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-157-170.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
X-Requested-With
XMLHttpRequest
traceparent
00-2f778e2b1f15a28df7e6558e6abcd8a5-5adb4ac601350fa2-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://lowermyutilitybill.leadshook.io
date
Sat, 14 Aug 2021 16:11:07 GMT
access-control-allow-credentials
true
server
nginx/1.19.9
x-username
undefined
x-powered-by
Express
vary
X-HTTP-Method-Override, Origin
geoip
lowermyutilitybill.leadshook.io/api/ Frame 7C90 		2 KB
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lowermyutilitybill.leadshook.io/api/geoip?leadId=135863001
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/assets/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.157.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-157-170.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
deafc7f5f400f2517308a65d9034b104651a8cd6dfd18b9b844d8e2f66312281

Request headers

Accept
*/*
Referer
https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
X-Requested-With
XMLHttpRequest
traceparent
00-2f778e2b1f15a28df7e6558e6abcd8a5-3495757d97595012-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:07 GMT
content-encoding
gzip
etag
W/"7e2-c7OFKfFrTuJWHBdvp7MOfKI9+X0"
server
nginx/1.19.9
x-username
undefined
x-powered-by
Express
x-cache-status
MISS
vary
Accept-Encoding
content-type
application/json; charset=utf-8
fields
lowermyutilitybill.leadshook.io/api/leads/135863001/ Frame 7C90 		0
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lowermyutilitybill.leadshook.io/api/leads/135863001/fields
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/assets/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.157.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-157-170.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
X-Requested-With
XMLHttpRequest
traceparent
00-2f778e2b1f15a28df7e6558e6abcd8a5-290c19dd4bdf71c6-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://lowermyutilitybill.leadshook.io
date
Sat, 14 Aug 2021 16:11:07 GMT
access-control-allow-credentials
true
server
nginx/1.19.9
x-username
undefined
x-powered-by
Express
vary
X-HTTP-Method-Override, Origin
135863001
lowermyutilitybill.leadshook.io/api/leads/ Frame 7C90 		628 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lowermyutilitybill.leadshook.io/api/leads/135863001
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/assets/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.157.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-157-170.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
595cdd2c5eccc8e034437b00db740feab9d3caa9fc03813751b4f5e31fe09f30

Request headers

Accept
application/json, text/plain, */*
Referer
https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
X-Requested-With
XMLHttpRequest
traceparent
00-2f778e2b1f15a28df7e6558e6abcd8a5-996944d7a80348cb-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 14 Aug 2021 16:11:07 GMT
content-encoding
gzip
server
nginx/1.19.9
x-powered-by
Express
x-username
undefined
etag
W/"274-5Xg9PvOMSce5DXsK907onn5IjrQ"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lowermyutilitybill.leadshook.io
access-control-allow-credentials
true
106079324
lowermyutilitybill.leadshook.io/api/impressions/ Frame 7C90 		3 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lowermyutilitybill.leadshook.io/api/impressions/106079324
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/assets/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.157.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-157-170.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
d0bca111f8628137adc4c16f123496dcdd1d590d06cb5d9acd68b39fe656fb97

Request headers

Accept
application/json, text/plain, */*
Referer
https://lowermyutilitybill.leadshook.io/survey/aLuWiLNfpRDLJYxH6DyODMFFdzZ4vBzL4GZYxSEA?embed=true&index=0
X-Requested-With
XMLHttpRequest
traceparent
00-2f778e2b1f15a28df7e6558e6abcd8a5-cf0c2071b3806a8c-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 14 Aug 2021 16:11:07 GMT
server
nginx/1.19.9
x-powered-by
Express
x-username
undefined
etag
W/"3-EYT1uNS23QhwnPFRPyZ0QWcGXg0"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lowermyutilitybill.leadshook.io
access-control-allow-credentials
true
content-length
3
certs
api.trustedform.com/ Frame 20B0 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=16289574667700.8346068877694504&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.104.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-104-222.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
a246cd1d0ea1d016a5c80276647cf60914fbbb65e29031b4dacdb1f3bb2d0a23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 14 Aug 2021 16:11:11 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
events
apm.leadshook.io/intake/v2/rum/ Frame 7C90 		84 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apm.leadshook.io/intake/v2/rum/events
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/assets/js/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.106.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-106-146.compute-1.amazonaws.com
Software
/
Resource Hash
9fe8c6f27bcfa841c57f50914026d11ccaf061ace975387cb5e2058f2e8928d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Content-Encoding
gzip
Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-ndjson

Response headers

access-control-allow-origin
https://lowermyutilitybill.leadshook.io
date
Sat, 14 Aug 2021 16:11:11 GMT
x-content-type-options
nosniff
content-length
84
content-type
application/json
events
apm.leadshook.io/intake/v2/rum/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apm.leadshook.io/intake/v2/rum/events
Protocol
H2
Server
184.73.106.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-106-146.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-encoding,content-type
Origin
https://lowermyutilitybill.leadshook.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 14 Aug 2021 16:11:10 GMT
content-length
0
access-control-allow-headers
Content-Type, Content-Encoding, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://lowermyutilitybill.leadshook.io
access-control-expose-headers
Etag
access-control-max-age
3600
vary
Origin
x-content-type-options
nosniff
trustedform-1.3.4.js
cdn.trustedform.com/ Frame 7C90 		59 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.3.4.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxCertUrl&l=16289574667700.8346068877694504&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2c00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17ad62046c1465528019c13b61451f1aa0adf14421d46cfe6e9d9e4a653a7f03

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
M4_uKQbgE9_6u3qnA6xlzKmN5aG7R5C0
content-encoding
gzip
last-modified
Thu, 05 Aug 2021 21:37:41 GMT
server
AmazonS3
age
12
etag
W/"905ad70314703ef71640be5d33cb7a52"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
date
Sat, 14 Aug 2021 16:10:59 GMT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Qve_-SLaMvP49KdUvEvPSgOpOTReZ0JnCnUFQrf5ooY2IUGp0QBSvQ==
snapshot
api.trustedform.com/certs/46d5f510c906b2d58e22af0bf38193bfbd8231dd/ Frame 69FB 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/46d5f510c906b2d58e22af0bf38193bfbd8231dd/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.3.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.104.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-104-222.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 14 Aug 2021 16:11:11 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
pixel.png
d2zdr2rqflfo3.cloudfront.net/ Frame 7C90 		95 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2zdr2rqflfo3.cloudfront.net/pixel.png?host=lowermyutilitybill.leadshook.io&subdomain=lowermyutilitybill&accountId=1154&quizId=39142&leadId=135863001&quizVersionId=2
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.3.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-22.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:08 GMT
via
1.1 9fce949f3749407c8e6a75087e168b47.cloudfront.net (CloudFront)
last-modified
Sat, 28 Sep 2019 18:11:04 GMT
server
AmazonS3
age
4
etag
"9591c410148e6883727c5339fd1c02cd"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
content-length
95
x-amz-cf-id
brLNEzLphzUHqSlZiDIHNeEOJQB84cMjMEjul2QxxnkILPYE66PaSQ==
phil-hearing-iyfp2ixe9nm-unsplash%20(1)-1585714393195.jpg
static.leadshook.io/upload/lowermyutilitybill/ Frame 7C90 		609 KB
610 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.leadshook.io/upload/lowermyutilitybill/phil-hearing-iyfp2ixe9nm-unsplash%20(1)-1585714393195.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.3.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1d13b6e488425debec1aa7606609aa1516a288b6ef44948ccff360afdffd6e4

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 14:39:03 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2020 04:13:24 GMT
server
AmazonS3
age
5529
etag
"c8dc64c588a920e8a1610f61f68450e7"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
623406
x-amz-cf-id
tBvZx9wbMhkpf5y7JA-xwvubaL4N5hA3glAqp5-nvfkhhrVBi65jRw==
mobile%20home-1585767200554.jpg
static.leadshook.io/upload/lowermyutilitybill/ Frame 7C90 		398 KB
399 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.leadshook.io/upload/lowermyutilitybill/mobile%20home-1585767200554.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.3.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd33b485f1a4b9da75b12b4497f6621346981ea0a68ecfa0dd3773a546ccd592

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 13:56:13 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2020 18:53:29 GMT
server
AmazonS3
age
8098
etag
"853aa6a217bcd4cf8ba3e9ef937e8953"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
407374
x-amz-cf-id
t-HMhoSQlg67p6KCertro4TEL41zWxFVdI4L_hUnb3fhnY1gbarOzA==
apt-1585767199365.jpg
static.leadshook.io/upload/lowermyutilitybill/ Frame 7C90 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.leadshook.io/upload/lowermyutilitybill/apt-1585767199365.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.3.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43639d8ed64a965fb70c6b2d10de35dfd9d78271bd171c1512117818b14341e6

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:06 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2020 18:53:27 GMT
server
AmazonS3
age
8098
etag
"60415190d5497308b405723cb654b20c"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
179955
x-amz-cf-id
MI3lwaOUoV0pfHB1-bv1xkiN_TzSHmAAUTbJyCPdfg6yZYjoJ1M_BQ==
other-1585767202215.jpg
static.leadshook.io/upload/lowermyutilitybill/ Frame 7C90 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.leadshook.io/upload/lowermyutilitybill/other-1585767202215.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.3.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b060446306273b1f291d00493b29d7d5d635ba96f7bedbffc17d2b55aac1ff59

Request headers

Referer
https://lowermyutilitybill.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 16:11:06 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2020 18:53:28 GMT
server
AmazonS3
age
5529
etag
"d6689798baa214ddbd2398756776cb3b"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
43486
x-amz-cf-id
yr_gGHaqH02236AArlj7pEutJ6MC997-H6NU4YSDCSmLn2gZNHmKvg==
fingerprints
api.trustedform.com/certs/46d5f510c906b2d58e22af0bf38193bfbd8231dd/ Frame 69FB 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/46d5f510c906b2d58e22af0bf38193bfbd8231dd/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.3.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.104.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-104-222.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 14 Aug 2021 16:11:11 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pennysaversusa.com
URL
https://pennysaversusa.com/wp-content/plugins/codevz-plus/admin/fields/codevz_fields/icons/czicons.woff2
Domain
pennysaversusa.com
URL
https://pennysaversusa.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
Domain
pennysaversusa.com
URL
https://pennysaversusa.com/wp-content/plugins/codevz-plus/admin/fields/codevz_fields/icons/czicons.woff
Domain
pennysaversusa.com
URL
https://pennysaversusa.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff
Domain
pennysaversusa.com
URL
https://pennysaversusa.com/wp-content/plugins/codevz-plus/admin/fields/codevz_fields/icons/czicons.ttf
Domain
pennysaversusa.com
URL
https://pennysaversusa.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.ttf

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| $ function| jQuery object| pysOptions function| setREVStartSize number| RSIW number| RSIH function| attrUnescape function| parseAttributes function| getViewport function| addEvent number| mobileBreakpoint function| resize object| CSSModal object| quizzes object| RS_MODULES function| revslider_showDoubleJqueryError function| setImmediate function| clearImmediate object| wpcf7 object| xtra_strings object| wp function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox function| tpj object| revapi1 function| Cookies function| pys_generate_token function| getBundlePriceOnSingleProduct object| pys object| runtime object| regeneratorRuntime object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| gsapVersions object| tpGS object| punchgs object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| lazySizes object| RSANYID object| RSANYID_sliderID boolean| _R_is_Editor string| RSBrowser boolean| isSafari11 object| T boolean| _rs_firefox13 boolean| _rs_firefox boolean| _rs_ie boolean| _rs_ie9 boolean| _rs_desktop object| Codevz object| Codevz_Plus function| fbq function| _fbq

0 Cookies

3 Console Messages

Source Level URL
Text
console-api log URL: https://windowsavingsnow.com/(Line 1)
Message:
PixelYourSite Free version 8.2.5
console-api log URL: https://windowsavingsnow.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api warning URL: https://browser.sentry-cdn.com/6.2.4/bundle.min.js(Line 2)
Message:
[Elastic APM] Failed sending events! Error: https://apm.leadshook.io/intake/v2/rum/events HTTP status: 503

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
apm.leadshook.io
browser.sentry-cdn.com
cdn.polyfill.io
cdn.trustedform.com
connect.facebook.net
d2zdr2rqflfo3.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
lowermyutilitybill.leadshook.io
lucrordesign.com
maxcdn.bootstrapcdn.com
pennysaversusa.com
static.leadshook.io
windowsavingsnow.com
www.facebook.com
www.youtube.com
pennysaversusa.com
13.224.193.37
151.101.13.26
184.73.106.146
2600:9000:2057:2c00:1c:7f1a:6680:93a1
2606:4700:3035::ac43:a413
2606:4700::6812:bcf
2a00:1450:4001:810::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::729
34.226.157.170
35.208.106.206
35.209.122.3
52.1.104.222
52.222.137.22
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0696bb3df09627caefc874274365ad085818ea01a24cacadd90064b78ed64aa4
0ed0d520e5505edd3862515a661448e740ce6446332f07e6046b190f12860485
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff
1618fc3f7c51e1fdff870f5a0da595360a31b2d6e1cb5478ab70fb3e20628185
1693d11482eca6a33026c4806be73862b3a99e13584706c7a901649d02a589eb
17ad62046c1465528019c13b61451f1aa0adf14421d46cfe6e9d9e4a653a7f03
19d31578c07647f1c2f442ff2018dc058bd6f53009730b72da9388412306c712
21ae645e9dd8f5bcad31f5e174317918adce51adb1a1ec04b4d1ffa8eba5b6c1
26ef8fe6d478708043c5d4406829c933e588fcef584d0afe60e105aa39191aa2
28b9f17b585b3722b4fc4883a2bb4e6c1ffc2be41e45081cbe3752bd752d02a4
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17
3f7e9931b63de1f415818c0fc32bebdf83181f994ed4bfbaf7be16632d49872d
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
43639d8ed64a965fb70c6b2d10de35dfd9d78271bd171c1512117818b14341e6
490205bd0e29007df27f327f3c888514d90b0b87f77d54f6a51f3329f0c8ed04
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
595cdd2c5eccc8e034437b00db740feab9d3caa9fc03813751b4f5e31fe09f30
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
62a980d514bb0b3386def930fd5efe9891cbc05496146248e9a92c8402c30acf
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
79715ba6aafc2aa64e529eaf1a766965bc66895a6e4bf614f64b9dfa8cee7e4b
81c41c83b1582cfe8ef8fafe9cc3113b6064ae729d221f37625f35a7c23cc2d7
867b3fe064421366fb4d64335f427ba8cdc9c75bc6e2249f333c117f53817b49
87664d848161d3a5bf83a511f4f483dc05e8472d06aedd5111488d267af298bb
88cd789d9d4b86385a619fb82fdd063ddb9e4699259214e873a1f0d2ebbd867a
8e557eca869251221b0f933c7b1b446c4d7ff48672adcb68598e11743b7d6a80
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
99ce046f886e71bfffa6f2db1a9a98b5b9091af0bb287f6fc07085281b3f7b96
9e127702f3d14536c022f0ce961bcb98dd8f24e26cb4c383bfcc9568f4d8bbce
9eaba4ee4769286a5a60125fda070144c81cf2f3f24f23e4eece81d8dfeeb672
9fe8c6f27bcfa841c57f50914026d11ccaf061ace975387cb5e2058f2e8928d2
a246cd1d0ea1d016a5c80276647cf60914fbbb65e29031b4dacdb1f3bb2d0a23
a4f0091d654925b99652679bd060c889704aa70aebd07e1322acda3d38014f02
a574f56b4e64e23015a396c9304078bcb56c05963fcff8b133f769b4fb349df6
b060446306273b1f291d00493b29d7d5d635ba96f7bedbffc17d2b55aac1ff59
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b74b25b717c4e6e657a99a586c315890d38dc1867630a971eda2a6c9f29bb710
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111
c101b6bb04c1f31effdb1ccb7edb7111061f7ffa92b05c5755d7f0f8a98a43cb
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c58d6637c09b8e4fb23d0a5edc17b2ddf36e661e24ff45435a93f901960edddd
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
d0bca111f8628137adc4c16f123496dcdd1d590d06cb5d9acd68b39fe656fb97
d1d13b6e488425debec1aa7606609aa1516a288b6ef44948ccff360afdffd6e4
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
da0853b8dccf741d1b7506dbc3f335e68f65eccd0662ddfcff38ed58021f79f0
dc9a50b6e11f43a432358bc78186f33e1fdcd34cd499d60145f1500d003506b0
dcc8f1e8f413412930f4898766ca3034690a187df934c4dbc16fec3a82a8c41c
dd33b485f1a4b9da75b12b4497f6621346981ea0a68ecfa0dd3773a546ccd592
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de7063b3693ee438a4e630b2a0e1bd865ac0959097796344091729f9233cfe27
deafc7f5f400f2517308a65d9034b104651a8cd6dfd18b9b844d8e2f66312281
e2b128a72c6e2c5bc7c526c24799ae8b83a2c32ad25f71c3acc14c7c6e2e1469
e3afb8e76ca5161265ca5bcdf3652738b0c47aab94556908ae930cd263a33d60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4efcd6ec7d1fc476d9d3f43480ec9fb2b37ebcca255edefd2cfad8d2a96c27a
e7e1fff5ba31a4aad01b021157ad397f9235410aeca7a00ee9f4d69112b0707e
e85fa543d250f248dc12e4e8e2e09dc2aed6377f4904a2b5c78b9ab780abd7e3
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
ea96b414ae5f6af73c56222da4f0622a04574999a77351b303e063d7dada6cee
ed4190a357a5cb78a2ada016b6b85499f3ebfc276b93514d1c319f276a9d9944
f4376a85e69c0e4604b59a807aaa51155cf93a83f59a32e1d473036483086c20
f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492
fad4a80669f9966beb57e8f7df4671ae96ddf3da8c4c2f9ae2bef86cb1f322e5
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffcc0dcbac94aae47174145d2d1437dacd7aff019c917d519cd6d28836d934ed