homewindowsavings.com Open in urlscan Pro
2606:4700:3037::6815:5e1c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://homewindowsavings.com/
Submission Tags: phishingrod
Submission: On March 27 via api (March 27th 2023, 10:08:30 am UTC) from DE — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 18 domains to perform 49 HTTP transactions. The main IP is 2606:4700:3037::6815:5e1c, located in United States and belongs to CLOUDFLARENET, US. The main domain is homewindowsavings.com.
TLS certificate: Issued by GTS CA 1P5 on March 27th 2023. Valid for: 3 months.

This is the only time homewindowsavings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3037::6815:5e1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3034::ac43:a9b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	52.6.30.198 52.6.30.198	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3035::6815:2f0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.118.96 13.32.118.96	16509 (AMAZON-02) (AMAZON-02)
1	35.169.79.47 35.169.79.47	14618 (AMAZON-AES) (AMAZON-AES)
1 5	35.175.162.169 35.175.162.169	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:9000:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.214.192 143.204.214.192	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	104.26.11.16 104.26.11.16	() ()
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
49	23

7 2606:4700:3037::6815:5e1c (United States)

ASN13335 (CLOUDFLARENET, US)

homewindowsavings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:a9b0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.6.30.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-30-198.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:2f0c (United States)

ASN13335 (CLOUDFLARENET, US)

api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.proofapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.118.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-96.fra60.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.79.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-79-47.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.175.162.169 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-162-169.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:9000:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-192.fra53.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.16 (None, )

ASN- ()

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 23387 cdn.trustedform.com — Cisco Umbrella Rank: 26992	42 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	499 KB
7	homewindowsavings.com homewindowsavings.com	129 KB
6	leadid.com create.leadid.com — Cisco Umbrella Rank: 14111	4 KB
4	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 58759 api.useproof.com — Cisco Umbrella Rank: 55516	601 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	27 KB
2	cloudfront.net d2m2wsoho8qq12.cloudfront.net d10lpsik1i8c69.cloudfront.net	5 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	239 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	136 KB
1	luckyorange.net settings.luckyorange.net	750 B
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 14969	2 KB
1	proofapi.com analytics.proofapi.com — Cisco Umbrella Rank: 89010	726 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 241	611 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 354	12 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	28 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 22236	39 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	44 KB
49	18

	Domain	Requested by
7	homewindowsavings.com	homewindowsavings.com cdn.trustedform.com
6	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
5	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
5	www.gstatic.com	cdn.useproof.com www.google.com www.gstatic.com
3	www.google.com	homewindowsavings.com www.gstatic.com www.google.com
3	cdn.useproof.com	homewindowsavings.com cdn.useproof.com
2	fonts.gstatic.com	www.google.com
2	cdn.trustedform.com	api.trustedform.com
2	www.facebook.com	homewindowsavings.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	homewindowsavings.com connect.facebook.net
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	d10lpsik1i8c69.cloudfront.net	homewindowsavings.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	analytics.proofapi.com	cdn.useproof.com
1	bam.nr-data.net	js-agent.newrelic.com
1	api.useproof.com	cdn.useproof.com
1	js-agent.newrelic.com	homewindowsavings.com
1	cdnjs.cloudflare.com	homewindowsavings.com
1	create.lidstatic.com	homewindowsavings.com
1	www.googletagmanager.com	homewindowsavings.com
49	22

This site contains no links.

Subject Issuer	Validity	Valid
*.homewindowsavings.com GTS CA 1P5	`2023-03-27` - `2023-06-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-04-03`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-19`	8 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2023-02-22` - `2023-10-09`	8 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://homewindowsavings.com/
Frame ID: 612B980BA93EE58F5D0CCA99F2AC9E29
Requests: 35 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 87A752A9F38EA2CF8FB2D3B278083E38
Requests: 5 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F1D74312-7C5C-A6A6-7846-4D48E627D3D4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9
Frame ID: D18BE3A8896A19390E51D7CD2E028598
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=F1D74312-7C5C-A6A6-7846-4D48E627D3D4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9
Frame ID: 289D2A823BFD8B2EEC81C8A2314877DE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX&co=aHR0cHM6Ly9ob21ld2luZG93c2F2aW5ncy5jb206NDQz&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=l0mcu5jbksbz
Frame ID: 1A2DD7A45B713089F7AF0F8237F521B9
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home Window Savings

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

49
Requests

98 %
HTTPS

64 %
IPv6

18
Domains

22
Subdomains

23
IPs

2
Countries

1601 kB
Transfer

3365 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form_cert_id&l=16799117090280.7566961456794359&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form_cert_id&l=16799117090280.7566961456794359&invert_field_sensitivity=false

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
homewindowsavings.com/ 76 KB
19 KB 391ms
336ms Document
text/html 2606:4700:3037::6815:5e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://homewindowsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85060ea534ed90db89537166297f8f1716b91785440b8964e62b84801652d5e4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ae6d4fb69e09267-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 27 Mar 2023 10:08:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmoZRoswIOGrG4dNHmkzM64x5ZJBUWph%2Fz3TLdIdtuuHONpEUpVKeEpfxR9k11kBC3GbTVIMLbB5jHZ%2FuLKTn0Vmfgt9qg%2Ft5euXBSenMBiLZ78bfEtGqCLmwhcrqJhXi9quu5ZrIS4j7rJ%2F6cUiurIJThI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
homewindowsavings.com/assets/css/ 157 KB
25 KB 791ms
790ms Stylesheet
text/css 2606:4700:3037::6815:5e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://homewindowsavings.com/assets/css/bootstrap.min.css
Requested by: Host: homewindowsavings.com
URL: https://homewindowsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a55c8982680c6b686323c61392e7f11f1be3c06260678bee2b3f36dbc5a5e915

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 05 Apr 2022 20:49:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mCGC6naEqe3Lb5mqHrW7EslOED6ey1GkuxExW2kK4aqcHT2fBRhw%2B3LHMKePEpP3S8jIp2FZf77iRHGVkffLhT%2BKfSXH%2FPVyZ6sgnLPKTnZl4sTAbKCx%2FNT21TLDa0CKkxn8CAo7auKPQfg4CeUAjMIeGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ae6d4fd8c769267-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 site.min.css
homewindowsavings.com/assets/css/ 16 KB
5 KB 491ms
490ms Stylesheet
text/css 2606:4700:3037::6815:5e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://homewindowsavings.com/assets/css/site.min.css
Requested by: Host: homewindowsavings.com
URL: https://homewindowsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73274aa79cc0a0120d5ad58a247f22766952164862643147866dc042ab8056f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Apr 2022 23:18:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dknKid3ZbcCqep66eoBzvQFGWB6V2qsspmfEIu9RynIYH0Dhucur6zXZC5KAXgfBdftshjlTwD%2BelsUBTtc9VNnV31aYWd3GyClQqVUkDj0QrGwAfDCQkLlhT6gxfCkIqhaASN3ZsOxgsQpW7HmTwwrhQo0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ae6d4fd8c799267-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 139ms
51ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-207515269-1

Requested by

Host: homewindowsavings.com
URL: https://homewindowsavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41be7661c2ce4b9344e7bacfc9f863a2a492f3dcdc3dc134bd9d52838afc59e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44819
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Mar 2023 10:08:26 GMT

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 54ms
16ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=wzYkDzFksxeLi5vpQYEPH1s1Gzn1
Requested by: Host: homewindowsavings.com
URL: https://homewindowsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:26 GMT
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9BYV6EA9B95YY4GC
age: 8130104
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 497733
x-amz-id-2: r5TFM+mrQMGVpNpMD9lca2K++VvP42l78xkJtPfnA2om5+OioZIOyf1gR3HhllDaob1YymPNKGo=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KC2qb8Dgb%2Fo1KD7XRPHzhtXCHRT%2BiSqvTdC2FkTWtTFtF60NbIzGWftbUD7MRihn4CKVHbTY8ZlyxphjMCgxfI5j5FK4aEQNrzn%2FkneNUkinbBmoH4aOwIwz4w0%2B8C1YoZO8iH8LR4JmFqq4zaa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7ae6d502c9ae2ba6-FRA

GET
H3 200 Home%20Window%20SavingsP2.png
homewindowsavings.com/assets/images/ 19 KB
20 KB 478ms
477ms Image
image/png 2606:4700:3037::6815:5e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://homewindowsavings.com/assets/images/Home%20Window%20SavingsP2.png
Requested by: Host: homewindowsavings.com
URL: https://homewindowsavings.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5356be290ba86a275679423da60da843ca39061f894c39313d65fb89647d2557

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:26 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Apr 2022 23:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEU54tmDYNKJcSi%2BSrvWCc0aPMBIvdyiRPGnGHDQ%2FfO%2BeWrprbLfBbpzPSZmh4BrDZa257vZ1f8TKZICdDys6xCt%2BiEeXHfAwZDc8kuNmrrgjTw6p62JM6c9lQ1dEckbMfssiP7tkY6rJhgDQIrdb84g8es%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ae6d50288849ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19829

GET
H3 200 jquery.min.js Show response
homewindowsavings.com/assets/js/ 95 KB
34 KB 867ms
864ms Script
application/javascript 2606:4700:3037::6815:5e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://homewindowsavings.com/assets/js/jquery.min.js
Requested by: Host: homewindowsavings.com
URL: https://homewindowsavings.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 05 Apr 2022 20:51:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEcwVq%2FHKQ5%2FuJRXe%2FvEfwgF%2FQtrQRrdf4T6qk93t9OFeJAl2JGUaj6%2Bf7X3xh8ld%2FOuvknGiTkJEzMFJOar2tmQpma3uQ65W7SeP8V4CCxeOBeF9ZWvSe4NmzTUdiUwL6lpoFTqSZeMVonjxtMmbQTgM8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ae6d500ad979ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.mask.js Show response
homewindowsavings.com/assets/js/ 22 KB
6 KB 479ms
479ms Script
application/javascript 2606:4700:3037::6815:5e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://homewindowsavings.com/assets/js/jquery.mask.js
Requested by: Host: homewindowsavings.com
URL: https://homewindowsavings.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e40e952fffd779db9077b2fa0928a825dbf8c95c00581159555b4b510ca5236e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 05 Apr 2022 20:51:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2XbkHnzlcNG9ptxtb3QV7%2B5zwghqCaEYkC7CM2Wz%2Fr8zM07wuFQnh6efNW5qYBJOKJuEGS5wSHcf%2Bnm7yxHzrPUZCON2%2FoPY04MStHAb1CkZ5oCvhKBY80cTZGl6Arq6bOmds730F42OnxJeegU3sRak%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ae6d50288759ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 30ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: homewindowsavings.com
URL: https://homewindowsavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1024b15789c74b9531cd607b7507c13723879a74bebd70658bec6ed92c025aa7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 27 Mar 2023 10:08:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: GvwMF2n5f8NnRULwqOb7bq6IxkB/jGISJ5fGxix/Vz+0cpcqq27QiRohAqs1W6BXEBipjHW9rA1o0DCvsU/Kcw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 64720ec4-6d15-889b-eeba-18ec1fdb5751.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 700ms
663ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2
Requested by: Host: homewindowsavings.com
URL: https://homewindowsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1e508eb79c78f17888a5a352b6d013408696d542fef7c17172ff299bc8fb4a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:26 GMT
x-amz-version-id: 5e1zR5Eh96rBRQ1_63MzPsUOzsXVcwJW
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 12 Nov 2021 00:50:57 GMT
server: cloudflare
x-amz-request-id: RRYYCDNERJ6Z4CRH
etag: W/"ca6eff36526d6b844dda295c474fb7c2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 7ae6d502cd7c9bac-FRA
x-amz-id-2: QmUH6a9IzCcfGLno/JVsUq7WI+wJgLbCCd9OLNrffDrPAuIyauNRlrpid3my3CtGvgwYyRFOd3c=

GET
H2 200 626430352181565 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 204ms
204ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/626430352181565?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

93723640817cd1107e5120959b7b44c76aded644aec0ff34af744e6585e8b7c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 27 Mar 2023 10:08:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: cq9DDdaO0kSwtCAUcgGXwGal0t/PAUAhbs0S8rLOls1j4ZLFenPgq8+2HLLNDlq5hYPhO3kzwv8ZmIjzkLLlgw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame 87A7 325 B
800 B 414ms
413ms Document
text/html 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=wzYkDzFksxeLi5vpQYEPH1s1Gzn1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer: https://homewindowsavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 7ae6d5036a4c2ba6-FRA
content-length: 325
content-type: text/html
date: Mon, 27 Mar 2023 10:08:26 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtWafIgnBZdDea%2BC4Zw0R%2FIB%2BXvzo5RpVjWf%2BEGeYRekrZMUuq5LIuaYF1ntrG5d430h5KlPdNc92%2FIRouPNUedEaxS2MExzKYeZgmz%2FZXE4pgS0T%2BbSN%2F7JCCDbX3mRW7fp7z00TXfeYLH3EOX9"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: GKUbxpE7RyIZdLV6mqpfL6H+NvgnZrniN76678UjjeJz6TBynele1sdldSjEklfvG+lLJYGcqKo=
x-amz-request-id: RRYPK1JRTR5TS9Q6
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 114ms
35ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-207515269-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 195
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 27 Mar 2023 12:05:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 33ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=626430352181565&ev=PageView&dl=https%3A%2F%2Fhomewindowsavings.com%2F&rl=&if=false&ts=1679911706301&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679911706299.144825212&it=1679911706058&coo=false&rqm=GET

Requested by

Host: homewindowsavings.com
URL: https://homewindowsavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 27 Mar 2023 10:08:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 49ms
47ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=975802907&t=pageview&_s=1&dl=https%3A%2F%2Fhomewindowsavings.com%2F&ul=en-us&de=UTF-8&dt=Home%20Window%20Savings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1817015998&gjid=870174411&cid=1046552900.1679911706&tid=UA-207515269-1&_gid=163570806.1679911706&_r=1&gtm=457e33m0&jsscut=1&z=574970664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://homewindowsavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 10:08:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://homewindowsavings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame 87A7 389 KB
114 KB 136ms
37ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116073
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 18:05:14 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame 87A7 112 KB
112 KB 17ms
17ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:26 GMT
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Q87SKP18B36PFYPR
age: 8130103
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114404
x-amz-id-2: oUlorsOB2EnI3v7fR1EJwzHO3KCahbfmC4nEerw5kKS5W40OehBLkQPtmZg+U7s0cvCMWk7xfCY=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7%2FUl2iFsLHf%2BCtYkDi%2BCBR9VrMTOoslMHofJr68ISsZhCjrsICGJRzZqz1WX5d%2BcvvQImp26mVbgLoeht3Cfx%2BbRdw4RVdllPlR1DQIBkZmYrjBaQk8%2F%2F3RI5%2BBxOnak0DSKfpQjmrwnNVmJIOJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7ae6d5061dc52ba6-FRA

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 56ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: homewindowsavings.com
URL: https://homewindowsavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4683162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3puPyELqGJ77G3FpAwW4Sz9QTSLqSkRTqhDXIXL52fsnQwtyh90Vmq%2BmtwqHf7%2BRPZVvteq5p0zmxCDjNhbQ8Nbf3YWFrLyZOgW68iV%2B0xuUk9Tz2fVhJKIgEhpX%2FRSYBYjwdLRTuwk9UTEEKYT7Z6QU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ae6d5068da5371a-FRA
expires: Sat, 16 Mar 2024 10:08:26 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
659 B 1280ms
181ms XHR
text/plain 52.6.30.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=4adb4e51-6f39-4368-b1f5-f2814ffce9c1&_=504488321

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.30.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-30-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

245b6f7c1537bf7638437cb1288b8f833e13d72f0275a57e4ba2db6548cf9541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://homewindowsavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 27 Mar 2023 10:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 66ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: homewindowsavings.com
URL: https://homewindowsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
via: 1.1 varnish
date: Mon, 27 Mar 2023 10:08:26 GMT
x-amz-request-id: TMQ1QGR9ZBFXTAXQ
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11781
x-amz-id-2: Xcq2zKzrMuTXXay/FWs9MTpI9U2NtWc7t3zyUBeZwbh0K7s6tmyAWtbY3HdyBkcBsfvcRXw/1IA=
x-served-by: cache-fra-eddf8230061-FRA
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1679911707.887776,VS0,VE0
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 25

GET
H2 200 wzYkDzFksxeLi5vpQYEPH1s1Gzn1 Show response
api.useproof.com/pixel/ Frame 87A7 179 B
1019 B 293ms
212ms XHR
application/json 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/wzYkDzFksxeLi5vpQYEPH1s1Gzn1?url=https:%2F%2Fhomewindowsavings.com%2F
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adbee25c7c07dced68188f991993fda33f68dce364540bcfc1856876412ddde6

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:27 GMT
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
content-encoding: br
x-amzn-remapped-content-length: 179
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 0a82437d-3fb9-4833-a9ff-332b8ce1aeb3
surrogate-control: no-store
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: Cb2sQHV0IAMFprQ=
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"b3-FAQiHWXMeC7gpEHkkCA0t1QGyd0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4QBJgkqoUIY1YS4YurqnPzppbUCzGF8CEumooPuB9ohuVztIwl2APTKEk7eapfFvB6EgqW8RtESgcd7W4g2ymwgvKqYpLIHWtrVfr5ixQ2TEdRq9%2FCbosFF1Xh0KTk0ZTTGosrhJbU6klJYA0E2"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7ae6d50849489978-FRA
x-amzn-remapped-date: Mon, 27 Mar 2023 10:08:27 GMT
x-amz-cf-id: km362oshKPK4zQslgKUQfsF5YnVKIDvtA9F8_rMqgjy2tlNCIm7VZg==
expires: 0

GET
H/1.1 200
OK NRJS-681ffe8ac2d3e968f44 Show response
bam.nr-data.net/1/ 49 B
611 B 352ms
249ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-681ffe8ac2d3e968f44?a=813396084,813396085,813396086&v=1210.e2a3f80&to=YVEHMBYCC0ZTURcIVlgbMBYNTBMBHVsNBVxOGhUMFA%3D%3D&rst=2094&ck=1&ref=https://homewindowsavings.com/&ap=3&be=420&fe=2019&dc=1801&perf=%7B%22timing%22:%7B%22of%22:1679911704808,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:22,%22c%22:22,%22s%22:36,%22ce%22:56,%22rq%22:56,%22rp%22:392,%22rpe%22:546,%22dl%22:396,%22di%22:1801,%22ds%22:1802,%22de%22:1803,%22dc%22:2019,%22l%22:2019,%22le%22:2020%7D,%22navigation%22:%7B%7D%7D&fp=1228&fcp=1228&at=TRYERl4YGEg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 10:08:27 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 7ae6d508dc26368b-FRA

GET
H2 200 track Show response
analytics.proofapi.com/ Frame 87A7 71 B
726 B 250ms
203ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522wzYkDzFksxeLi5vpQYEPH1s1Gzn1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%2522d8ec063b-6553-4b6c-91ab-aec57c47474d%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fhomewindowsavings.com%252F%2522%252C%2522cleanUrl%2522%253A%2522homewindowsavings.com%252F%2522%252C%2522domain%2522%253A%2522homewindowsavings.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fhomewindowsavings.com%252F%2522%257D
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f2627d70221a551465f4b6db3345d50b2fb533abb1c005007fc36ebd0ac3ca6a

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:27 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"47-5poJSsGYCHzAuz6XmlCT5Lf+kAM"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.useproof.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2B%2B5R%2FDcaf9R87eswkgv%2FjcOJQUPDWG%2FWLWlRkJbWD93u3c7%2F4GDX0dRccglMcN%2FQLrR0b6G5V0LiJXclmaD5G8oVjRkje2Mu5MqYcgCnGu0KNqWHZbxBwEzocJoz7Z3lK4QOkn3s4C1JHS1twyVjscBW9Yn"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7ae6d509e9113730-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=626430352181565&ev=Microdata&dl=https%3A%2F%2Fhomewindowsavings.com%2F&rl=&if=false&ts=1679911707804&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20Window%20Savings%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1679911706299.144825212&it=1679911706058&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 27 Mar 2023 10:08:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame D18B 3 KB
2 KB 58ms
7ms Document
text/html 13.32.118.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F1D74312-7C5C-A6A6-7846-4D48E627D3D4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-96.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://homewindowsavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 39238
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 26 Mar 2023 23:14:30 GMT
ETag: W/"641b3057-dbb"
Last-Modified: Wed, 22 Mar 2023 16:44:07 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
X-Amz-Cf-Id: O01txcZ_h9KA1IAw8eTuQdvsWmLyXnudZ0qbHqdvM_XcC0oCVmb4xw==
X-Amz-Cf-Pop: FRA60-P1
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
621 B 110ms
109ms XHR
text/plain 52.6.30.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=4adb4e51-6f39-4368-b1f5-f2814ffce9c1&token=F1D74312-7C5C-A6A6-7846-4D48E627D3D4&_=504488322

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.30.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-30-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://homewindowsavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 27 Mar 2023 10:08:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
621 B 215ms
215ms XHR
text/plain 52.6.30.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=4adb4e51-6f39-4368-b1f5-f2814ffce9c1&token=F1D74312-7C5C-A6A6-7846-4D48E627D3D4&_=504488323

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.30.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-30-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://homewindowsavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 27 Mar 2023 10:08:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 289D 4 KB
2 KB 348ms
102ms Document
text/html 35.169.79.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=F1D74312-7C5C-A6A6-7846-4D48E627D3D4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F1D74312-7C5C-A6A6-7846-4D48E627D3D4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.79.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-79-47.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Mon, 27 Mar 2023 10:08:28 GMT
etag: W/"6408e5ef-1049"
expires: Tue, 28 Mar 2023 10:08:28 GMT
last-modified: Wed, 08 Mar 2023 19:45:51 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 289D 0
625 B 312ms
106ms Script
text/javascript 52.6.30.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&methods=48&token=F1D74312-7C5C-A6A6-7846-4D48E627D3D4&uuid=050a05653e134f7ea16ec691411df099

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=F1D74312-7C5C-A6A6-7846-4D48E627D3D4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=64720EC4-6D15-889B-EEBA-18EC1FDB5751&lac=CCD83497-4573-8E50-2E69-12A2BB09C9F9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.30.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-30-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form_cert_id&l=16799117090280.7566961456794359&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form_cert_id&l=16799117090280.7566961456794359&invert_field_sensitivity=false

7 KB
3 KB

221ms
156ms

Script
application/javascript

2600:9000:223d:9000:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form_cert_id&l=16799117090280.7566961456794359&invert_field_sensitivity=false
Protocol: H2
Server: 2600:9000:223d:9000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:30 GMT
x-amz-version-id: oadcnJCg2vYrfrS_vSmPkc6nBoYFDxSV
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
server: AmazonS3
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"1b4d8abad5e0668a237e388577c6a93c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: HbGjLP3eN6YoA-NBggxrhHx0xhR68GEc2c6WU9C3HwIwAbJc2PB08A==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form_cert_id&l=16799117090280.7566961456794359&invert_field_sensitivity=false
date: Mon, 27 Mar 2023 10:08:29 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 74ms
8ms Script
application/javascript 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: homewindowsavings.com
URL: https://homewindowsavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 09:13:19 GMT
content-encoding: gzip
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 3311
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 8iszeEQDKAlYJHxnIw1eh6d4BLRgjq6jJT7rNMTD5A0lDCcBGcu0hQ==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
907 B 132ms
50ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX

Requested by

Host: homewindowsavings.com
URL: https://homewindowsavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

747b45d2d860f79e844ebdb3e6bd254dbf89b9589a5b7cd1cbe5326c34ebfec9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 1; mode=block
expires: Mon, 27 Mar 2023 10:08:29 GMT

GET
H2 200 / Show response
settings.luckyorange.net/ 129 B
750 B 1261ms
1226ms Fetch
application/json 104.26.11.16

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fhomewindowsavings.com%2F&s=266834

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

798f8d1ee65970ce3ac48c7d88329ed8c8df6045cd5b67d87fbb22b8e502fec8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://homewindowsavings.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLEHdRdADi2ETs6tGry7GPmJh8FAu9qK90NA3lI8r%2FtadLOFhTkKvnZ08xBiTtLljbQCzUpyg%2FN8VZKsviyfbz8P%2BdZ%2FrRcXc%2BfirNI9v344Y%2BMegyURupAmZXb37jkwjujbrh8uSOAEDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 7ae6d5162e2739cd-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ 409 KB
164 KB 116ms
38ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://homewindowsavings.com/
Origin: https://homewindowsavings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 16:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167834
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 16:48:59 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1A2D 47 KB
26 KB 57ms
57ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX&co=aHR0cHM6Ly9ob21ld2luZG93c2F2aW5ncy5jb206NDQz&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=l0mcu5jbksbz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aba03480c9efa620cd64250f60fa21711f74ee1bfd0183cc0538705f51a15aa3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KBK3asEf-ek0rfJWQhkmZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homewindowsavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26341
content-security-policy: script-src 'report-sample' 'nonce-KBK3asEf-ek0rfJWQhkmZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 10:08:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ Frame 1A2D 55 KB
24 KB 37ms
35ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX&co=aHR0cHM6Ly9ob21ld2luZG93c2F2aW5ncy5jb206NDQz&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=l0mcu5jbksbz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 07:54:10 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ Frame 1A2D 409 KB
164 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 16:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167834
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 16:48:59 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 307ms
103ms XHR
application/json 35.175.162.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form_cert_id&l=16799117090280.7566961456794359&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.162.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-162-169.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: c43c9a2b4c849319d3a08ff1299cf7dffbd37b1e667589770ed792f82d20bb38

Request headers

Referer: https://homewindowsavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 27 Mar 2023 10:08:29 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1A2D 2 KB
2 KB 36ms
35ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
age: 403398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 29 Mar 2023 18:05:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1A2D 15 KB
16 KB 120ms
35ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 523851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1A2D 15 KB
15 KB 129ms
44ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 523851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1A2D 102 B
134 B 44ms
44ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18fcc06e8e158f0b20df57e5966474ba5ee428da943b5e27417d7e2bdde6058f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lchn2kaAAAAAKJJ6XJzD2QLfvHRxG8W8bs1JFyX&co=aHR0cHM6Ly9ob21ld2luZG93c2F2aW5ncy5jb206NDQz&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=l0mcu5jbksbz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 27 Mar 2023 10:08:29 GMT

GET
H2 200 trustedform-1.8.38.js Show response
cdn.trustedform.com/ 102 KB
37 KB 25ms
25ms Script
application/javascript 2600:9000:223d:9000:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form_cert_id&l=16799117090280.7566961456794359&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:9000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp
content-encoding: gzip
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
date: Mon, 27 Mar 2023 10:08:30 GMT
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: W/"a71c6d4fa015e7b61cc1fc54ff9b242e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 2Nn9pg9BTBX_yADUMjouJkAVfIeZq9iErjG8K4AmwgiREu8aafurKQ==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/90150bcb4153b4fbee219ad18f2a1e509f75cbde/ 0
159 B 208ms
207ms XHR
text/plain 35.175.162.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/90150bcb4153b4fbee219ad18f2a1e509f75cbde/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.162.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-162-169.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://homewindowsavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 27 Mar 2023 10:08:30 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H3 200 Home%20Window%20SavingsP2.png
homewindowsavings.com/assets/images/ 19 KB
20 KB 15ms
14ms Image
image/png 2606:4700:3037::6815:5e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://homewindowsavings.com/assets/images/Home%20Window%20SavingsP2.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5356be290ba86a275679423da60da843ca39061f894c39313d65fb89647d2557

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://homewindowsavings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:08:30 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Apr 2022 23:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AXWrYdMmJVyCkYt3sMfd56VseBjyCiBTmOkuisfkAA9kpY5dXxjoBTgNoXxSFRMtRIYxscnJJIUGSUuv8V5BeTO8vQVgsGYDpii59tCd%2BiQ5Lqt%2FvXpsOBfcb65QlnBAUfWqPVaYeC0Vn9PmJOKqk%2BL73E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ae6d51b8f3a9ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19829

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/90150bcb4153b4fbee219ad18f2a1e509f75cbde/ 0
159 B 194ms
194ms XHR
text/plain 35.175.162.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/90150bcb4153b4fbee219ad18f2a1e509f75cbde/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.162.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-162-169.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://homewindowsavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 27 Mar 2023 10:08:30 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 204 events
api.trustedform.com/certs/90150bcb4153b4fbee219ad18f2a1e509f75cbde/ 0
159 B 100ms
99ms Ping
text/plain 35.175.162.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/90150bcb4153b4fbee219ad18f2a1e509f75cbde/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.162.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-162-169.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://homewindowsavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 27 Mar 2023 10:08:30 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 110ms
109ms XHR
text/plain 52.6.30.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=4&pid=4adb4e51-6f39-4368-b1f5-f2814ffce9c1&token=F1D74312-7C5C-A6A6-7846-4D48E627D3D4&_=504488324

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.30.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-30-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://homewindowsavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 27 Mar 2023 10:08:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 322ms
217ms XHR
text/plain 52.6.30.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=5&pid=4adb4e51-6f39-4368-b1f5-f2814ffce9c1&token=F1D74312-7C5C-A6A6-7846-4D48E627D3D4&_=504488325

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/64720ec4-6d15-889b-eeba-18ec1fdb5751.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.30.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-30-198.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://homewindowsavings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 27 Mar 2023 10:08:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
homewindowsavings.com/	1970-01-20 11:21:43	Name: aid Value: 26071
.homewindowsavings.com/	1970-01-20 12:48:07	Name: _fbp Value: fb.1.1679911706299.144825212
.homewindowsavings.com/	1970-01-20 20:14:31	Name: _ga Value: GA1.2.1046552900.1679911706
.homewindowsavings.com/	1970-01-20 10:39:58	Name: _gid Value: GA1.2.163570806.1679911706
.homewindowsavings.com/	1970-01-20 10:38:31	Name: _gat_gtag_UA_207515269_1 Value: 1
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 1d8981ab1c95f53a
homewindowsavings.com/	1969-12-31 23:59:59	Name: leadid_token-CCD83497-4573-8E50-2E69-12A2BB09C9F9-64720EC4-6D15-889B-EEBA-18EC1FDB5751 Value: F1D74312-7C5C-A6A6-7846-4D48E627D3D4
.deviceid.trueleadid.com/	1970-01-20 20:14:31	Name: uuid Value: 050a05653e134f7ea16ec691411df099

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.proofapi.com
api.trustedform.com
api.useproof.com
bam.nr-data.net
cdn.trustedform.com
cdn.useproof.com
cdnjs.cloudflare.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d10lpsik1i8c69.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.gstatic.com
homewindowsavings.com
js-agent.newrelic.com
settings.luckyorange.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.26.11.16
13.32.118.96
143.204.214.192
151.101.130.137
162.247.241.14
2600:9000:223d:9000:1c:7f1a:6680:93a1
2606:4700:10::ac43:29e5
2606:4700:3034::ac43:a9b0
2606:4700:3035::6815:2f0c
2606:4700:3037::6815:5e1c
2606:4700::6811:190e
2a00:1450:4001:806::2004
2a00:1450:4001:809::2008
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:830::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::3
35.169.79.47
35.175.162.169
52.6.30.198
001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
1024b15789c74b9531cd607b7507c13723879a74bebd70658bec6ed92c025aa7
18fcc06e8e158f0b20df57e5966474ba5ee428da943b5e27417d7e2bdde6058f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
245b6f7c1537bf7638437cb1288b8f833e13d72f0275a57e4ba2db6548cf9541
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
41be7661c2ce4b9344e7bacfc9f863a2a492f3dcdc3dc134bd9d52838afc59e3
5356be290ba86a275679423da60da843ca39061f894c39313d65fb89647d2557
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73274aa79cc0a0120d5ad58a247f22766952164862643147866dc042ab8056f1
747b45d2d860f79e844ebdb3e6bd254dbf89b9589a5b7cd1cbe5326c34ebfec9
798f8d1ee65970ce3ac48c7d88329ed8c8df6045cd5b67d87fbb22b8e502fec8
85060ea534ed90db89537166297f8f1716b91785440b8964e62b84801652d5e4
93723640817cd1107e5120959b7b44c76aded644aec0ff34af744e6585e8b7c5
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
a55c8982680c6b686323c61392e7f11f1be3c06260678bee2b3f36dbc5a5e915
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
aba03480c9efa620cd64250f60fa21711f74ee1bfd0183cc0538705f51a15aa3
adbee25c7c07dced68188f991993fda33f68dce364540bcfc1856876412ddde6
b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9
c1e508eb79c78f17888a5a352b6d013408696d542fef7c17172ff299bc8fb4a1
c43c9a2b4c849319d3a08ff1299cf7dffbd37b1e667589770ed792f82d20bb38
d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40e952fffd779db9077b2fa0928a825dbf8c95c00581159555b4b510ca5236e
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f2627d70221a551465f4b6db3345d50b2fb533abb1c005007fc36ebd0ac3ca6a
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

homewindowsavings.com Open in urlscan Pro 2606:4700:3037::6815:5e1c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

64 %IPv6

18 Domains

22 Subdomains

23 IPs

2 Countries

1601 kBTransfer

3365 kBSize

8 Cookies

0 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

homewindowsavings.com Open in urlscan Pro
2606:4700:3037::6815:5e1c Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

64 %
IPv6

18
Domains

22
Subdomains

23
IPs

2
Countries

1601 kB
Transfer

3365 kB
Size

8
Cookies

49 HTTP transactions
1 data transactions