elitereplacementwindows.com Open in urlscan Pro
198.154.88.118 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://elitereplacementwindows.com/
Submission Tags: @phishunt_io
Submission: On April 13 via api (April 13th 2023, 9:25:46 pm UTC) from DE — Scanned from DE

Summary HTTP 52 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 16 domains to perform 52 HTTP transactions. The main IP is 198.154.88.118, located in Los Angeles, United States and belongs to 24SHELLS, US. The main domain is elitereplacementwindows.com.

This is the only time elitereplacementwindows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	198.154.88.118 198.154.88.118	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	190.124.46.18 190.124.46.18	29802 (HVC-AS) (HVC-AS)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.54.141.164 52.54.141.164	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:3200:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	52.72.168.118 52.72.168.118	14618 (AMAZON-AES) (AMAZON-AES)
5	18.214.14.230 18.214.14.230	14618 (AMAZON-AES) (AMAZON-AES)
1	18.165.196.149 18.165.196.149	16509 (AMAZON-02) (AMAZON-02)
1	50.19.247.79 50.19.247.79	14618 (AMAZON-AES) (AMAZON-AES)
52	17

22 198.154.88.118 (Los Angeles, United States)

ASN55081 (24SHELLS, US)
PTR: corporate.abilitybusinesscomputing.com

elitereplacementwindows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 190.124.46.18 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: 190-124-46-18.static.hvvc.us

hits.ecdashboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.141.164 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-141-164.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:3200:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.72.168.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-168-118.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.214.14.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-14-230.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.196.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-196-149.lhr50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.247.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-247-79.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	elitereplacementwindows.com elitereplacementwindows.com	1 MB
8	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 18817 cdn.trustedform.com — Cisco Umbrella Rank: 21368	42 KB
7	leadid.com create.leadid.com — Cisco Umbrella Rank: 16012	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	264 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	137 KB
2	ecdashboard.com hits.ecdashboard.com	4 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 17164	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5216	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 26189	39 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	19 KB
1	ravenjs.com cdn.ravenjs.com — Cisco Umbrella Rank: 8563	13 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	955 B
52	16

	Domain	Requested by
22	elitereplacementwindows.com	elitereplacementwindows.com cdn.trustedform.com
7	create.leadid.com	cdn.ravenjs.com deviceid.trueleadid.com
6	api.trustedform.com	1 redirects cdn.ravenjs.com cdn.trustedform.com
2	www.facebook.com	elitereplacementwindows.com
2	connect.facebook.net	elitereplacementwindows.com connect.facebook.net
2	cdn.trustedform.com	elitereplacementwindows.com api.trustedform.com
2	hits.ecdashboard.com	elitereplacementwindows.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	www.google.de	elitereplacementwindows.com
1	www.google.com	elitereplacementwindows.com
1	create.lidstatic.com	elitereplacementwindows.com
1	fonts.gstatic.com	fonts.googleapis.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	elitereplacementwindows.com
1	cdn.ravenjs.com	elitereplacementwindows.com
1	fonts.googleapis.com	elitereplacementwindows.com
52	17

This site contains links to these domains. Also see Links.

Domain
emailcompliancemanager.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.ecdashboard.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-23` - `2024-02-09`	a year	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-30` - `2023-10-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-21` - `2023-04-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-02-23` - `2023-10-19`	8 months	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2023-02-22` - `2023-10-09`	8 months	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh

This page contains 4 frames:

Primary Page: http://elitereplacementwindows.com/
Frame ID: 594A915A410117447896264022ED1F1B
Requests: 49 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CD7B88F2850D3B6867F7B2CE1482C268
Requests: 1 HTTP requests in this frame

Frame: http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=86F4EB18-7CA5-C40F-5A8E-9F76C15CEF78&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4
Frame ID: 377ACAB4AF161AC0647104B7554D1776
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=86F4EB18-7CA5-C40F-5A8E-9F76C15CEF78&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4
Frame ID: 0C90513C4389CD6DF165DE5500620807
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Window Rate Advisor - Powered By Renewal By Andersen - Window Replacement

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

50 %
HTTPS

53 %
IPv6

16
Domains

17
Subdomains

17
IPs

2
Countries

1420 kB
Transfer

2109 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://emailcompliancemanager.com/rba/?1=1
Title: contact us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

http://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16814211412340.772873619983331&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16814211412340.772873619983331&invert_field_sensitivity=false

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
elitereplacementwindows.com/ 31 KB
13 KB 588ms
211ms Document
text/html 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6b0a441c9dce94782d7a27a191c8533cac452c1607eaeeceb9ffbc3f2e8bdfa5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 12482
Content-Type: text/html; charset=utf-8
Date: Thu, 13 Apr 2023 21:25:40 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H2 200 css
fonts.googleapis.com/ 3 KB
955 B 190ms
67ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db0e93a6caa38aa56a60492fbb22c1d09e743b879bf3486c2caf5e6dc290cf32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Apr 2023 21:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 20:22:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Apr 2023 21:25:40 GMT

GET
H/1.1 200
OK styles.min.css
elitereplacementwindows.com/css/rba/ 19 KB
5 KB 214ms
214ms Stylesheet
text/css 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: http://elitereplacementwindows.com/css/rba/styles.min.css?v=102016
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 674fbf344e077b730d2e7b0d24170033c5c6d5b6c1ef353017dda19edc7d3344

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Apr 2023 19:11:46 GMT
Server: Microsoft-IIS/10.0
ETag: "5feb6ca3b6ed91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 4986

GET
H2 200 FP.js Show response
hits.ecdashboard.com/JS/ 14 KB
4 KB 653ms
160ms Script
application/javascript 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hits.ecdashboard.com/JS/FP.js
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 07d81e29da2b847c60281b9e084fe58ddf894ba5c6a60f395adf10aa4ad3d405

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 21:25:40 GMT
content-encoding: gzip
last-modified: Sun, 18 Apr 2021 11:58:05 GMT
server: Microsoft-IIS/10.0
etag: "80412174a34d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800
accept-ranges: bytes
content-length: 3840

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
elitereplacementwindows.com/scripts/ 85 KB
38 KB 217ms
216ms Script
application/javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: http://elitereplacementwindows.com/scripts/jquery-3.3.1.min.js
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Apr 2023 19:07:50 GMT
Server: Microsoft-IIS/10.0
ETag: "4711b33d3b6ed91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 38892

GET
H/1.1 200
OK jquery.maskedinput.js Show response
elitereplacementwindows.com/scripts/ 7 KB
4 KB 388ms
194ms Script
application/javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: http://elitereplacementwindows.com/scripts/jquery.maskedinput.js
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 66f4b78b6d602a8ef77322719b59a4d054a42bb3d07e9810afb61eeb2bfc5738

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Apr 2023 19:07:52 GMT
Server: Microsoft-IIS/10.0
ETag: "94a2e63e3b6ed91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 3339

GET
H/1.1 200
OK Functions.js Show response
elitereplacementwindows.com/scripts/ 5 KB
2 KB 389ms
194ms Script
application/javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: http://elitereplacementwindows.com/scripts/Functions.js?ver=4987
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 75f2e1d6ed4f585b1013768e1ce606d5c7014f44649c1d6b32f3eea29de6305f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Apr 2023 19:07:48 GMT
Server: Microsoft-IIS/10.0
ETag: "5126f93c3b6ed91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 1660

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.25.1/ 36 KB
13 KB 177ms
57ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 9c2f66520befdb2169bc7bf9e5a5fcff65a6cfd13d3851ed501300a54ff3da0c

Request headers

Referer: http://elitereplacementwindows.com/
Origin: http://elitereplacementwindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 21:25:40 GMT
content-encoding: gzip
last-modified: Fri, 11 May 2018 10:52:12 GMT
server: Fastly
age: 56719
etag: "4ec430b4503750456338547d547cc721"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 13527

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 48 KB
19 KB 158ms
96ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/

Protocol

HTTP/1.1

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ffe9f5af1f80a9ba2f3208eb78ffcc24421bdbdd2964fa9799e055091a0970f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 11089304436725066277
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 18411
X-XSS-Protection: 0
Expires: Thu, 13 Apr 2023 21:25:40 GMT

GET
H/1.1 200
OK logo-window-rate-advisor-left.png
elitereplacementwindows.com/images/ 4 KB
4 KB 204ms
204ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/images/logo-window-rate-advisor-left.png
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 71f913d9e6fd44f323b008f43b8ce27bd97ea8327876d83b4d0cab7f57a4cd3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:40 GMT
Last-Modified: Thu, 13 Apr 2023 19:10:55 GMT
Server: Microsoft-IIS/10.0
ETag: "3f9d78ac3b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 4314

GET
H/1.1 200
OK mob-windowrateadvisor-header.jpg
elitereplacementwindows.com/images/ 28 KB
29 KB 195ms
194ms Image
image/jpeg 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/images/mob-windowrateadvisor-header.jpg
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ac02219a6597dda527f7d42d93b0b27422d621db98778079a216d71396429cd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:40 GMT
Last-Modified: Thu, 13 Apr 2023 19:10:59 GMT
Server: Microsoft-IIS/10.0
ETag: "a9b26fae3b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 28948

GET
H/1.1 200
OK logo-powered-by-rba.png
elitereplacementwindows.com/images/ 11 KB
11 KB 201ms
200ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/images/logo-powered-by-rba.png
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d8dd4052b38ab85de399d5c5cb06e8bcff12baad323e5bd2084950dc55776a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:40 GMT
Last-Modified: Thu, 13 Apr 2023 19:10:54 GMT
Server: Microsoft-IIS/10.0
ETag: "b319b5ab3b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 11352

GET
H/1.1 200
OK badge1-desk-winter-20p.png
elitereplacementwindows.com/img/ 273 KB
273 KB 327ms
194ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/img/badge1-desk-winter-20p.png
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f460cfda131aeaca852f87ac4ad8d2d5bd80fd7910efc60c6113e883155af76a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:41 GMT
Last-Modified: Thu, 13 Apr 2023 19:08:28 GMT
Server: Microsoft-IIS/10.0
ETag: "d53b7d543b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 279149

GET
H/1.1 200
OK badge1-mob-winter-20p.png
elitereplacementwindows.com/img/ 23 KB
23 KB 399ms
199ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/img/badge1-mob-winter-20p.png
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: be34d4882f580deb9ae5a3fad0cb3b53390e73527dc7477569125d1cb0fa2550

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:41 GMT
Last-Modified: Thu, 13 Apr 2023 19:08:33 GMT
Server: Microsoft-IIS/10.0
ETag: "311bd5573b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 23205

GET
H/1.1 200
OK WebResource.axd Show response
elitereplacementwindows.com/ 23 KB
6 KB 195ms
195ms Script
application/x-javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: http://elitereplacementwindows.com/WebResource.axd?d=2aV1WIu0IZzg-OkuH8Z47LQqy5hIFL1v3qo4pfEcl5KN-qSfqwdgdIoQX-X_uPRM1t14zHMWIepO3a0LODDLew8DqRK_EFY6Y6XoeT7yBjU1&t=638007613797327092
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Oct 2022 21:42:59 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 6007
Expires: Fri, 12 Apr 2024 21:00:33 GMT

GET
H/1.1 200
OK WebResource.axd Show response
elitereplacementwindows.com/ 26 KB
7 KB 195ms
195ms Script
application/x-javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: http://elitereplacementwindows.com/WebResource.axd?d=R05Ui2250bMqjj7iRx7vu1WP_gYCyIUr-a1Jy0wUxrMeEMp92IB5iNfATMzT8nGuLcRENY__p-lNXVakKqv072LLqfcDyA5L_8ymzXgpIyg1&t=638007613797327092
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Oct 2022 21:42:59 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 7228
Expires: Fri, 12 Apr 2024 21:00:33 GMT

GET
H/1.1 200
OK LOGO%20Certifed%20Master%20Installer%20Vertical%20RGB.jpg
elitereplacementwindows.com/images/ 156 KB
157 KB 270ms
201ms Image
image/jpeg 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/images/LOGO%20Certifed%20Master%20Installer%20Vertical%20RGB.jpg
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e48afcf765797aaf9514567d678fd80e792b0fe5bb0a4d2b91b298853e640ae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:41 GMT
Last-Modified: Thu, 13 Apr 2023 19:10:54 GMT
Server: Microsoft-IIS/10.0
ETag: "d8805aab3b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 160054

GET
H/1.1 200
OK logo-footer.png
elitereplacementwindows.com/img/ 21 KB
21 KB 238ms
193ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/img/logo-footer.png
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c984ee1bff1eaa93d52143be67b219e0d1a9cca905103f51532d29e917e7ea6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:41 GMT
Last-Modified: Thu, 13 Apr 2023 19:09:47 GMT
Server: Microsoft-IIS/10.0
ETag: "89b6c5833b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 21253

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/874974045/ 3 KB
2 KB 190ms
69ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874974045/?random=1681421141094&cv=9&fst=1681421141094&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=http%3A%2F%2Felitereplacementwindows.com%2F&tiba=Window%20Rate%20Advisor%20-%20Powered%20By%20Renewal%20By%20Andersen%20-%20Window%20Replacement&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71f02b19ce8ef2b2f35bdfe0cc304290619a15e5ec3463e142c1bc44b30aae78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 21:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 Track.aspx
hits.ecdashboard.com/ 0
86 B 191ms
191ms Image
text/html 190.124.46.18
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hits.ecdashboard.com/Track.aspx?EVTID=1547&ECCMP=0%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C&ECUID=1681421141345.6213%7C%7C4/13/2023%2021%3A25%3A41&AMT=0&cvid=&cvprm1=&cvprm2=&ECURL=Empty%20Referrer%7C%7Chttp%3A//elitereplacementwindows.com/&ECSUP=%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C0%7C%7C&rnd=1681421141314.041&FH=true&CurURL=http%3A//elitereplacementwindows.com/&PT=Window%20Rate%20Advisor%20-%20Powered%20By%20Renewal%20By%20Andersen%20-%20Window%20Replacement&res=1600x1200&bws=Netscape
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.124.46.18 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 190-124-46-18.static.hvvc.us
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 21:25:40 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
cache-control: no-cache, no-store
expires: -1

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 178ms
58ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://elitereplacementwindows.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:32:46 GMT
x-content-type-options: nosniff
age: 211975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:32:46 GMT

GET
H/1.1 200
OK eb4a05a4-8a53-c2b0-b337-640a489815f4.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 647ms
582ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45533f8aad39f33e0b47b9b014aa4c577d9b0972812e45fec631f513648bc00c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:41 GMT
x-amz-version-id: pOl5.3fz5xVkwWJTirFZl9EVsyEBI010
Content-Encoding: gzip
CF-Cache-Status: MISS
x-amz-request-id: YEA4XHHDK3014G4K
Transfer-Encoding: chunked
x-amz-replication-status: COMPLETED
Connection: keep-alive
x-amz-id-2: gz1h3oi+2VyXJbPBZpatGHxG7ZgwWYmnUzz3UdsCngVN3rX4mFtth6e0zPamXb8DygvEc6xZW5r7xnMEI4HbZg==
Last-Modified: Fri, 12 Nov 2021 01:28:04 GMT
Server: cloudflare
ETag: W/"23f60186afbe149fd3f5b271d1d5c40d"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
CF-RAY: 7b76c8754dda9bfe-FRA

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

http://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16814211412340.772873619983331&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16814211412340.772873619983331&invert_field_sensitivity=false

7 KB
3 KB

326ms
192ms

Script
application/javascript

2600:9000:223d:3200:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16814211412340.772873619983331&invert_field_sensitivity=false
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/
Protocol: H2
Server: 2600:9000:223d:3200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 21:25:42 GMT
x-amz-version-id: oadcnJCg2vYrfrS_vSmPkc6nBoYFDxSV
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
server: AmazonS3
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"1b4d8abad5e0668a237e388577c6a93c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: tVDCtMWhh0QkSESgx8ze4NjwrId8Fkz2g4siRS5ZoIGIcbz16MP69w==

Redirect headers

Location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16814211412340.772873619983331&invert_field_sensitivity=false
Date: Thu, 13 Apr 2023 21:25:41 GMT
Server: awselb/2.0
Connection: keep-alive
Content-Length: 134
Content-Type: text/html

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 300ms
57ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Apr 2023 21:25:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 3/COqYfNzc5QbV5AyCAUsBlla7snlFV5xmwezNMPxFQRXtiMFUtcKyn50iAcU/FTGOBDCJ/YqnLNvG0q4nlsiw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dropdown-icon.png
elitereplacementwindows.com/images/ 1 KB
1 KB 244ms
193ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/images/dropdown-icon.png
Requested by: Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/css/rba/styles.min.css?v=102016
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0baf2b33451b03eee1aec2790910413ab6fb656ed7e53c5cffa83621c12f43ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/css/rba/styles.min.css?v=102016
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:41 GMT
Last-Modified: Thu, 13 Apr 2023 19:10:44 GMT
Server: Microsoft-IIS/10.0
ETag: "495a5a53b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 1097

GET
H2 200 /
www.google.com/pagead/1p-user-list/874974045/ 42 B
455 B 254ms
69ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/874974045/?random=1681421141094&cv=9&fst=1681419600000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Felitereplacementwindows.com%2F&tiba=Window%20Rate%20Advisor%20-%20Powered%20By%20Renewal%20By%20Andersen%20-%20Window%20Replacement&fmt=3&is_vtc=1&random=2732065022&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 21:25:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/874974045/ 42 B
455 B 257ms
72ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/874974045/?random=1681421141094&cv=9&fst=1681419600000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Felitereplacementwindows.com%2F&tiba=Window%20Rate%20Advisor%20-%20Powered%20By%20Renewal%20By%20Andersen%20-%20Window%20Replacement&fmt=3&is_vtc=1&random=2732065022&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 21:25:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 442453175949583 Show response
connect.facebook.net/signals/config/ 389 KB
109 KB 163ms
162ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/442453175949583?v=2.9.101&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7729c5d04bfea9205b38f6c552201ea199f694c2317b06d62455df03cf6a388

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Apr 2023 21:25:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: cpbUvGFrgg3kKItSfjAWSF7Vyun3e6Ya5CMwYMiZJ7PwrSKUQ+ogj43P6U4CPwfykmj9dv5x5nfFde4rdLJ1xg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame CD7B 0
210 B 172ms
57ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: elitereplacementwindows.com
URL: http://elitereplacementwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: http://elitereplacementwindows.com
Referer: http://elitereplacementwindows.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: http://elitereplacementwindows.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 13 Apr 2023 21:25:42 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
659 B 468ms
187ms XHR
text/plain 52.72.168.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=f5a5aa10-9e97-47a2-bb53-362f8f77b84a&_=489540611

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.168.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-168-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9ba4660599bfc8807cb7342a6adc62907412f3abf8a640e84408e9970720bdfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://elitereplacementwindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 13 Apr 2023 21:25:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 607ms
136ms XHR
application/json 18.214.14.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.214.14.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-14-230.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: c19c9bdd753994b00333e7673a7bbee1522e3394b139e1404005a0113a930e83

Request headers

Referer: http://elitereplacementwindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 13 Apr 2023 21:25:42 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 377A 3 KB
2 KB 179ms
60ms Document
text/html 18.165.196.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=86F4EB18-7CA5-C40F-5A8E-9F76C15CEF78&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4

Requested by

Host: create.lidstatic.com
URL: http://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2

Protocol

HTTP/1.1

Server

18.165.196.149 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-196-149.lhr50.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://elitereplacementwindows.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 86101
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 12 Apr 2023 21:30:41 GMT
ETag: W/"64354980-dbb"
Last-Modified: Tue, 11 Apr 2023 11:50:24 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 4c3c0be12954d0bfb5e695119bb76338.cloudfront.net (CloudFront)
X-Amz-Cf-Id: aV4oanxwUKaJAAu3wUgImkqGNsRIgTi7RlacA1H1U7GA_etvYmCCNw==
X-Amz-Cf-Pop: LHR50-P3
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
622 B 142ms
141ms XHR
text/plain 52.72.168.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=f5a5aa10-9e97-47a2-bb53-362f8f77b84a&token=86F4EB18-7CA5-C40F-5A8E-9F76C15CEF78&_=489540612

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.168.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-168-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://elitereplacementwindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 13 Apr 2023 21:25:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
621 B 243ms
242ms XHR
text/plain 52.72.168.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=f5a5aa10-9e97-47a2-bb53-362f8f77b84a&token=86F4EB18-7CA5-C40F-5A8E-9F76C15CEF78&_=489540613

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.168.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-168-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://elitereplacementwindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 13 Apr 2023 21:25:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 trustedform-1.8.38.js Show response
cdn.trustedform.com/ 102 KB
37 KB 70ms
70ms Script
application/javascript 2600:9000:223d:3200:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Requested by: Host: api.trustedform.com
URL: http://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16814211412340.772873619983331&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp
content-encoding: gzip
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
date: Thu, 13 Apr 2023 21:25:33 GMT
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 11
etag: W/"a71c6d4fa015e7b61cc1fc54ff9b242e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JeXn3M-M521uREiMozEXWMaZ_Mbrs1KqWp2-UTGedveyHipw7F1ceA==

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 0C90 4 KB
2 KB 433ms
133ms Document
text/html 50.19.247.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=86F4EB18-7CA5-C40F-5A8E-9F76C15CEF78&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=86F4EB18-7CA5-C40F-5A8E-9F76C15CEF78&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.19.247.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-247-79.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: http://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Thu, 13 Apr 2023 21:25:43 GMT
etag: W/"6425e809-1049"
expires: Fri, 14 Apr 2023 21:25:43 GMT
last-modified: Thu, 30 Mar 2023 19:50:33 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H2 204 snapshot Show response
api.trustedform.com/certs/b60d006ccf70572256fe99f23972191734a116d1/ 0
159 B 269ms
269ms XHR
text/plain 18.214.14.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/b60d006ccf70572256fe99f23972191734a116d1/snapshot
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.214.14.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-14-230.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://elitereplacementwindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 13 Apr 2023 21:25:43 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H/1.1 200
OK logo-window-rate-advisor-left.png
elitereplacementwindows.com/images/ 4 KB
4 KB 211ms
210ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/images/logo-window-rate-advisor-left.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 71f913d9e6fd44f323b008f43b8ce27bd97ea8327876d83b4d0cab7f57a4cd3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:42 GMT
Last-Modified: Thu, 13 Apr 2023 19:10:55 GMT
Server: Microsoft-IIS/10.0
ETag: "3f9d78ac3b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 4314

GET
H/1.1 200
OK mob-windowrateadvisor-header.jpg
elitereplacementwindows.com/images/ 28 KB
29 KB 206ms
204ms Image
image/jpeg 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/images/mob-windowrateadvisor-header.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ac02219a6597dda527f7d42d93b0b27422d621db98778079a216d71396429cd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:42 GMT
Last-Modified: Thu, 13 Apr 2023 19:10:59 GMT
Server: Microsoft-IIS/10.0
ETag: "a9b26fae3b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 28948

GET
H/1.1 200
OK logo-powered-by-rba.png
elitereplacementwindows.com/images/ 11 KB
11 KB 211ms
209ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/images/logo-powered-by-rba.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d8dd4052b38ab85de399d5c5cb06e8bcff12baad323e5bd2084950dc55776a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:42 GMT
Last-Modified: Thu, 13 Apr 2023 19:10:54 GMT
Server: Microsoft-IIS/10.0
ETag: "b319b5ab3b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 11352

GET
H/1.1 200
OK badge1-desk-winter-20p.png
elitereplacementwindows.com/img/ 273 KB
273 KB 204ms
203ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/img/badge1-desk-winter-20p.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f460cfda131aeaca852f87ac4ad8d2d5bd80fd7910efc60c6113e883155af76a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:42 GMT
Last-Modified: Thu, 13 Apr 2023 19:08:28 GMT
Server: Microsoft-IIS/10.0
ETag: "d53b7d543b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 279149

GET
H/1.1 200
OK badge1-mob-winter-20p.png
elitereplacementwindows.com/img/ 23 KB
23 KB 205ms
204ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/img/badge1-mob-winter-20p.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: be34d4882f580deb9ae5a3fad0cb3b53390e73527dc7477569125d1cb0fa2550

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:42 GMT
Last-Modified: Thu, 13 Apr 2023 19:08:33 GMT
Server: Microsoft-IIS/10.0
ETag: "311bd5573b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 23205

GET
H/1.1 200
OK LOGO%20Certifed%20Master%20Installer%20Vertical%20RGB.jpg
elitereplacementwindows.com/images/ 156 KB
157 KB 205ms
205ms Image
image/jpeg 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/images/LOGO%20Certifed%20Master%20Installer%20Vertical%20RGB.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e48afcf765797aaf9514567d678fd80e792b0fe5bb0a4d2b91b298853e640ae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:42 GMT
Last-Modified: Thu, 13 Apr 2023 19:10:54 GMT
Server: Microsoft-IIS/10.0
ETag: "d8805aab3b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 160054

GET
H/1.1 200
OK logo-footer.png
elitereplacementwindows.com/img/ 21 KB
21 KB 194ms
194ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elitereplacementwindows.com/img/logo-footer.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: HTTP/1.1
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c984ee1bff1eaa93d52143be67b219e0d1a9cca905103f51532d29e917e7ea6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 21:25:42 GMT
Last-Modified: Thu, 13 Apr 2023 19:09:47 GMT
Server: Microsoft-IIS/10.0
ETag: "89b6c5833b6ed91:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 21253

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/b60d006ccf70572256fe99f23972191734a116d1/ 0
159 B 262ms
262ms XHR
text/plain 18.214.14.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/b60d006ccf70572256fe99f23972191734a116d1/fingerprints
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.214.14.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-14-230.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://elitereplacementwindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 13 Apr 2023 21:25:43 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 204 events
api.trustedform.com/certs/b60d006ccf70572256fe99f23972191734a116d1/ 0
160 B 404ms
136ms Ping
text/plain 18.214.14.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/b60d006ccf70572256fe99f23972191734a116d1/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.214.14.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-14-230.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://elitereplacementwindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 13 Apr 2023 21:25:43 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
623 B 138ms
137ms XHR
text/plain 52.72.168.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=4&pid=f5a5aa10-9e97-47a2-bb53-362f8f77b84a&token=86F4EB18-7CA5-C40F-5A8E-9F76C15CEF78&_=489540614

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.168.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-168-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://elitereplacementwindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 13 Apr 2023 21:25:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 0C90 0
626 B 404ms
137ms Script
text/javascript 52.72.168.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&methods=48&token=86F4EB18-7CA5-C40F-5A8E-9F76C15CEF78&uuid=626d682a5df94aa6a63985a184e3f95b

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=86F4EB18-7CA5-C40F-5A8E-9F76C15CEF78&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.168.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-168-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 21:25:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 57ms
56ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=442453175949583&ev=Microdata&dl=http%3A%2F%2Felitereplacementwindows.com%2F&rl=&if=false&ts=1681421143397&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtWindow%20Rate%20Advisor%20-%20Powered%20By%20Renewal%20By%20Andersen%20-%20Window%20Replacement%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.101&r=stable&ec=1&o=30&fbp=fb.1.1681421141857.2051151097&it=1681421141578&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://elitereplacementwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Apr 2023 21:25:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 events Show response
api.trustedform.com/certs/b60d006ccf70572256fe99f23972191734a116d1/ 0
159 B 136ms
136ms XHR
text/plain 18.214.14.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/b60d006ccf70572256fe99f23972191734a116d1/events
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.214.14.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-14-230.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://elitereplacementwindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 13 Apr 2023 21:25:43 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
623 B 671ms
406ms XHR
text/plain 52.72.168.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=5&pid=f5a5aa10-9e97-47a2-bb53-362f8f77b84a&token=86F4EB18-7CA5-C40F-5A8E-9F76C15CEF78&_=489540615

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.168.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-168-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://elitereplacementwindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 13 Apr 2023 21:25:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
623 B 604ms
272ms XHR
text/plain 52.72.168.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=6&pid=f5a5aa10-9e97-47a2-bb53-362f8f77b84a&token=86F4EB18-7CA5-C40F-5A8E-9F76C15CEF78&_=489540616

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.25.1/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.168.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-168-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://elitereplacementwindows.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 13 Apr 2023 21:25:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
elitereplacementwindows.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 1frxti1bqdj03o3vge3gugd1
.elitereplacementwindows.com/	1970-01-20 12:30:05	Name: EC_UID Value: 1681421141345.6213%7C%7C4/13/2023%2021%3A25%3A41
.elitereplacementwindows.com/	1970-01-20 12:30:05	Name: EC_CMP Value: 0%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.elitereplacementwindows.com/	1970-01-20 12:30:05	Name: EC_SUP Value: %7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C0%7C%7C
.elitereplacementwindows.com/	1970-01-20 12:30:05	Name: EC_URL Value: Empty%20Referrer%7C%7Chttp%3A//elitereplacementwindows.com/
.doubleclick.net/	1970-01-20 11:03:42	Name: test_cookie Value: CheckForPermission
.elitereplacementwindows.com/	1970-01-20 13:13:17	Name: _fbp Value: fb.1.1681421141857.2051151097
elitereplacementwindows.com/	1969-12-31 23:59:59	Name: leadid_token-D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4-EB4A05A4-8A53-C2B0-B337-640A489815F4 Value: 86F4EB18-7CA5-C40F-5A8E-9F76C15CEF78
.deviceid.trueleadid.com/	1970-01-20 20:39:41	Name: uuid Value: 626d682a5df94aa6a63985a184e3f95b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
cdn.ravenjs.com
cdn.trustedform.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
elitereplacementwindows.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hits.ecdashboard.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
142.250.185.98
18.165.196.149
18.214.14.230
190.124.46.18
198.154.88.118
2600:9000:223d:3200:1c:7f1a:6680:93a1
2606:4700:10::6816:27b6
2a00:1450:4001:806::2003
2a00:1450:4001:811::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2004
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::729
50.19.247.79
52.54.141.164
52.72.168.118
001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c
07d81e29da2b847c60281b9e084fe58ddf894ba5c6a60f395adf10aa4ad3d405
0baf2b33451b03eee1aec2790910413ab6fb656ed7e53c5cffa83621c12f43ad
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
45533f8aad39f33e0b47b9b014aa4c577d9b0972812e45fec631f513648bc00c
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
66f4b78b6d602a8ef77322719b59a4d054a42bb3d07e9810afb61eeb2bfc5738
674fbf344e077b730d2e7b0d24170033c5c6d5b6c1ef353017dda19edc7d3344
6b0a441c9dce94782d7a27a191c8533cac452c1607eaeeceb9ffbc3f2e8bdfa5
71f02b19ce8ef2b2f35bdfe0cc304290619a15e5ec3463e142c1bc44b30aae78
71f913d9e6fd44f323b008f43b8ce27bd97ea8327876d83b4d0cab7f57a4cd3a
75f2e1d6ed4f585b1013768e1ce606d5c7014f44649c1d6b32f3eea29de6305f
9ba4660599bfc8807cb7342a6adc62907412f3abf8a640e84408e9970720bdfc
9c2f66520befdb2169bc7bf9e5a5fcff65a6cfd13d3851ed501300a54ff3da0c
ac02219a6597dda527f7d42d93b0b27422d621db98778079a216d71396429cd8
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
be34d4882f580deb9ae5a3fad0cb3b53390e73527dc7477569125d1cb0fa2550
c19c9bdd753994b00333e7673a7bbee1522e3394b139e1404005a0113a930e83
c7729c5d04bfea9205b38f6c552201ea199f694c2317b06d62455df03cf6a388
c984ee1bff1eaa93d52143be67b219e0d1a9cca905103f51532d29e917e7ea6b
d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e
d8dd4052b38ab85de399d5c5cb06e8bcff12baad323e5bd2084950dc55776a3f
db0e93a6caa38aa56a60492fbb22c1d09e743b879bf3486c2caf5e6dc290cf32
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48afcf765797aaf9514567d678fd80e792b0fe5bb0a4d2b91b298853e640ae8
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f460cfda131aeaca852f87ac4ad8d2d5bd80fd7910efc60c6113e883155af76a
ffe9f5af1f80a9ba2f3208eb78ffcc24421bdbdd2964fa9799e055091a0970f8

elitereplacementwindows.com Open in urlscan Pro 198.154.88.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

50 %HTTPS

53 %IPv6

16 Domains

17 Subdomains

17 IPs

2 Countries

1420 kBTransfer

2109 kBSize

9 Cookies

1 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

elitereplacementwindows.com Open in urlscan Pro
198.154.88.118 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

50 %
HTTPS

53 %
IPv6

16
Domains

17
Subdomains

17
IPs

2
Countries

1420 kB
Transfer

2109 kB
Size

9
Cookies

52 HTTP transactions
1 data transactions