urlscan.io logo urlscan.io
SecurityTrails logo

shopwindowssavings.com Open in urlscan Pro
2606:4700:3031::6815:106d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shopwindowssavings.com/
Effective URL: https://shopwindowssavings.com/step.php
Submission: On December 24 via manual from VN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 1 countries across 8 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3031::6815:106d, located in United States and belongs to CLOUDFLARENET, US. The main domain is shopwindowssavings.com.
TLS certificate: Issued by WE1 on December 7th 2024. Valid for: 3 months.
This is the only time shopwindowssavings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
12 172.67.167.77 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.72.99 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 4 35.172.71.114 14618 (AMAZON-AES)
2 2600:9000:21d... 16509 (AMAZON-02)
1 142.250.64.106 15169 (GOOGLE)
6 54.204.234.182 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3.168.96.129 16509 (AMAZON-02)
36 13
2    2606:4700:3031::6815:106d (United States)

ASN13335 (CLOUDFLARENET, US)
shopwindowssavings.com
1    2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    172.67.167.77 (United States)

ASN13335 (CLOUDFLARENET, US)
shopwindowssavings.com
5    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    142.250.72.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f3.1e100.net
fonts.gstatic.com
1    2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
4    35.172.71.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-71-114.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:21dd:1c00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
1    142.250.64.106 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f10.1e100.net
maps.googleapis.com
6    54.204.234.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-234-182.compute-1.amazonaws.com
create.leadid.com
2    2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)
maps.gstatic.com
1    3.168.96.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-96-129.jfk52.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
Apex Domain
Subdomains		 Transfer
14 shopwindowssavings.com
shopwindowssavings.com
2 MB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
maps.googleapis.com — Cisco Umbrella Rank: 466
280 KB
6 leadid.com
create.leadid.com — Cisco Umbrella Rank: 15224
4 KB
6 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 25036
cdn.trustedform.com — Cisco Umbrella Rank: 28749
45 KB
3 gstatic.com
fonts.gstatic.com
maps.gstatic.com
42 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 24584
39 KB
0 Failed
function sub() { [native code] }. Failed
36 8
Domain Requested by
14 shopwindowssavings.com 1 redirects shopwindowssavings.com
6 create.leadid.com create.lidstatic.com
6 maps.googleapis.com shopwindowssavings.com
maps.googleapis.com
4 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
2 maps.gstatic.com shopwindowssavings.com
2 cdn.trustedform.com shopwindowssavings.com
api.trustedform.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 create.lidstatic.com shopwindowssavings.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com shopwindowssavings.com
0 truncated Failed
36 11

This site contains no links.

Subject Issuer Validity Valid
shopwindowssavings.com
WE1		 2024-12-07 -
2025-03-07		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
lidstatic.com
E6		 2024-11-18 -
2025-02-16		 3 months crt.sh
create.leadid.com
Amazon RSA 2048 M03		 2024-07-20 -
2025-08-18		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.trustedform.com
Amazon RSA 2048 M02		 2024-07-10 -
2025-08-06		 a year crt.sh
cdn.trustedform.com
Amazon RSA 2048 M03		 2024-02-13 -
2025-03-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://shopwindowssavings.com/step.php
Frame ID: 3D94EFC6E8A8D17650361D3CACCCE89B
Requests: 35 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=484E3C26-338D-518A-5426-54626D9B67DF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.1&lck=E915C6E8-61FD-F7CA-7BD7-6C9607D1B368&lac=990889DB-7E7F-7D5F-2353-D0FB66D3F047
Frame ID: 13D2C977B6B00B25830EDA7536AA554B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shop Windows Savings

Page URL History Show full URLs

  1. http://shopwindowssavings.com/ HTTP 307
    https://shopwindowssavings.com/ HTTP 302
    https://shopwindowssavings.com/step.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

97 %
HTTPS

50 %
IPv6

8
Domains

11
Subdomains

13
IPs

1
Countries

2246 kB
Transfer

3496 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shopwindowssavings.com/ HTTP 307
    https://shopwindowssavings.com/ HTTP 302
    https://shopwindowssavings.com/step.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17350342769540.18393118394854802 HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17350342769540.18393118394854802

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request step.php
shopwindowssavings.com/
Redirect Chain
  • http://shopwindowssavings.com/
  • https://shopwindowssavings.com/
  • https://shopwindowssavings.com/step.php
14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shopwindowssavings.com/step.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:106d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f1ed9b4a131b752a539f67f5ffeb298a2db2aa97f4773d5bcb9c22dfa4ae080
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f6fbae30dd4092a-LAX
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 24 Dec 2024 09:57:56 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
same-origin same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JRnhQ%2FRzidYANAEQzEyOW9OCVejvvPMminFYauinKkjyrSyeM053CVxD5Dn29vBVttv%2FZoEb%2BWquMMI%2FyCEVWdios0n0ewBLx0LILnnpjz9h4kG6jakKC8W8Tu7Xe%2Fj2vlo5k7gwKEqm%2BEzR3gscXmkVzXwy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=69477&min_rtt=69418&rtt_var=8315&sent=12&recv=13&lost=0&retrans=0&sent_bytes=4884&recv_bytes=2449&delivery_rate=55942&cwnd=255&unsent_bytes=0&cid=39094f7efa3ffa81&ts=855&x=0"
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies
master-only master-only
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f6fbaded8e9092a-LAX
content-type
text/html; charset=UTF-8
date
Tue, 24 Dec 2024 09:57:56 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
step.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
same-origin same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AnGY5%2BHl2WuFfv9Ntm3N%2FPRGnssY%2BCfrwJ04jIj72nU6IjH65Nuu0jaieq7pncZgntV%2B7LmUWhlfGNe3H%2BmgF%2BBqsZaudTPLS14EKKjJSBg0dFiY%2B9Bid7efj5SQpQ3%2B%2F6FDvuoeRphLiNGrDCGHZso%2FAeB3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=69478&min_rtt=69418&rtt_var=11083&sent=9&recv=11&lost=0&retrans=0&sent_bytes=3992&recv_bytes=2361&delivery_rate=55942&cwnd=253&unsent_bytes=0&cid=39094f7efa3ffa81&ts=685&x=0"
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies
master-only master-only
x-xss-protection
1; mode=block 1; mode=block
css2
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94f1349f03cfb69bd52b7b5fce44eb3d58c7cf3eb79d8a7e48ad6afc0ed3e183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 09:57:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:57:56 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 24 Dec 2024 08:29:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bootstrap.min.css
shopwindowssavings.com/css/ 		157 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shopwindowssavings.com/css/bootstrap.min.css
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shopwindowssavings.com/step.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65e8c589-27293"
age
95776
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IS2%2FcFmRKktOH7jF71yi1GcNN3I4m60JIR%2B7wuUUfbnndYdYLAoYQCu3Iy6L57tWzx5dZ3P0148P2XDuaQ3VHXP%2BMSQD5%2FN6yEsppcHl8NAeg5rdiXmWfptLf%2BdkMmgB9tQzH7aNp%2FvX"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70401&min_rtt=69574&rtt_var=15918&sent=23&recv=14&lost=0&retrans=0&sent_bytes=16214&recv_bytes=6272&delivery_rate=8015&cwnd=12000&unsent_bytes=0&cid=bcbfd5c842da3b91&ts=195&x=1", cfExtPri, cfHdrFlush;dur=68
date
Tue, 24 Dec 2024 09:57:56 GMT
content-type
text/css
last-modified
Wed, 06 Mar 2024 19:35:37 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6fbae43afccb9b-LAX
access-control-allow-origin
*
server
cloudflare
bootstrap-icons.css
shopwindowssavings.com/bootstrap-icons/ 		93 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shopwindowssavings.com/bootstrap-icons/bootstrap-icons.css
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shopwindowssavings.com/step.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65dcfd55-17579"
age
95776
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2xL3JBGkp5FeU%2F4qIR7gL6wHIBMXTbzbIvl0CnsXQEJUlD85HmA4lB4imp7Nw4T%2B0ESRESKQhoxquKezIIsuWuhsoToWYPI2sXuiu3d7Sqy68R4v1ulWWsLSdrE1BUvkE3CdM0qhN0jw"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70401&min_rtt=69574&rtt_var=15918&sent=14&recv=14&lost=0&retrans=0&sent_bytes=6217&recv_bytes=6272&delivery_rate=8015&cwnd=12000&unsent_bytes=0&cid=bcbfd5c842da3b91&ts=194&x=1", cfExtPri, cfHdrFlush;dur=71
date
Tue, 24 Dec 2024 09:57:56 GMT
content-type
text/css
last-modified
Mon, 26 Feb 2024 21:06:29 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6fbae43afecb9b-LAX
access-control-allow-origin
*
server
cloudflare
style.css
shopwindowssavings.com/css/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shopwindowssavings.com/css/style.css
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb71e8e6c643017c5c2de9ea704193db56d69cdfbe9856dbbd1deeaec09a1ce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shopwindowssavings.com/step.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65e8c58c-59c9"
age
95776
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1t8dVtwmcx3xBiF%2F%2B34edMiNeocIrHJMPbavggATTDNd9fRZZ6TLUIeCj2usxfwh1nZwMouliCqFs%2FWNPR5F4U4uyhb472FAsnfFPMVkiGmsJhgRD9Z9ftuDpcGex9tWPt%2FUKZ7B%2BNx"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70401&min_rtt=69574&rtt_var=15918&sent=23&recv=14&lost=0&retrans=0&sent_bytes=16214&recv_bytes=6272&delivery_rate=8015&cwnd=12000&unsent_bytes=0&cid=bcbfd5c842da3b91&ts=195&x=1", cfExtPri, cfHdrFlush;dur=71
date
Tue, 24 Dec 2024 09:57:56 GMT
content-type
text/css
last-modified
Wed, 06 Mar 2024 19:35:40 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6fbae43b00cb9b-LAX
access-control-allow-origin
*
server
cloudflare
form.css
shopwindowssavings.com/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shopwindowssavings.com/css/form.css
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eede808ff5c13c235dd5b80a5809827fb0f4348078f663c441eef9a4d3e027f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shopwindowssavings.com/step.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65e8c58a-f45"
age
95776
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jd%2FykmHcLH5%2BR1KKkmfoDknrKiSmAOpt7tbMvRY45PJi6DSXiGO%2B33XR7D9CI7BBERIvXxGYr3wgtiJsrnXCWGpCz%2BvURZfZaVj281SeKo5L2sy4hwRzNIB0g8J2l6wul08DdbKypHEg"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70401&min_rtt=69574&rtt_var=15918&sent=12&recv=14&lost=0&retrans=0&sent_bytes=4242&recv_bytes=6272&delivery_rate=8015&cwnd=12000&unsent_bytes=0&cid=bcbfd5c842da3b91&ts=193&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 09:57:56 GMT
content-type
text/css
last-modified
Wed, 06 Mar 2024 19:35:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6fbae43b03cb9b-LAX
access-control-allow-origin
*
server
cloudflare
js
maps.googleapis.com/maps/api/ 		400 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyC_MW5A9ObbCWwzWmUQwX0-gsvhj7yaWkA&libraries=places&callback=initMap
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
cc03203a9c8274638c6553b66c26436685c23f3712387281b200b67507fcfafd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
gzip
etag
bcfb1731
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127875
date
Tue, 24 Dec 2024 09:57:56 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
logo.png
shopwindowssavings.com/img/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shopwindowssavings.com/img/logo.png
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc347e11326e6a5deccab8b3d07f5e9d69824b43dba9ede883b07eed4d69ccaa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shopwindowssavings.com/step.php

Response headers

cf-cache-status
HIT
etag
W/"65e8d8f6-4fe6"
age
95776
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B8tt5Otrzh4BMUAPlL7zH3kBIH7gnNxnKz0wh0s9NUwsCc%2Fzf5GuCdGFXGiatHkvIn9n7cV%2BoWHNNTFy6qwWPOJTQYCfSWV%2BeC4m%2F1aaFWsEl0Ul6cDwV6WKKGkLKtA7zW6WgOWToIXL"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70401&min_rtt=69574&rtt_var=15918&sent=23&recv=14&lost=0&retrans=0&sent_bytes=16214&recv_bytes=6272&delivery_rate=8015&cwnd=12000&unsent_bytes=0&cid=bcbfd5c842da3b91&ts=195&x=1", cfExtPri, cfHdrFlush;dur=71
date
Tue, 24 Dec 2024 09:57:56 GMT
content-type
image/png
last-modified
Wed, 06 Mar 2024 20:58:30 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6fbae43b04cb9b-LAX
access-control-allow-origin
*
server
cloudflare
address_placeholder.jpg
shopwindowssavings.com/img/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shopwindowssavings.com/img/address_placeholder.jpg
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aeabaeb2dd486c8898a35b5e11e2bcee523cb5dd90742453217f191e051d0a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shopwindowssavings.com/step.php

Response headers

cf-cache-status
HIT
etag
W/"671b068c-bbbc"
age
95776
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6mS7zZfOu1rgxIKjUGKAIb3ByoRZsFMMXZBa9HqHkrBdtZD3qVTFGAQpk650xgE22kQzvhnV%2FNx8cpXi%2BYClA7TuoC9y2m9dlydV0xOsUXfsXSp0VVQd7dOoqTycZ5JbcFOQ7ffLbQuW"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70401&min_rtt=69574&rtt_var=15918&sent=14&recv=14&lost=0&retrans=0&sent_bytes=6217&recv_bytes=6272&delivery_rate=8015&cwnd=12000&unsent_bytes=0&cid=bcbfd5c842da3b91&ts=194&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 09:57:56 GMT
content-type
image/jpeg
last-modified
Fri, 25 Oct 2024 02:46:36 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6fbae43b08cb9b-LAX
access-control-allow-origin
*
server
cloudflare
jquery-3.5.1.min.js
shopwindowssavings.com/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shopwindowssavings.com/js/jquery-3.5.1.min.js
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shopwindowssavings.com/step.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65dcfd33-15d84"
age
95776
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8AYjNu6eBQYlVaMV1twIxmgL6DPpmgBYckTUvoZvX%2BIbpxgubJP5w38DGHgILRMK9OpWaDcf7Rpq%2FZhvEzvf%2FYgSQT9BlpcMJFZyY1is%2Fvkgaa4GBkQ4NdYf096zqkesHy%2FMloKfnsnv"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70401&min_rtt=69574&rtt_var=15918&sent=25&recv=18&lost=0&retrans=0&sent_bytes=16260&recv_bytes=7648&delivery_rate=8015&cwnd=12000&unsent_bytes=0&cid=bcbfd5c842da3b91&ts=212&x=1", cfExtPri, cfHdrFlush;dur=54
date
Tue, 24 Dec 2024 09:57:56 GMT
content-type
application/javascript
last-modified
Mon, 26 Feb 2024 21:05:55 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6fbae45b55cb9b-LAX
access-control-allow-origin
*
server
cloudflare
bootstrap.min.js
shopwindowssavings.com/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shopwindowssavings.com/js/bootstrap.min.js
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shopwindowssavings.com/step.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65dcfd36-eb0e"
age
95776
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KqDBEwKzgSSpllCNigtSAgzIGumQDOWx2F%2Ff5oyGcEBjMJMkQrpRPZaEg4wKMWjwUdWwaQeKRXlnZwqLyGU0SSsv7P17XWwH3b4Dp07wn4aefefKKakfHIiGrtg8EMcMFUPCZGTETMrh"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70401&min_rtt=69574&rtt_var=15918&sent=25&recv=18&lost=0&retrans=0&sent_bytes=16260&recv_bytes=7648&delivery_rate=8015&cwnd=12000&unsent_bytes=0&cid=bcbfd5c842da3b91&ts=213&x=1", cfExtPri, cfHdrFlush;dur=120
date
Tue, 24 Dec 2024 09:57:56 GMT
content-type
application/javascript
last-modified
Mon, 26 Feb 2024 21:05:58 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6fbae45b56cb9b-LAX
access-control-allow-origin
*
server
cloudflare
jquery.validate.min.js
shopwindowssavings.com/js/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shopwindowssavings.com/js/jquery.validate.min.js
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shopwindowssavings.com/step.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65dcfd31-5f7b"
age
95776
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSkup7ZNlzSnIHSaqdUy53MYiEdJSwe%2BC3UWw7GNjDpMwDm3lKCJxRXPkZMF%2FRijZ8vD38ywxwSLznMOsfVSNyTxmRKslwdk1puAITyg8Nq35tLJ8zL0PETGJ6RInzU%2F0tEtfP84lqk0"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70401&min_rtt=69574&rtt_var=15918&sent=25&recv=18&lost=0&retrans=0&sent_bytes=16260&recv_bytes=7648&delivery_rate=8015&cwnd=12000&unsent_bytes=0&cid=bcbfd5c842da3b91&ts=216&x=1", cfExtPri, cfHdrFlush;dur=119
date
Tue, 24 Dec 2024 09:57:56 GMT
content-type
application/javascript
last-modified
Mon, 26 Feb 2024 21:05:53 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6fbae45b59cb9b-LAX
access-control-allow-origin
*
server
cloudflare
jquery.inputmask.bundle.js
shopwindowssavings.com/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shopwindowssavings.com/js/jquery.inputmask.bundle.js
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d1d776462c96e57a871654578f93ce85210e942cf86b79bde898bca8d4b4755

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shopwindowssavings.com/step.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65dcfd32-1787"
age
95776
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivxlWuyrHWLcr60fp4%2B0jv04%2B8pQQryghFp5GkuN84j916kXa4gU%2FMRHAKKUCE06v9tMNHglNWLE8HBjaVoF8iE8QpFV4qxwQNmMy8bNn2FkVyQxx0ms81KF3Gk%2Bl5jRRkLj4ctgEffy"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70401&min_rtt=69574&rtt_var=15918&sent=25&recv=18&lost=0&retrans=0&sent_bytes=16260&recv_bytes=7648&delivery_rate=8015&cwnd=12000&unsent_bytes=0&cid=bcbfd5c842da3b91&ts=216&x=1", cfExtPri, cfHdrFlush;dur=119
date
Tue, 24 Dec 2024 09:57:56 GMT
content-type
application/javascript
last-modified
Mon, 26 Feb 2024 21:05:54 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6fbae45b5acb9b-LAX
access-control-allow-origin
*
server
cloudflare
hero-bg.jpg
shopwindowssavings.com/img/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shopwindowssavings.com/img/hero-bg.jpg
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b81bbec22422cb9b86141fded3dfb76f2659b9f90c20e8df6dbfca355dc8a8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shopwindowssavings.com/css/style.css

Response headers

cf-cache-status
HIT
etag
W/"65e8d910-198c55"
age
95775
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BW1F%2FrywqY8ML1PjnIxw7k6UrKKmumK1mMX3jyQJTZtQScnHRSk%2BNKbQEJFJOBLvvpm5%2F4vq3ZaVD%2FsUeXcKgwi%2Fel6%2F6eLyZsYBZuTOv4p4SrGDPDEKhk%2FiACyw0SAKT6BtJru93BnD"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71858&min_rtt=69553&rtt_var=813&sent=189&recv=75&lost=0&retrans=0&sent_bytes=191721&recv_bytes=10500&delivery_rate=1201126&cwnd=100800&unsent_bytes=0&cid=bcbfd5c842da3b91&ts=648&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 09:57:56 GMT
content-type
image/jpeg
last-modified
Wed, 06 Mar 2024 20:58:56 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6fbae70a96cb9b-LAX
access-control-allow-origin
*
server
cloudflare
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f3.1e100.net
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://shopwindowssavings.com
Referer
https://fonts.googleapis.com/

Response headers

age
331108
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 13:59:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:59:29 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
e915c6e8-61fd-f7ca-7bd7-6c9607d1b368.js
create.lidstatic.com/campaign/ 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/e915c6e8-61fd-f7ca-7bd7-6c9607d1b368.js?snippet_version=2
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939f27680fa950ef52b2ec69b99795eb3c32afd27893cd67309316f376f7cdc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"136fe4d64b68f91c36fabe400c1ecb63"
x-amz-version-id
J8JPkHLvfea4rL9hjMdQWxyZEf94BDBb
date
Tue, 24 Dec 2024 09:57:57 GMT
content-type
text/javascript
last-modified
Fri, 11 Oct 2024 12:29:18 GMT
vary
Accept-Encoding
x-amz-id-2
cRePsCdLEkkgbe3YlE7yO6QpxVNSsRyDWkJo6llt3FYUHmkyljo8NKNoogChtEDXYWhPFfpzFVldmCfbTHeZrQ==
x-amz-replication-status
COMPLETED
cache-control
max-age=1800
x-amz-request-id
Q2P6VJBNMHGX5G85
cf-ray
8f6fbae82f5d7cec-LAX
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17350342769540.18393118394854802
  • https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17350342769540.18393118394854802
17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17350342769540.18393118394854802
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H2
Server
2600:9000:21dd:1c00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e114e889e78b7142ff6758283264caac4ea6637d9083297170b0c6d0989ad27c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-amz-cf-pop
EWR53-C2
content-encoding
gzip
x-amz-version-id
CgOpMA7qv8daz8x4TLKmjj8xwE3kNOik
etag
W/"13bfb39c2a3c27244ada71a50c793d6f"
via
1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
P1BDAQbrm5mlrpN3OzpxLTrktNpqPFwpw5uMDfxP426SxedVPiBrUA==
date
Tue, 24 Dec 2024 09:57:58 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Thu, 12 Dec 2024 18:13:33 GMT

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17350342769540.18393118394854802
content-length
134
date
Tue, 24 Dec 2024 09:57:57 GMT
content-type
text/html
server
awselb/2.0
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC_MW5A9ObbCWwzWmUQwX0-gsvhj7yaWkA&libraries=places&callback=initMap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.106 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://shopwindowssavings.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Tue, 24 Dec 2024 09:57:57 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
common.js
maps.googleapis.com/maps-api-v3/api/js/59/3a/ 		268 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/59/3a/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC_MW5A9ObbCWwzWmUQwX0-gsvhj7yaWkA&libraries=places&callback=initMap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
249e85b9792cdfb9ce084d58830b251befb8fbeb9dae85fd252a3b252de6897f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
age
1160
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 09:38:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:38:37 GMT
last-modified
Thu, 12 Dec 2024 05:43:02 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
56513
x-xss-protection
0
server
sffe
util.js
maps.googleapis.com/maps-api-v3/api/js/59/3a/ 		189 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/59/3a/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC_MW5A9ObbCWwzWmUQwX0-gsvhj7yaWkA&libraries=places&callback=initMap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00a2425f4782d1caf94db30cbe18a5d05488d59573b033146c351a5958e662d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
age
10621
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 07:00:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 07:00:56 GMT
last-modified
Thu, 12 Dec 2024 05:43:02 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
58839
x-xss-protection
0
server
sffe
controls.js
maps.googleapis.com/maps-api-v3/api/js/59/3a/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/59/3a/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC_MW5A9ObbCWwzWmUQwX0-gsvhj7yaWkA&libraries=places&callback=initMap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61804b871c57633a8cf3e6052edf609a495f85bf6f0322505edd9f7d20cc2e97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
age
7410
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 07:54:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 07:54:27 GMT
last-modified
Thu, 12 Dec 2024 05:43:02 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
26294
x-xss-protection
0
server
sffe
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/59/3a/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/59/3a/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC_MW5A9ObbCWwzWmUQwX0-gsvhj7yaWkA&libraries=places&callback=initMap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f6963e5c9fa1b1e4b26507e28394cd78505ffbcb9fc83c454ae9a82de3ca9ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
age
336125
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 12:35:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 12:35:52 GMT
last-modified
Thu, 12 Dec 2024 05:43:02 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
13974
x-xss-protection
0
server
sffe
GenerateToken
create.leadid.com/2.15.1/ 		36 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.15.1/GenerateToken?msn=1&pid=e1c790d1-b59f-4d5c-9f49-cf4259705e33&_=342339074
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e915c6e8-61fd-f7ca-7bd7-6c9607d1b368.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.204.234.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-234-182.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c435b30664b39ef120f6542fe0bc688bfde3dbf98012de3e8530b25ce92ce5de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Tue, 24 Dec 2024 09:57:57 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 09:57:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:57:58 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 19:15:00 GMT
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
content-length
1616
x-xss-protection
0
server
sffe
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: shopwindowssavings.com
URL: https://shopwindowssavings.com/step.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 09:57:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:57:58 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 19:15:00 GMT
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
content-length
3351
x-xss-protection
0
server
sffe
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 13D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=484E3C26-338D-518A-5426-54626D9B67DF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.1&lck=E915C6E8-61FD-F7CA-7BD7-6C9607D1B368&lac=990889DB-7E7F-7D5F-2353-D0FB66D3F047
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e915c6e8-61fd-f7ca-7bd7-6c9607d1b368.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.168.96.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-96-129.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Age
6805
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 24 Dec 2024 08:04:33 GMT
Etag
W/"6707fed3-dbb"
Last-Modified
Thu, 10 Oct 2024 16:20:35 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 09fe3751257760655e79b7caf892ffe0.cloudfront.net (CloudFront)
X-Amz-Cf-Id
xfb-iCQ-MRMPUUvJYC_QClf9jZytz2BDdzdGSl94sd1Gk7q8zSVRrg==
X-Amz-Cf-Pop
JFK52-P6
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.15.1/ 		0
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.15.1/SaveDom?msn=2&pid=e1c790d1-b59f-4d5c-9f49-cf4259705e33&token=484E3C26-338D-518A-5426-54626D9B67DF&_=342339075
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e915c6e8-61fd-f7ca-7bd7-6c9607d1b368.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.204.234.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-234-182.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Tue, 24 Dec 2024 09:57:58 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
InitFormData
create.leadid.com/2.15.1/ 		0
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.15.1/InitFormData?msn=3&pid=e1c790d1-b59f-4d5c-9f49-cf4259705e33&token=484E3C26-338D-518A-5426-54626D9B67DF&_=342339076
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e915c6e8-61fd-f7ca-7bd7-6c9607d1b368.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.204.234.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-234-182.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Tue, 24 Dec 2024 09:57:58 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
Snap
create.leadid.com/2.15.1/ 		0
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.15.1/Snap?msn=4&pid=e1c790d1-b59f-4d5c-9f49-cf4259705e33&token=484E3C26-338D-518A-5426-54626D9B67DF&_=342339077
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e915c6e8-61fd-f7ca-7bd7-6c9607d1b368.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.204.234.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-234-182.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Tue, 24 Dec 2024 09:57:58 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
certs
api.trustedform.com/ 		474 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17350342769540.18393118394854802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.172.71.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-71-114.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
a8c267238abf25b36bbbbeaa9928fde1e0b1e61b274843416587a39b4ed08582

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
474
date
Tue, 24 Dec 2024 09:57:59 GMT
content-type
application/json; charset=utf-8
server
Cowboy
favicon.png
shopwindowssavings.com/img/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shopwindowssavings.com/img/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eb098ee123f844b1401cdfd653febf2f44a57a541cf9a5ac8c2450d40896de7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://shopwindowssavings.com/step.php

Response headers

cf-cache-status
HIT
etag
W/"65e8d912-42ce"
age
95776
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FX1pFXZTal8dlStZEWQ4Mdqp80V6zSPar7bnk0D7gjrePFf5dQom5aVyv9Wo2qsIswSWv6SU9KY6AX6QMl4EXkKxNlDRnP6UVRfUzX4pFkdeGIx8RgmABOwab40WE3CqxJ1JViYMIEjJ"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72630&min_rtt=69271&rtt_var=1542&sent=1637&recv=226&lost=10&retrans=10&sent_bytes=1917635&recv_bytes=17875&delivery_rate=579658&cwnd=564480&unsent_bytes=0&cid=bcbfd5c842da3b91&ts=2993&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 09:57:59 GMT
content-type
image/png
last-modified
Wed, 06 Mar 2024 20:58:58 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6fbaf5bacecb9b-LAX
access-control-allow-origin
*
server
cloudflare
trustedform-1.9.33.js
cdn.trustedform.com/ 		99 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.9.33.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17350342769540.18393118394854802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:1c00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5c43a5144409029904ecd3587dca2535a6499bdd8384f7c0c366e9ac09560f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-amz-cf-pop
EWR53-C2
content-encoding
gzip
x-amz-version-id
vk0qSLZUboRt1EA29gYhSHBiqDk9Quts
etag
W/"6b47ec48ccf715432c4687da324f1ec0"
age
14
via
1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
giXoVdD_CXIVJl72mcoCHfZ2mCeKdAM7sGq2nqUYknaDOlPxUj9Wmw==
date
Tue, 24 Dec 2024 09:57:54 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Thu, 12 Dec 2024 18:13:33 GMT
snapshot
api.trustedform.com/certs/a953998a695e5dc28dd9d7ba32013f74e6554b7e/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/a953998a695e5dc28dd9d7ba32013f74e6554b7e/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.172.71.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-71-114.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

access-control-expose-headers
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
date
Tue, 24 Dec 2024 09:57:59 GMT
server
Cowboy
access-control-allow-credentials
true
InitFormData
create.leadid.com/2.15.1/ 		0
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.15.1/InitFormData?msn=5&pid=e1c790d1-b59f-4d5c-9f49-cf4259705e33&token=484E3C26-338D-518A-5426-54626D9B67DF&_=342339078
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e915c6e8-61fd-f7ca-7bd7-6c9607d1b368.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.204.234.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-234-182.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Tue, 24 Dec 2024 09:57:59 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
truncated
/ Frame 		0
0
Snap
create.leadid.com/2.15.1/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.15.1/Snap?msn=6&pid=e1c790d1-b59f-4d5c-9f49-cf4259705e33&token=484E3C26-338D-518A-5426-54626D9B67DF&_=342339079
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/e915c6e8-61fd-f7ca-7bd7-6c9607d1b368.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.204.234.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-234-182.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Tue, 24 Dec 2024 09:58:00 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
events
api.trustedform.com/certs/a953998a695e5dc28dd9d7ba32013f74e6554b7e/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/a953998a695e5dc28dd9d7ba32013f74e6554b7e/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.172.71.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-71-114.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

access-control-expose-headers
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
date
Tue, 24 Dec 2024 09:58:00 GMT
server
Cowboy
access-control-allow-credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
truncated
URL
data:truncated

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| bootstrap function| initMap function| initAutocomplete function| updateStreetViewImage function| getUrlParameter function| showLoadingOverlay function| hideLoadingOverlay function| manualAddressEntry function| populateAddressFromUrl function| populateAddressFields function| submitAddress object| google object| litHtmlVersions object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| LeadiD object| __e3_ object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording string| id object| defaultStyleFrame object| regeneratorRuntime function| trustedFormNext

6 Cookies

Domain/Path Name / Value
shopwindowssavings.com/ Name: PHPSESSID
Value: f7p3sap5nogoau1k5rskn7rv2l
shopwindowssavings.com/ Name: leadid_token-990889DB-7E7F-7D5F-2353-D0FB66D3F047-E915C6E8-61FD-F7CA-7BD7-6C9607D1B368
Value: 484E3C26-338D-518A-5426-54626D9B67DF
.trueleadid.com/ Name: nlbi_3051494
Value: b52lQFyq93OT5r8HC30iGwAAAACsSp8PCnf4oi8k1Q6ixmf+
.trueleadid.com/ Name: visid_incap_3051494
Value: 5x23qGEMSU6PF6mxonKzc6aFamcAAAAAQUIPAAAAAABEkKnNoxNouQehZdcT+0Xy
.trueleadid.com/ Name: incap_ses_884_3051494
Value: ++kLdBq0sTu6qxH2gZlEDKaFamcAAAAAkfMr6SpBvWX+Us0w9QjWlw==
.deviceid.trueleadid.com/ Name: uuid
Value: 16198e1b74934b28be40459c5ff0af67

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
maps.gstatic.com
shopwindowssavings.com
truncated
truncated
142.250.64.106
142.250.72.99
172.67.167.77
2600:9000:21dd:1c00:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2606:4700:3031::6815:106d
2607:f8b0:4006:80c::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:823::200a
3.168.96.129
35.172.71.114
54.204.234.182
00a2425f4782d1caf94db30cbe18a5d05488d59573b033146c351a5958e662d4
0aeabaeb2dd486c8898a35b5e11e2bcee523cb5dd90742453217f191e051d0a8
249e85b9792cdfb9ce084d58830b251befb8fbeb9dae85fd252a3b252de6897f
2f6963e5c9fa1b1e4b26507e28394cd78505ffbcb9fc83c454ae9a82de3ca9ad
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
61804b871c57633a8cf3e6052edf609a495f85bf6f0322505edd9f7d20cc2e97
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6b81bbec22422cb9b86141fded3dfb76f2659b9f90c20e8df6dbfca355dc8a8f
6eb098ee123f844b1401cdfd653febf2f44a57a541cf9a5ac8c2450d40896de7
8d1d776462c96e57a871654578f93ce85210e942cf86b79bde898bca8d4b4755
939f27680fa950ef52b2ec69b99795eb3c32afd27893cd67309316f376f7cdc7
94f1349f03cfb69bd52b7b5fce44eb3d58c7cf3eb79d8a7e48ad6afc0ed3e183
9f1ed9b4a131b752a539f67f5ffeb298a2db2aa97f4773d5bcb9c22dfa4ae080
a8c267238abf25b36bbbbeaa9928fde1e0b1e61b274843416587a39b4ed08582
bc347e11326e6a5deccab8b3d07f5e9d69824b43dba9ede883b07eed4d69ccaa
c435b30664b39ef120f6542fe0bc688bfde3dbf98012de3e8530b25ce92ce5de
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb71e8e6c643017c5c2de9ea704193db56d69cdfbe9856dbbd1deeaec09a1ce0
cc03203a9c8274638c6553b66c26436685c23f3712387281b200b67507fcfafd
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
e114e889e78b7142ff6758283264caac4ea6637d9083297170b0c6d0989ad27c
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eede808ff5c13c235dd5b80a5809827fb0f4348078f663c441eef9a4d3e027f6
f5c43a5144409029904ecd3587dca2535a6499bdd8384f7c0c366e9ac09560f9
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1