www.energybillcruncher.com Open in urlscan Pro
54.186.135.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940
Submission Tags: https://phish.report @phish_report Search All
Submission: On April 18 via api (April 18th 2022, 2:12:14 am UTC) from FI — Scanned from DE

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 21 domains to perform 63 HTTP transactions. The main IP is 54.186.135.21, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.energybillcruncher.com. The Cisco Umbrella rank of the primary domain is 5434.
TLS certificate: Issued by Amazon on May 27th 2021. Valid for: a year.

This is the only time www.energybillcruncher.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	54.186.135.21 54.186.135.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1 7	2600:9000:215... 2600:9000:2156:1c00:15:f7f:8880:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	104.104.52.82 104.104.52.82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:224... 2600:9000:224a:8a00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
2	70.42.32.223 70.42.32.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1 1	2600:1f18:730... 2600:1f18:730:b140:f378:e5c6:1d9e:4c3	14618 (AMAZON-AES) (AMAZON-AES)
1	34.202.82.185 34.202.82.185	14618 (AMAZON-AES) (AMAZON-AES)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 5	54.160.222.255 54.160.222.255	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:215... 2600:9000:2156:8800:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
7	54.172.138.183 54.172.138.183	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.101.219 143.204.101.219	16509 (AMAZON-02) (AMAZON-02)
1	34.232.148.15 34.232.148.15	14618 (AMAZON-AES) (AMAZON-AES)
63	28

2 54.186.135.21 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-135-21.us-west-2.compute.amazonaws.com

www.energybillcruncher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2156:1c00:15:f7f:8880:21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d3bnsjl54t3oyq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.104.52.82 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-104-52-82.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:8a00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:f378:e5c6:1d9e:4c3 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.82.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-82-185.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.160.222.255 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-222-255.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:8800:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.172.138.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-138-183.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-219.fra50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.148.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-148-15.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudfront.net 1 redirects d3bnsjl54t3oyq.cloudfront.net d2m2wsoho8qq12.cloudfront.net	25 KB
7	leadid.com create.leadid.com — Cisco Umbrella Rank: 14106	4 KB
7	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 22296 cdn.trustedform.com — Cisco Umbrella Rank: 24058	40 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1184	107 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1059 trc.taboola.com — Cisco Umbrella Rank: 656 trc-events.taboola.com — Cisco Umbrella Rank: 1698	21 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 maps.googleapis.com — Cisco Umbrella Rank: 338	176 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3725 rp.liadm.com — Cisco Umbrella Rank: 2769 rp4.liadm.com — Cisco Umbrella Rank: 10728	12 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2265 tr.outbrain.com — Cisco Umbrella Rank: 2048	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	500 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 823	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	114 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 420	7 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	energybillcruncher.com www.energybillcruncher.com — Cisco Umbrella Rank: 5434	226 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 1878	2 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 524	458 B
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 24453	39 KB
1	t.co t.co — Cisco Umbrella Rank: 476	338 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 619	6 KB
1	bing.com bat.bing.com — Cisco Umbrella Rank: 378	12 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	62 KB
63	21

	Domain	Requested by
7	create.leadid.com	d3bnsjl54t3oyq.cloudfront.net deviceid.trueleadid.com
7	analytics.tiktok.com	www.energybillcruncher.com analytics.tiktok.com
7	d3bnsjl54t3oyq.cloudfront.net	1 redirects www.energybillcruncher.com cdn.trustedform.com
5	api.trustedform.com	1 redirects d3bnsjl54t3oyq.cloudfront.net
4	trc-events.taboola.com	cdn.taboola.com d3bnsjl54t3oyq.cloudfront.net
4	maps.googleapis.com	www.energybillcruncher.com maps.googleapis.com
2	cdn.trustedform.com	www.energybillcruncher.com api.trustedform.com
2	www.facebook.com	www.energybillcruncher.com
2	sp.analytics.yahoo.com	www.energybillcruncher.com cdn.trustedform.com
2	trc.taboola.com	cdn.taboola.com
2	tr.outbrain.com	amplify.outbrain.com www.energybillcruncher.com
2	connect.facebook.net	www.energybillcruncher.com connect.facebook.net
2	s.yimg.com	www.energybillcruncher.com s.yimg.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.energybillcruncher.com	www.energybillcruncher.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	analytics.twitter.com	static.ads-twitter.com
1	create.lidstatic.com	d3bnsjl54t3oyq.cloudfront.net
1	rp4.liadm.com	www.energybillcruncher.com
1	rp.liadm.com	1 redirects
1	t.co	www.energybillcruncher.com
1	static.ads-twitter.com	www.energybillcruncher.com
1	b-code.liadm.com	www.googletagmanager.com
1	bat.bing.com	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	amplify.outbrain.com	www.energybillcruncher.com
1	fonts.googleapis.com	www.energybillcruncher.com
1	www.googletagmanager.com	www.energybillcruncher.com
63	29

This site contains no links.

Subject Issuer	Validity	Valid
www.energybillcruncher.com Amazon	`2021-05-27` - `2022-06-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-14` - `2022-05-04`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-25` - `2022-04-25`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2022-03-30` - `2023-03-30`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
create.leadid.com Amazon	`2021-10-22` - `2022-11-19`	a year	crt.sh
*.trustedform.com Amazon	`2021-10-12` - `2022-11-09`	a year	crt.sh
cdn.trustedform.com Amazon	`2022-04-14` - `2023-05-13`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940
Frame ID: BD1B9BA95765999D111441A41FD41263
Requests: 61 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=B4E2863F-D451-B9DA-92E7-71EB39203AE1&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=8692495F-A9C0-1480-0B3A-7C60671290EF&lac=AD66E999-BB91-DB9B-9DA1-F7C0173D38D9
Frame ID: 9DB374DBC1A8A95075FA99453C9B623B
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=B4E2863F-D451-B9DA-92E7-71EB39203AE1&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=8692495F-A9C0-1480-0B3A-7C60671290EF&lac=AD66E999-BB91-DB9B-9DA1-F7C0173D38D9
Frame ID: 75CE62C1DDCF6942EAE394CE007A6D5C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hesse Program Offers Huge Solar Incentives

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

63
Requests

95 %
HTTPS

46 %
IPv6

21
Domains

29
Subdomains

28
IPs

6
Countries

899 kB
Transfer

2763 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js HTTP 301
https://www.energybillcruncher.com/~_~static-assets/1898/bundle/main.js

Request Chain 33

https://rp.liadm.com/j?dtstmp=1650247925307&aid=a-06d6&se=e30&duid=d17190cb7205--01g0x71zgg3sxbcest9m45nky2&tna=v2.3.0&pu=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940&wpn=lc-bundle&c=PHRpdGxlPkhlc3NlIFByb2dyYW0gT2ZmZXJzIEh1Z2UgU29sYXIgSW5jZW50aXZlczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkVudGVyIGJhc2ljIGluZm9ybWF0aW9uIHRvIHNlZSBpZiB5b3VyIGhvbWUgcXVhbGlmaWVzISI-PGgxIGNsYXNzPSJmdTd5Y3EtMCBmaGFYV0siPkhlc3NlIFByb2dyYW0gT2ZmZXJzIEh1Z2UgU29sYXIgSW5jZW50aXZlczwvaDE-PGgxIGNsYXNzPSJmdTd5Y3EtMSBqbHhJUlIiPkVudGVyIGJhc2ljIGluZm9ybWF0aW9uIHRvIHNlZSBpZiB5b3VyIGhvbWUgcXVhbGlmaWVzITwvaDE-PGgxPkZSRUUgRXhwZXJ0IFNvbGFyIFF1b3RlPC9oMT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1650247925307&aid=a-06d6&se=e30&duid=d17190cb7205--01g0x71zgg3sxbcest9m45nky2&tna=v2.3.0&pu=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940&wpn=lc-bundle&c=PHRpdGxlPkhlc3NlIFByb2dyYW0gT2ZmZXJzIEh1Z2UgU29sYXIgSW5jZW50aXZlczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkVudGVyIGJhc2ljIGluZm9ybWF0aW9uIHRvIHNlZSBpZiB5b3VyIGhvbWUgcXVhbGlmaWVzISI-PGgxIGNsYXNzPSJmdTd5Y3EtMCBmaGFYV0siPkhlc3NlIFByb2dyYW0gT2ZmZXJzIEh1Z2UgU29sYXIgSW5jZW50aXZlczwvaDE-PGgxIGNsYXNzPSJmdTd5Y3EtMSBqbHhJUlIiPkVudGVyIGJhc2ljIGluZm9ybWF0aW9uIHRvIHNlZSBpZiB5b3VyIGhvbWUgcXVhbGlmaWVzITwvaDE-PGgxPkZSRUUgRXhwZXJ0IFNvbGFyIFF1b3RlPC9oMT4&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true

Request Chain 37

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16502479268090.39345237287900847 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16502479268090.39345237287900847

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.energybillcruncher.com/la/ 36 KB
8 KB 629ms
261ms Document
text/html 54.186.135.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.135.21 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-135-21.us-west-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

8e6c86a3c50adf1d9c8b7100ea02170c72e5a9ee80f2a0f16da6d874cab9cd91

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 18 Apr 2022 02:12:04 GMT
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server: nginx/1.20.0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
62 KB 368ms
26ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTXVM4V

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8e4a09180ead2da5995d3d1cb8bb1550d554b4075d4cc0e3a0134d834d69cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:12:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62933
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 02:12:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 367ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,700&display=swap

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99d2bb5c902097d992e7af30789a8c698225f9172533abe618173913ded14a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 02:12:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Apr 2022 02:12:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Apr 2022 02:12:05 GMT

GET
H2 200 EBCLogoGreen.svg
d3bnsjl54t3oyq.cloudfront.net/img/v3/ 7 KB
3 KB 357ms
8ms Image
image/svg+xml 2600:9000:2156:1c00:15:f7f:8880:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3bnsjl54t3oyq.cloudfront.net/img/v3/EBCLogoGreen.svg

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1c00:15:f7f:8880:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

96100bfb0c7746ad7d180dface5d812826e266581fea6efe6219d581a7e60545

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 11:20:03 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 53522
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
last-modified: Tue, 12 Apr 2022 21:22:02 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: po2xOKicig1kYD7jMi1oiROz1sNq_yVt5ZhQd7xfwOf8yhrMo8OtTg==

GET
H2 200 icon-ssl-lock.png
d3bnsjl54t3oyq.cloudfront.net/img/ 2 KB
2 KB 358ms
10ms Image
image/png 2600:9000:2156:1c00:15:f7f:8880:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3bnsjl54t3oyq.cloudfront.net/img/icon-ssl-lock.png

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1c00:15:f7f:8880:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

60078dc06ec56032606db4349c28c363f48b2332bfa62ec8436c6bf1c404e0f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 11:49:45 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
last-modified: Tue, 12 Apr 2022 21:22:02 GMT
server: nginx/1.20.0
age: 51740
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
content-length: 1677
x-amz-cf-id: Ta6O7kcxNnp-L9vGytCXJNuVmyPJIzi2LW0bH5GiiUIXg4BbS8TaRw==

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 164 KB
54 KB 387ms
39ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBJ-xDlhTqTJi1gxvsLS_DXz9YjsvgSB4w&libraries=places

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

8e29704f0f01bc021b40be2f3554e3308dd1c5d53725e881fb731ae426c53cb9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:12:05 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55166
x-xss-protection: 0
expires: Mon, 18 Apr 2022 02:42:05 GMT

GET
H2

200

main.js Show response
www.energybillcruncher.com/~_~static-assets/1898/bundle/
Redirect Chain

https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js
https://www.energybillcruncher.com/~_~static-assets/1898/bundle/main.js

722 KB
219 KB

208ms
186ms

Script
application/javascript

54.186.135.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.energybillcruncher.com/~_~static-assets/1898/bundle/main.js

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Server

54.186.135.21 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-135-21.us-west-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

d695a08ac2eae0474a26a6d1b90c4b536f6f65c1f1364ff1815bed3fb22d3182

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:12:05 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 00:07:31 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8

Redirect headers

date: Sun, 17 Apr 2022 11:36:50 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
server: awselb/2.0
age: 52515
x-cache: Hit from cloudfront
content-type: text/html
location: https://www.energybillcruncher.com:443/~_~static-assets/1898/bundle/main.js
x-amz-cf-pop: FRA50-C1
content-length: 134
x-amz-cf-id: CH_P2L148qD82Ic5rpHtz2HvVfaHliH0sU6Keg-o9iCykUBE3VaBuw==

GET
H2 200 bg-tile-2-1.svg
d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/img/ 25 KB
6 KB 18ms
8ms Image
image/svg+xml 2600:9000:2156:1c00:15:f7f:8880:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/img/bg-tile-2-1.svg

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1c00:15:f7f:8880:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

0507c55f4ab35e183e63a1ee5a9fdac0054b04549754e5a98cadc3833ff87e9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 17:53:26 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 29919
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 00:07:31 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: QprvEm5exd6lKEcbrsgpHNNphTqFT2WblHAb9ERTQgvTtGDZR6xQiw==

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 91ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.energybillcruncher.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 375213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 17:58:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 90ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.energybillcruncher.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 375346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 17:56:19 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 74ms
19ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 02:12:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Mon, 18 Apr 2022 02:32:05 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1027940/ 55 KB
17 KB 98ms
18ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1027940/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTXVM4V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 046686877f5c19dd2f4d3b0e3486b09d2137721745b6199f439e78f43e5e4ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: _DlsNx7oYCXGAsJ4OfEdWucntPfADJJF
content-encoding: gzip
etag: "89009dc297f1165b8080b2676422a990"
age: 12394
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17364
x-amz-id-2: rrLp1ZA+NAapoAP1NUTnvQmRDJqDZz4LObpiYwsQYXYmeddajkl/WPR4vRMhKzTANGq+i7g8AUE=
x-served-by: cache-cdg20759-CDG
last-modified: Sun, 17 Apr 2022 11:06:58 GMT
server: AmazonS3
x-timer: S1650247925.483604,VS0,VE1
date: Mon, 18 Apr 2022 02:12:05 GMT
vary: Accept-Encoding
x-amz-request-id: NNKDJDKAHC77Y1B3
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 1

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 75ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTXVM4V

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 97EB3DF65C214B05843C023D3753200E Ref B: FRAEDGE1512 Ref C: 2022-04-18T02:12:05Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 18 Apr 2022 02:12:05 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 77ms
13ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 18 Apr 2022 02:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5748
x-amz-id-2: fceY0EMD0DrnW6YmCzwWSNgRA0+LoTvgNZcfDB0+I8wrSidiz5t39nnxkNgF77IWaRNkQ0RT8Nw=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 8S0HXQNK9JRY8DRA
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 38ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: LP0AzuuBQBNJzm37Ubh/iJCqbfGQSmvQYdWCyjR33kZk0NMVjwy6iyXBjoYRlZgWBqjvCsN1ijqMv3UwAPRozg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 18 Apr 2022 02:12:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 124 KB
37 KB 184ms
119ms Script
application/javascript 104.104.52.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C288M0QQV140ORDI24CG&lib=ttq
Requested by: Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.82 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ac35c1aaadd50f51ecaf0ae44158872c5f9d835e78ac87f382d12065c0439aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 02:12:05 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202204180212050101131352001A2460EC
vary: Accept-Encoding
x-cache: TCP_MISS from a104-104-52-78.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,104.104.52.78
x-tt-trace-host: 01c291936e6b265049cd958b75dcd6b104d49dba8b2ab7f833faa24da2981e532bda6dc5bdb0afc158ad11b276279d25d055a51c31c0dfcfa103e94c9eb5e99236a0ba361d76f9bd89d2460a587397828ca9c2b623e38b7f7b2ea94a4b72ac30c6
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=99
x-akamai-request-id: 4f93405d
expires: Mon, 18 Apr 2022 02:12:05 GMT

GET
H2 200 a-06d6.min.js Show response
b-code.liadm.com/ 26 KB
10 KB 435ms
12ms Script
application/javascript 2600:9000:224a:8a00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-06d6.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTXVM4V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:8a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2b9a5f94514674e0dcfb508507e5716e2542a587398f6bf511ed5a63b0423f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 19:16:08 GMT
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
age: 24957
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P1
content-encoding: gzip
x-amz-cf-id: 4Vl3YysnAA5YFLgL6wK-IFBa9uAFswy1LdFZCbRenqo9UjfGgXjx3w==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 445ms
23ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:12:05 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:09:12 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100094-IAD, cache-muc13958-MUC

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 124 KB
37 KB 185ms
120ms Script
application/javascript 104.104.52.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C59L6CVGE0M9N03GV490&lib=ttq
Requested by: Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.82 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ac35c1aaadd50f51ecaf0ae44158872c5f9d835e78ac87f382d12065c0439aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 02:12:05 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220418021205010113006160201F61A9
vary: Accept-Encoding
x-cache: TCP_MISS from a104-104-52-78.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 101,104.104.52.78
x-tt-trace-host: 01c291936e6b265049cd958b75dcd6b104d49dba8b2ab7f833faa24da2981e532bda6dc5bdb0afc158ad11b276279d25d0746e4684599c16f51ce49b97efc4dd228a46ddcfa9fea4c214c583cc0e29e667e19b66ec67a1fd3f6f742470abcc0caf
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=101
x-akamai-request-id: 4f93405e
expires: Mon, 18 Apr 2022 02:12:05 GMT

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
458 B 49ms
24ms XHR
application/json 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBJ-xDlhTqTJi1gxvsLS_DXz9YjsvgSB4w&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.energybillcruncher.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 564ms
99ms Script
application/javascript 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00bf3a52604b0b83a0f56e9536343b9e18
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 02:12:05 GMT
content-encoding: gzip
X-TraceId: fe9ef83acf69eea6451f4ce6bd4dee34
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 566ms
96ms Image
image/gif 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00bf3a52604b0b83a0f56e9536343b9e18&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940&optOut=false&bust=05033238010037531
Requested by: Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 02:12:05 GMT
Cache-Control: no-cache
X-TraceId: 1314e1b1e09109292a2ae483177fc5a4
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H3 200 1152473408251609 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 102ms
81ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1152473408251609?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

25ffa4815e09d3976d20b2557a355ad0928a346500d797acf537ba7812bb97fa

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 3MtVOntHCVaJwkb/6DEkp0x+h138o/rNMJ80AdafY6kLINcJ0eCQlp/XE0CGxP5B7Dw7JN+/i6WrgOuRdxDU6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 18 Apr 2022 02:12:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10043472.json Show response
s.yimg.com/wi/config/ 46 B
682 B 51ms
16ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10043472.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e7373183856ebb881cab770e921c0c127b4afe9b48ddaf15f4ce09dca92effa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 17:59:35 GMT
x-content-type-options: nosniff
age: 29551
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: RE01ASASMQFHJTZW
x-amz-id-2: Rx2BrpbutGmKXJ5h/uwshSkpwR7rdE55kmk0R+UPzXIgNyQwQQIjWxPLVLNLzzhvDgJ28zYvRXg=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sun, 07 May 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 01 Apr 2022 23:54:49 GMT
server: ATS
etag: "b5f6b849289f8a109265878eb350c068"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: r4g3U0Dy.RIylG_g1i.NBovftn8Hyz0T
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/json

GET
H2 200 json Show response
trc.taboola.com/1027940/trc/3/ 2 KB
1 KB 42ms
34ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1027940/trc/3/json?tim=1650247924851&data=%7B%22id%22%3A188%2C%22ii%22%3A%22%2Fla%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1650247924842%2C%22cv%22%3A%2220220417-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dlendgo-solar-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1650247924849%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1027940/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da3461c79e89f5cf3e97d65a347d5df96b1d0d3fa169998cec6c188c55a19bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Mon, 18 Apr 2022 02:12:05 GMT
content-encoding: gzip
server: nginx
x-timer: S1650247926.547499,VS0,VE19
x-served-by: cache-cdg20759-CDG
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
717 B 307ms
35ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2018%20Apr%202022%2002%3A12%3A04%20GMT&n=0&b=Hesse%20Program%20Offers%20Huge%20Solar%20Incentives&.yp=10043472&f=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 02:12:05 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 18 Apr 2022 02:12:05 GMT

GET
H2 200 json Show response
trc.taboola.com/1234288/trc/3/ 2 KB
1 KB 41ms
40ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1234288/trc/3/json?tim=1650247924903&data=%7B%22id%22%3A101%2C%22ii%22%3A%22%2Fla%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1650247924842%2C%22cv%22%3A%2220220417-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dlendgo-solar-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1650247924858%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940%22%2C%22tos%22%3A10%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1027940/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1fcdfa05931397f6edc1af260ae44b8be7df2a807ddf99e025c0b0a7c38df5d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms: 21
date: Mon, 18 Apr 2022 02:12:05 GMT
content-encoding: gzip
server: nginx
x-timer: S1650247926.587837,VS0,VE21
x-served-by: cache-cdg20759-CDG
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 127ms
127ms Script
application/javascript 104.104.52.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C288M0QQV140ORDI24CG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.82 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 02:12:05 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220418021205010113135233159315B2
vary: Accept-Encoding
x-cache: TCP_MISS from a104-104-52-78.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 100,104.104.52.78
x-tt-trace-host: 01c291936e6b265049cd958b75dcd6b104d49dba8b2ab7f833faa24da2981e532bda6dc5bdb0afc158ad11b276279d25d0694ac34f3e8f45c46d51c60cd33fcb8311ce0e8e12e48214dd2df4a28a9abd97d68256b8b268d7f398d10772fda87172
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=100
x-akamai-request-id: 4f9340db
expires: Mon, 18 Apr 2022 02:12:05 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 874 B
958 B 134ms
133ms Script
application/javascript 104.104.52.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C288M0QQV140ORDI24CG&hostname=www.energybillcruncher.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C288M0QQV140ORDI24CG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.82 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: df4e4466cfd6788a80857f67f69119371d69dbe1a1d0c678ffdf52ace5d0668e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 4f934111
date: Mon, 18 Apr 2022 02:12:05 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-78.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=9, origin; dur=102
content-length: 353
pragma: no-cache
server: nginx
x-tt-logid: 202204180212050101130060111E2738CD
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 102,104.104.52.78
x-tt-trace-host: 01c291936e6b265049cd958b75dcd6b104d49dba8b2ab7f833faa24da2981e532bda6dc5bdb0afc158ad11b276279d25d090eee076c3aaa941d9abab936c2a8e9d55019ace9e6e63e9acb083c31946e7c93270ba03de1f2ead353293725c0899df
expires: Mon, 18 Apr 2022 02:12:05 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 878 B
963 B 134ms
134ms Script
application/javascript 104.104.52.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C59L6CVGE0M9N03GV490&hostname=www.energybillcruncher.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C288M0QQV140ORDI24CG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.82 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9048aabba091c5ba6809b1bf0f29d383af1772fa68570853d84a0e2a047d342b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-akamai-request-id: 4f934112
date: Mon, 18 Apr 2022 02:12:05 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-78.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=9, origin; dur=101
content-length: 357
pragma: no-cache
server: nginx
x-tt-logid: 2022041802120501011313505026D54113
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 101,104.104.52.78
x-tt-trace-host: 01c291936e6b265049cd958b75dcd6b104d49dba8b2ab7f833faa24da2981e532bda6dc5bdb0afc158ad11b276279d25d06bd109d9f1bc553286ea840de8f65cc966c87c8ea2beb5518dbffdbde91f2ceacc949f3592e5e0653bea533abee1ab70
expires: Mon, 18 Apr 2022 02:12:05 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 69ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1152473408251609&ev=PageView&dl=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940&rl=&if=false&ts=1650247925099&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650247925096.1443783455&it=1650247924814&coo=false&exp=p0&rqm=GET

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:12:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 18 Apr 2022 02:12:05 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
570 B 139ms
135ms Ping
application/octet-stream 104.104.52.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C288M0QQV140ORDI24CG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.82 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.energybillcruncher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 02:12:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220418021206010113006104010C65D1
x-cache: TCP_MISS from a104-104-52-78.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 117,104.104.52.78
x-tt-trace-host: 01c291936e6b265049cd958b75dcd6b104d49dba8b2ab7f833faa24da2981e532bda6dc5bdb0afc158ad11b276279d25d07eb41188fdbd254605c88dd09be92e2ed03576d10a65a79f7e9ee4485b9cac6bbe7ef8ce536b352aa0296921b135f52c
server-timing: inner; dur=13, cdn-cache; desc=MISS, edge; dur=0, origin; dur=117
x-akamai-request-id: 4f9341de
content-length: 0
expires: Mon, 18 Apr 2022 02:12:06 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
572 B 149ms
147ms Ping
application/octet-stream 104.104.52.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C288M0QQV140ORDI24CG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.82 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-82.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.energybillcruncher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 02:12:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220418021206010113135143059E5388
x-cache: TCP_MISS from a104-104-52-78.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 123,104.104.52.78
x-tt-trace-host: 01c291936e6b265049cd958b75dcd6b104d49dba8b2ab7f833faa24da2981e532bda6dc5bdb0afc158ad11b276279d25d0e1490c2c47417994988fb6035f522814b88f36a78589dc45cf92f6d4c18144c4f7a74a61883a3ac83be306a7870f6473
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=1, origin; dur=123
x-akamai-request-id: 4f9341e0
content-length: 0
expires: Mon, 18 Apr 2022 02:12:06 GMT

GET
H2 200 adsct
t.co/i/ 43 B
338 B 429ms
133ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o6gei&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=f08187ec-d1cb-4c58-b5d9-79a880a64a82&tw_document_href=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time: 117
date: Mon, 18 Apr 2022 02:12:05 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c89de32276950dfc7be902a05746cb746d82659a631a65b6b06fd5751ae56bca
content-length: 43

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1650247925307&aid=a-06d6&se=e30&duid=d17190cb7205--01g0x71zgg3sxbcest9m45nky2&tna=v2.3.0&pu=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26cam...
https://rp4.liadm.com/j?dtstmp=1650247925307&aid=a-06d6&se=e30&duid=d17190cb7205--01g0x71zgg3sxbcest9m45nky2&tna=v2.3.0&pu=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26ca...

13 B
551 B

388ms
99ms

XHR
application/json

34.202.82.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1650247925307&aid=a-06d6&se=e30&duid=d17190cb7205--01g0x71zgg3sxbcest9m45nky2&tna=v2.3.0&pu=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940&wpn=lc-bundle&c=PHRpdGxlPkhlc3NlIFByb2dyYW0gT2ZmZXJzIEh1Z2UgU29sYXIgSW5jZW50aXZlczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkVudGVyIGJhc2ljIGluZm9ybWF0aW9uIHRvIHNlZSBpZiB5b3VyIGhvbWUgcXVhbGlmaWVzISI-PGgxIGNsYXNzPSJmdTd5Y3EtMCBmaGFYV0siPkhlc3NlIFByb2dyYW0gT2ZmZXJzIEh1Z2UgU29sYXIgSW5jZW50aXZlczwvaDE-PGgxIGNsYXNzPSJmdTd5Y3EtMSBqbHhJUlIiPkVudGVyIGJhc2ljIGluZm9ybWF0aW9uIHRvIHNlZSBpZiB5b3VyIGhvbWUgcXVhbGlmaWVzITwvaDE-PGgxPkZSRUUgRXhwZXJ0IFNvbGFyIFF1b3RlPC9oMT4&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Server

34.202.82.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-82-185.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:12:06 GMT
x-pixel-event-id: f5be50bb-8ed5-46fa-876a-8084abe667f1
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 04c81fa8b0eafc9d
request-time: 0
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Mon, 18 Apr 2022 02:12:06 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1650247925307&aid=a-06d6&se=e30&duid=d17190cb7205--01g0x71zgg3sxbcest9m45nky2&tna=v2.3.0&pu=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940&wpn=lc-bundle&c=PHRpdGxlPkhlc3NlIFByb2dyYW0gT2ZmZXJzIEh1Z2UgU29sYXIgSW5jZW50aXZlczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkVudGVyIGJhc2ljIGluZm9ybWF0aW9uIHRvIHNlZSBpZiB5b3VyIGhvbWUgcXVhbGlmaWVzISI-PGgxIGNsYXNzPSJmdTd5Y3EtMCBmaGFYV0siPkhlc3NlIFByb2dyYW0gT2ZmZXJzIEh1Z2UgU29sYXIgSW5jZW50aXZlczwvaDE-PGgxIGNsYXNzPSJmdTd5Y3EtMSBqbHhJUlIiPkVudGVyIGJhc2ljIGluZm9ybWF0aW9uIHRvIHNlZSBpZiB5b3VyIGhvbWUgcXVhbGlmaWVzITwvaDE-PGgxPkZSRUUgRXhwZXJ0IFNvbGFyIFF1b3RlPC9oMT4&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.energybillcruncher.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 74d21dbbd56bfdd6
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2 204 unip Show response
trc-events.taboola.com/1027940/log/3/ 0
255 B 83ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1027940/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=100&ssd=1&est=1650247924846&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1650247926400&vi=1650247924842&ri=d2767c96ee40d65b2838debc377e640b&ref=null&cv=20220417-4-RELEASE&item-url=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1027940/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.energybillcruncher.com
pragma: no-cache
date: Mon, 18 Apr 2022 02:12:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1234288/log/3/ 0
254 B 83ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1234288/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=100&ssd=1&est=1650247924846&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1650247926401&vi=1650247924842&ri=c7d7aa9857c3d5bcec1d20d1c576dcbc&ref=null&cv=20220417-4-RELEASE&item-url=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1027940/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.energybillcruncher.com
pragma: no-cache
date: Mon, 18 Apr 2022 02:12:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1152473408251609&ev=Microdata&dl=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940&rl=&if=false&ts=1650247926603&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hesse%20Program%20Offers%20Huge%20Solar%20Incentives%22%2C%22meta%3Adescription%22%3A%22Enter%20basic%20information%20to%20see%20if%20your%20home%20qualifies!%22%2C%22meta%3Akeywords%22%3A%22solar%2C%20panels%2C%20energy%2C%20power%2C%20bill%2C%20system%2C%20government%2C%20incentives%2C%20tax%2C%20credits%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1650247925096.1443783455&it=1650247924814&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:12:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 18 Apr 2022 02:12:07 GMT

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16502479268090.39345237287900847
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16502479268090.39345237287900847

8 KB
4 KB

198ms
144ms

Script
application/javascript

2600:9000:2156:8800:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16502479268090.39345237287900847
Requested by: Host: www.energybillcruncher.com
URL: https://www.energybillcruncher.com/la/?tg_ref=ebc_id_em&camp_id=meter&keyword=email&sub2=821586&imclid=686080940
Protocol: H2
Server: 2600:9000:2156:8800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 734ecf1e1e95104e21eb85f5982ba8d2834c22e94e6b95be0907d7b2b2c01ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:12:08 GMT
content-encoding: gzip
last-modified: Tue, 12 Apr 2022 17:20:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"068866d58fa4ccc9027a3dcbe7c80d2b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
x-amz-version-id: P9B3EU2JsBPN3eWFwQJ8SiX0d_bUZ._E
x-amz-cf-id: DeBN_zU40g5l8T9nf9to7OdBTjnrkJ_w8--aCYyU51HICmo3Nh3siA==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16502479268090.39345237287900847
date: Mon, 18 Apr 2022 02:12:07 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 8692495f-a9c0-1480-0b3a-7c60671290ef.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 632ms
466ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/8692495f-a9c0-1480-0b3a-7c60671290ef.js?snippet_version=2
Requested by: Host: d3bnsjl54t3oyq.cloudfront.net
URL: https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32030d39e88f1323f7dbb5b16d3d6c6d559cdf142700df9bcbbb4cf3213618f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:12:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 12 Nov 2021 01:02:15 GMT
server: cloudflare
x-amz-request-id: XBPXJDSV9SJRZT5N
etag: W/"6ec087c26ae67279c153fb3776a29494"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 6fd9dfabfa0923f7-ZRH
x-amz-version-id: HtLZqVvk20orT4Nvq4B8c0qlJuc0taM1
x-amz-id-2: PAI21gpyirTf176mJcG2jnM18UhEo6VDAbrxTYXA9ZLs3uk/eYJT88jwEA9afm0X3uAIIibBgDc=

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
458 B 272ms
119ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o6gei&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=f08187ec-d1cb-4c58-b5d9-79a880a64a82&tw_document_href=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 18 Apr 2022 02:12:06 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 9ec6483fe1e6febbe745b38acf4f276b9e7504e069e5a30ad7bd2ce07e5bc154
content-type: application/javascript;charset=utf-8
content-length: 57

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
658 B 357ms
143ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=17e7743d-242d-4241-96ee-61fbf1b04423&_=932129723

Requested by

Host: d3bnsjl54t3oyq.cloudfront.net
URL: https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

54d2c3b30517e62def5a6ec6159de0e4f598266bc29233b6c40a15b3938bf620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.energybillcruncher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Apr 2022 02:12:08 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 494 B
705 B 288ms
97ms XHR
application/json 54.160.222.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: d3bnsjl54t3oyq.cloudfront.net
URL: https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.222.255 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-222-255.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 11fc7654a247d545ce8f62d1f54812c92b4c82a69511ece37015ba40c23b9390

Request headers

Referer: https://www.energybillcruncher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Apr 2022 02:12:08 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 494

GET
H2 200 trustedform-1.8.23.js Show response
cdn.trustedform.com/ 95 KB
35 KB 129ms
128ms Script
application/javascript 2600:9000:2156:8800:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.23.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16502479268090.39345237287900847
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa7ff42af599e7df54741194f2830fec5942d7dacd208defd1daa9531b249fc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: lMOeOizl_ClyFVVEReU0pJ9PRIY4IaCP
content-encoding: gzip
last-modified: Tue, 12 Apr 2022 17:20:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"3d18f09722401f78485389cbd700fd6a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
date: Mon, 18 Apr 2022 02:12:09 GMT
x-amz-cf-id: Lt0b6U_UyAKDM2LCTmNk4sjK1ulZqiIWcfbJ4FzDymbfYUVoWkB7uw==

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 9DB3 3 KB
2 KB 37ms
7ms Document
text/html 143.204.101.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=B4E2863F-D451-B9DA-92E7-71EB39203AE1&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=8692495F-A9C0-1480-0B3A-7C60671290EF&lac=AD66E999-BB91-DB9B-9DA1-F7C0173D38D9

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/8692495f-a9c0-1480-0b3a-7c60671290ef.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.219 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-219.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.energybillcruncher.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 78018
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 17 Apr 2022 04:31:50 GMT
ETag: W/"62447315-dbb"
Last-Modified: Wed, 30 Mar 2022 15:11:17 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Bi8h8YypRfX-PjSBQFClM8pmt9ZJVqDyyE67UMBEOa1pxxY2STLB7Q==
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
622 B 99ms
99ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=17e7743d-242d-4241-96ee-61fbf1b04423&token=B4E2863F-D451-B9DA-92E7-71EB39203AE1&_=932129724

Requested by

Host: d3bnsjl54t3oyq.cloudfront.net
URL: https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.energybillcruncher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Apr 2022 02:12:08 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 100ms
99ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=17e7743d-242d-4241-96ee-61fbf1b04423&token=B4E2863F-D451-B9DA-92E7-71EB39203AE1&_=932129725

Requested by

Host: d3bnsjl54t3oyq.cloudfront.net
URL: https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.energybillcruncher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Apr 2022 02:12:08 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 snapshot Show response
api.trustedform.com/certs/f7d9139c6a6f8339363d22a0374268f681c420a1/ 0
159 B 198ms
198ms XHR
text/plain 54.160.222.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f7d9139c6a6f8339363d22a0374268f681c420a1/snapshot
Requested by: Host: d3bnsjl54t3oyq.cloudfront.net
URL: https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.222.255 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-222-255.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.energybillcruncher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 02:12:08 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H2 200 EBCLogoGreen.svg
d3bnsjl54t3oyq.cloudfront.net/img/v3/ 7 KB
3 KB 11ms
10ms Image
image/svg+xml 2600:9000:2156:1c00:15:f7f:8880:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3bnsjl54t3oyq.cloudfront.net/img/v3/EBCLogoGreen.svg

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.23.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1c00:15:f7f:8880:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

96100bfb0c7746ad7d180dface5d812826e266581fea6efe6219d581a7e60545

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 11:20:03 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 53525
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
last-modified: Tue, 12 Apr 2022 21:22:02 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: EC7IjDs3Ck1Qm43T-eCF3PilOpUuhxf7Z8mFmJij2slt9n3qk3sIvg==

GET
H2 200 icon-ssl-lock.png
d3bnsjl54t3oyq.cloudfront.net/img/ 2 KB
2 KB 10ms
9ms Image
image/png 2600:9000:2156:1c00:15:f7f:8880:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3bnsjl54t3oyq.cloudfront.net/img/icon-ssl-lock.png

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.23.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1c00:15:f7f:8880:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

60078dc06ec56032606db4349c28c363f48b2332bfa62ec8436c6bf1c404e0f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 11:49:45 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
last-modified: Tue, 12 Apr 2022 21:22:02 GMT
server: nginx/1.20.0
age: 51743
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
content-length: 1677
x-amz-cf-id: wsyC1f53eN0IF5BxDVBrNR6JBuWE-N9tEiBtaMLigL1T-sREjPBGNg==

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
376 B 35ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.23.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 02:12:08 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 18 Apr 2022 02:12:08 GMT

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/f7d9139c6a6f8339363d22a0374268f681c420a1/ 0
159 B 191ms
190ms XHR
text/plain 54.160.222.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f7d9139c6a6f8339363d22a0374268f681c420a1/fingerprints
Requested by: Host: d3bnsjl54t3oyq.cloudfront.net
URL: https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.222.255 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-222-255.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.energybillcruncher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 02:12:08 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H2 200 bg-tile-2-1.svg
d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/img/ 25 KB
6 KB 47ms
46ms Image
image/svg+xml 2600:9000:2156:1c00:15:f7f:8880:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/img/bg-tile-2-1.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1c00:15:f7f:8880:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

0507c55f4ab35e183e63a1ee5a9fdac0054b04549754e5a98cadc3833ff87e9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 17:53:26 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 29922
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 00:07:31 GMT
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: PuTOTx8XB1LE5kfrQ2l5bqr7jjP1txOCUXDM4K1dDpuIiId0DLb0eQ==

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 103ms
103ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=4&pid=17e7743d-242d-4241-96ee-61fbf1b04423&token=B4E2863F-D451-B9DA-92E7-71EB39203AE1&_=932129726

Requested by

Host: d3bnsjl54t3oyq.cloudfront.net
URL: https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.energybillcruncher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Apr 2022 02:12:09 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
621 B 857ms
608ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=5&pid=17e7743d-242d-4241-96ee-61fbf1b04423&token=B4E2863F-D451-B9DA-92E7-71EB39203AE1&_=932129727

Requested by

Host: d3bnsjl54t3oyq.cloudfront.net
URL: https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.energybillcruncher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Apr 2022 02:12:09 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 75CE 4 KB
2 KB 336ms
97ms Document
text/html 34.232.148.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=B4E2863F-D451-B9DA-92E7-71EB39203AE1&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=8692495F-A9C0-1480-0B3A-7C60671290EF&lac=AD66E999-BB91-DB9B-9DA1-F7C0173D38D9
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=B4E2863F-D451-B9DA-92E7-71EB39203AE1&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=8692495F-A9C0-1480-0B3A-7C60671290EF&lac=AD66E999-BB91-DB9B-9DA1-F7C0173D38D9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.148.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-148-15.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Mon, 18 Apr 2022 02:12:09 GMT
etag: W/"62446bcd-1049"
expires: Tue, 19 Apr 2022 02:12:09 GMT
last-modified: Wed, 30 Mar 2022 14:40:13 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
621 B 855ms
805ms XHR
text/plain 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=6&pid=17e7743d-242d-4241-96ee-61fbf1b04423&token=B4E2863F-D451-B9DA-92E7-71EB39203AE1&_=932129728

Requested by

Host: d3bnsjl54t3oyq.cloudfront.net
URL: https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.energybillcruncher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Apr 2022 02:12:09 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 75CE 0
625 B 300ms
108ms Script
text/javascript 54.172.138.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=AD66E999-BB91-DB9B-9DA1-F7C0173D38D9&lck=8692495F-A9C0-1480-0B3A-7C60671290EF&methods=48&token=B4E2863F-D451-B9DA-92E7-71EB39203AE1&uuid=6a005afb2d2e4571bc5f858688976d10

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=B4E2863F-D451-B9DA-92E7-71EB39203AE1&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=8692495F-A9C0-1480-0B3A-7C60671290EF&lac=AD66E999-BB91-DB9B-9DA1-F7C0173D38D9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.138.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-138-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:12:09 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/f7d9139c6a6f8339363d22a0374268f681c420a1/ 0
159 B 396ms
395ms XHR
text/plain 54.160.222.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f7d9139c6a6f8339363d22a0374268f681c420a1/events
Requested by: Host: d3bnsjl54t3oyq.cloudfront.net
URL: https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.222.255 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-222-255.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.energybillcruncher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 02:12:09 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H2 204 unip Show response
trc-events.taboola.com/1027940/log/3/ 0
254 B 34ms
33ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1027940/log/3/unip?en=pre_d_eng_tb&tos=4553&scd=100&ssd=1&est=1650247924846&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1650247929401&vi=1650247924842&ri=d2767c96ee40d65b2838debc377e640b&ref=null&cv=20220417-4-RELEASE&item-url=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940
Requested by: Host: d3bnsjl54t3oyq.cloudfront.net
URL: https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.energybillcruncher.com
pragma: no-cache
date: Mon, 18 Apr 2022 02:12:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1234288/log/3/ 0
254 B 34ms
34ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1234288/log/3/unip?en=pre_d_eng_tb&tos=4554&scd=100&ssd=1&est=1650247924846&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1650247929402&vi=1650247924842&ri=c7d7aa9857c3d5bcec1d20d1c576dcbc&ref=null&cv=20220417-4-RELEASE&item-url=https%3A%2F%2Fwww.energybillcruncher.com%2Fla%2F%3Ftg_ref%3Debc_id_em%26camp_id%3Dmeter%26keyword%3Demail%26sub2%3D821586%26imclid%3D686080940
Requested by: Host: d3bnsjl54t3oyq.cloudfront.net
URL: https://d3bnsjl54t3oyq.cloudfront.net/~_~static-assets/1898/bundle/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.energybillcruncher.com
pragma: no-cache
date: Mon, 18 Apr 2022 02:12:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/9/intl/de_ALL/ 78 KB
29 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/9/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBJ-xDlhTqTJi1gxvsLS_DXz9YjsvgSB4w&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb1c2c4a8912328ca07d962f0e3d397a8b06665f69edb55c786cc5976c1fe7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 18:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 373376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29208
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 18:30:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 18:29:14 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/9/intl/de_ALL/ 308 KB
92 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/9/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBJ-xDlhTqTJi1gxvsLS_DXz9YjsvgSB4w&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1ec942e229f6b8a3adf2c2eab73b47b951e4fd405cb3b805209c0f59b4a44ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energybillcruncher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 18:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 373376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93778
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 18:30:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 18:29:14 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.energybillcruncher.com/	1970-01-20 19:55:19	Name: visitorId Value: 3847cf18-eaa6-4044-beb0-d397cb98c533
www.energybillcruncher.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3Anzk5XYV1k4LlTDwuPk-le5Uj45PebK09.lMZz5n3p%2ByMCjYAGrT37%2FgST11DbJrvWU5Yg7Y3tZF4
.energybillcruncher.com/	1970-01-20 04:33:43	Name: _gcl_au Value: 1.1.628362413.1650247925
.bing.com/	1970-01-20 11:45:43	Name: MUID Value: 216A683BE8C86686385179B1E9A367A0
.energybillcruncher.com/	1970-01-20 04:33:43	Name: _fbp Value: fb.1.1650247925096.1443783455
.facebook.com/	1970-01-20 04:33:43	Name: fr Value: 0ZwZ02Zide4ZwVFvj..BiXMj1...1.0.BiXMj1.
.yahoo.com/	1970-01-20 11:10:05	Name: A3 Value: d=AQABBPXIXGICECqYwUvX-GYQNcwZioG3nLIFEgEBAQEaXmJmYgAAAAAA_eMAAA&S=AQAAAmZc-Cq7MMbVmOov0EwmXSk
.energybillcruncher.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .energybillcruncher.com
.energybillcruncher.com/	1970-01-20 19:55:19	Name: _lc2_fpi Value: d17190cb7205--01g0x71zgg3sxbcest9m45nky2
www.energybillcruncher.com/	1970-01-20 02:24:08	Name: outbrain_cid_fetch Value: true
.t.co/	1970-01-20 19:55:19	Name: muc_ads Value: 1f37c75d-735c-47eb-94e9-235040663472
.liadm.com/	1970-01-20 19:55:19	Name: lidid Value: 517c73a2-bd5a-4141-aa82-7efb5200d696
.twitter.com/	1970-01-20 19:55:19	Name: personalization_id Value: "v1_soY38gBrLJCFapIDN4VXLw=="
www.energybillcruncher.com/	1970-01-20 02:24:08	Name: leadid_token-AD66E999-BB91-DB9B-9DA1-F7C0173D38D9-8692495F-A9C0-1480-0B3A-7C60671290EF Value: B4E2863F-D451-B9DA-92E7-71EB39203AE1
.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: 6a005afb2d2e4571bc5f858688976d10

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
api.trustedform.com
b-code.liadm.com
bat.bing.com
cdn.taboola.com
cdn.trustedform.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
d3bnsjl54t3oyq.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
rp.liadm.com
rp4.liadm.com
s.yimg.com
sp.analytics.yahoo.com
static.ads-twitter.com
t.co
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
www.energybillcruncher.com
www.facebook.com
www.googletagmanager.com
104.104.52.82
104.244.42.131
104.244.42.5
141.226.228.48
143.204.101.219
151.101.65.44
199.232.188.157
212.82.100.181
23.35.237.86
2600:1f18:730:b140:f378:e5c6:1d9e:4c3
2600:9000:2156:1c00:15:f7f:8880:21
2600:9000:2156:8800:1c:7f1a:6680:93a1
2600:9000:224a:8a00:8:8845:1500:93a1
2606:4700:10::ac43:29e5
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:801::200a
2a00:1450:4001:810::200a
2a00:1450:4001:812::2008
2a00:1450:4001:828::2003
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.202.82.185
34.232.148.15
54.160.222.255
54.172.138.183
54.186.135.21
70.42.32.223
046686877f5c19dd2f4d3b0e3486b09d2137721745b6199f439e78f43e5e4ce9
0507c55f4ab35e183e63a1ee5a9fdac0054b04549754e5a98cadc3833ff87e9b
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11fc7654a247d545ce8f62d1f54812c92b4c82a69511ece37015ba40c23b9390
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1fcdfa05931397f6edc1af260ae44b8be7df2a807ddf99e025c0b0a7c38df5d6
25ffa4815e09d3976d20b2557a355ad0928a346500d797acf537ba7812bb97fa
2b9a5f94514674e0dcfb508507e5716e2542a587398f6bf511ed5a63b0423f49
32030d39e88f1323f7dbb5b16d3d6c6d559cdf142700df9bcbbb4cf3213618f9
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
54d2c3b30517e62def5a6ec6159de0e4f598266bc29233b6c40a15b3938bf620
60078dc06ec56032606db4349c28c363f48b2332bfa62ec8436c6bf1c404e0f1
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
734ecf1e1e95104e21eb85f5982ba8d2834c22e94e6b95be0907d7b2b2c01ab5
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8e29704f0f01bc021b40be2f3554e3308dd1c5d53725e881fb731ae426c53cb9
8e6c86a3c50adf1d9c8b7100ea02170c72e5a9ee80f2a0f16da6d874cab9cd91
9048aabba091c5ba6809b1bf0f29d383af1772fa68570853d84a0e2a047d342b
96100bfb0c7746ad7d180dface5d812826e266581fea6efe6219d581a7e60545
aa7ff42af599e7df54741194f2830fec5942d7dacd208defd1daa9531b249fc0
ac35c1aaadd50f51ecaf0ae44158872c5f9d835e78ac87f382d12065c0439aed
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1ec942e229f6b8a3adf2c2eab73b47b951e4fd405cb3b805209c0f59b4a44ab
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
bb1c2c4a8912328ca07d962f0e3d397a8b06665f69edb55c786cc5976c1fe7d3
c99d2bb5c902097d992e7af30789a8c698225f9172533abe618173913ded14a4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d695a08ac2eae0474a26a6d1b90c4b536f6f65c1f1364ff1815bed3fb22d3182
da3461c79e89f5cf3e97d65a347d5df96b1d0d3fa169998cec6c188c55a19bdd
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df4e4466cfd6788a80857f67f69119371d69dbe1a1d0c678ffdf52ace5d0668e
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7373183856ebb881cab770e921c0c127b4afe9b48ddaf15f4ce09dca92effa0
e8e4a09180ead2da5995d3d1cb8bb1550d554b4075d4cc0e3a0134d834d69cb8
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

www.energybillcruncher.com Open in urlscan Pro 54.186.135.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

95 %HTTPS

46 %IPv6

21 Domains

29 Subdomains

28 IPs

6 Countries

899 kBTransfer

2763 kBSize

15 Cookies

0 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.energybillcruncher.com Open in urlscan Pro
54.186.135.21 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

95 %
HTTPS

46 %
IPv6

21
Domains

29
Subdomains

28
IPs

6
Countries

899 kB
Transfer

2763 kB
Size

15
Cookies

63 HTTP transactions
1 data transactions