urlscan.io logo urlscan.io
SecurityTrails logo

windows.roiverifyhub.com Open in urlscan Pro
34.120.230.5  Public Scan

Go To Rescan Add Verdict Report
URL: https://windows.roiverifyhub.com/
Submission: On October 12 via automatic, source rescanner — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 19 domains to perform 41 HTTP transactions. The main IP is 34.120.230.5, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is windows.roiverifyhub.com.
TLS certificate: Issued by R3 on October 12th 2022. Valid for: 3 months.
This is the only time windows.roiverifyhub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    34.120.230.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.230.120.34.bc.googleusercontent.com
windows.roiverifyhub.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    52.217.16.220 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
visiqua-flipforms-production.s3.amazonaws.com
1    2a00:1450:400c:c06::52 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
jqueryjs.googlecode.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
4    34.197.244.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-244-247.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:2057:a600:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:3c01::f03c:91ff:fe79:43b (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
jsonip.com
7    18.214.230.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-230-128.compute-1.amazonaws.com
create.leadid.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.32.23.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-67.fra56.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1    54.85.58.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-58-125.compute-1.amazonaws.com
deviceid.trueleadid.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
7 leadid.com
create.leadid.com — Cisco Umbrella Rank: 23778
4 KB
6 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 34408
cdn.trustedform.com — Cisco Umbrella Rank: 40911
41 KB
6 roiverifyhub.com
windows.roiverifyhub.com
145 KB
3 gstatic.com
fonts.gstatic.com
39 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 358
20 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 115
222 B
2 jsonip.com
jsonip.com — Cisco Umbrella Rank: 37865
826 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 203
111 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
124 KB
2 amazonaws.com
visiqua-flipforms-production.s3.amazonaws.com
48 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 393
616 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 720
14 KB
1 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 25478
2 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2144
354 B
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 38898
38 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
1 KB
1 googlecode.com
jqueryjs.googlecode.com
0 ip-api.com Failed
ip-api.com Failed
41 19
Domain Requested by
7 create.leadid.com create.lidstatic.com
deviceid.trueleadid.com
6 windows.roiverifyhub.com 2 redirects windows.roiverifyhub.com
4 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
3 fonts.gstatic.com fonts.googleapis.com
3 cdnjs.cloudflare.com windows.roiverifyhub.com
2 www.facebook.com windows.roiverifyhub.com
2 jsonip.com windows.roiverifyhub.com
2 connect.facebook.net windows.roiverifyhub.com
connect.facebook.net
2 cdn.trustedform.com windows.roiverifyhub.com
api.trustedform.com
2 www.googletagmanager.com windows.roiverifyhub.com
www.googletagmanager.com
2 visiqua-flipforms-production.s3.amazonaws.com windows.roiverifyhub.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com windows.roiverifyhub.com
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 region1.google-analytics.com www.googletagmanager.com
1 create.lidstatic.com windows.roiverifyhub.com
1 fonts.googleapis.com windows.roiverifyhub.com
1 jqueryjs.googlecode.com windows.roiverifyhub.com
0 ip-api.com Failed windows.roiverifyhub.com
41 20

This site contains no links.

Subject Issuer Validity Valid
windows.roiverifyhub.com
R3		 2022-10-12 -
2023-01-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.googlecode.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3		 2022-03-30 -
2023-03-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-22 -
2022-10-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
jsonip.com
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
create.leadid.com
Amazon		 2022-09-21 -
2023-10-19		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
deviceid.trueleadid.com
Amazon		 2022-01-07 -
2023-02-05		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.trustedform.com
Amazon		 2022-09-11 -
2023-10-09		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
cdn.trustedform.com
Amazon		 2022-04-14 -
2023-05-13		 a year crt.sh

This page contains 3 frames:

Primary Page: https://windows.roiverifyhub.com/
Frame ID: 3EFDC35C370B3B863131B73866D0091E
Requests: 39 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7C7F6F26-EDA7-A075-EC32-7C6FA1E5EEA5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=AF5EE6E1-073E-F239-0D14-B1007DA075F4&lac=FF5884E6-790E-0E5B-578F-D2502BC2C800
Frame ID: 3C6FA0F9A023FF3EA8EDEF24F65F6465
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=7C7F6F26-EDA7-A075-EC32-7C6FA1E5EEA5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=AF5EE6E1-073E-F239-0D14-B1007DA075F4&lac=FF5884E6-790E-0E5B-578F-D2502BC2C800
Frame ID: 5879FF1995E3ED4D8B08E03698CD2414
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Your Homes Windows

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

90 %
HTTPS

58 %
IPv6

19
Domains

20
Subdomains

20
IPs

3
Countries

600 kB
Transfer

1625 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://windows.roiverifyhub.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdlFMIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--0fca08aceada3da5b69cc4222d087447b1fc8611/windows_logo.png HTTP 302
  • https://visiqua-flipforms-production.s3.amazonaws.com/mdpme9llzoopn2jabngz6trrxxeg?response-content-disposition=inline%3B%20filename%3D%22windows_logo.png%22%3B%20filename%2A%3DUTF-8%27%27windows_logo.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZGUYEECWN%2F20221012%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221012T232125Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9083eed69c4edda6d3f001d4afdd5d6f7d902e46e56032c70157ac500742f3f1
Request Chain 11
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16656168856880.5959174293803922&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16656168856880.5959174293803922&invert_field_sensitivity=false
Request Chain 35
  • https://windows.roiverifyhub.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdlFMIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--0fca08aceada3da5b69cc4222d087447b1fc8611/windows_logo.png HTTP 302
  • https://visiqua-flipforms-production.s3.amazonaws.com/mdpme9llzoopn2jabngz6trrxxeg?response-content-disposition=inline%3B%20filename%3D%22windows_logo.png%22%3B%20filename%2A%3DUTF-8%27%27windows_logo.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZGUYEECWN%2F20221012%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221012T232127Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=e96066892164d1db2312e73d22ea2d2cd76f44fe99a22bef9838f159d260b2c2

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
windows.roiverifyhub.com/ 		38 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windows.roiverifyhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.230.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.230.120.34.bc.googleusercontent.com
Software
Caddy Qloaked /
Resource Hash
482ff04bb821bd0233eef3a66a4bd4ce872ab66a5f86169a4fed76f4d6019e2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-length
39204
content-type
text/html; charset=utf-8
date
Wed, 12 Oct 2022 23:21:24 GMT
etag
W/"482ff04bb821bd0233eef3a66a4bd4ce"
referrer-policy
strict-origin-when-cross-origin
server
Caddy Qloaked
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-qloaked-clientip
37.58.58.250
x-request-id
9dc9fd30-fe6a-4245-a73d-f693342a7729
x-runtime
0.153024
x-xss-protection
1; mode=block
application-c8e3caff800260c7271b53dbff9406c022f36c561407e42f3eaef37d11602d2a.css
windows.roiverifyhub.com/assets/frontend/ 		161 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windows.roiverifyhub.com/assets/frontend/application-c8e3caff800260c7271b53dbff9406c022f36c561407e42f3eaef37d11602d2a.css
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.230.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.230.120.34.bc.googleusercontent.com
Software
Caddy, Qloaked /
Resource Hash
c8e3caff800260c7271b53dbff9406c022f36c561407e42f3eaef37d11602d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 23:21:24 GMT
content-encoding
gzip
via
1.1 vegur
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 16 Feb 2022 19:41:13 GMT
server
Caddy, Qloaked
x-qloaked-clientip
37.58.58.250
vary
Accept-Encoding
content-type
text/css
content-length
28200
theme1-3c2efee2d2cd465374eacf6bee61ec76580a4746e8795bf362b923ccca2bf1d4.css
windows.roiverifyhub.com/assets/themes/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windows.roiverifyhub.com/assets/themes/theme1-3c2efee2d2cd465374eacf6bee61ec76580a4746e8795bf362b923ccca2bf1d4.css
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.230.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.230.120.34.bc.googleusercontent.com
Software
Caddy, Qloaked /
Resource Hash
3c2efee2d2cd465374eacf6bee61ec76580a4746e8795bf362b923ccca2bf1d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 23:21:24 GMT
content-encoding
gzip
via
1.1 vegur
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 17 Nov 2021 17:22:26 GMT
server
Caddy, Qloaked
x-qloaked-clientip
37.58.58.250
vary
Accept-Encoding
content-type
text/css
content-length
1282
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://windows.roiverifyhub.com/
Origin
https://windows.roiverifyhub.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 23:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2000957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15508
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-d04c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4BNh%2BAkIcidgGAJl9ZukiCUqYXRUIqdjekw4apL1DINaFb%2BsxCCQCkE5SeRcc9tyOQh%2FHCZjD%2F9tpScNnfk1Hzji8eLbSLWehst4L614zElJ0PSgiAAVC9bOlcm6YTTZQHH9MntIuS5M5zPaN6ZyxXN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7593925d4cd49235-FRA
expires
Mon, 02 Oct 2023 23:21:25 GMT
application-ba4a9af22c0d9b4924384805889271a09d9d9fa354b3b9c3419d19f28a26bdd0.js
windows.roiverifyhub.com/assets/frontend/ 		251 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows.roiverifyhub.com/assets/frontend/application-ba4a9af22c0d9b4924384805889271a09d9d9fa354b3b9c3419d19f28a26bdd0.js
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.230.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.230.120.34.bc.googleusercontent.com
Software
Caddy, Qloaked /
Resource Hash
ba4a9af22c0d9b4924384805889271a09d9d9fa354b3b9c3419d19f28a26bdd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 23:21:24 GMT
content-encoding
gzip
via
1.1 vegur
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 14 Feb 2022 16:03:57 GMT
server
Caddy, Qloaked
x-qloaked-clientip
37.58.58.250
vary
Accept-Encoding
content-type
application/javascript
content-length
77244
mdpme9llzoopn2jabngz6trrxxeg
visiqua-flipforms-production.s3.amazonaws.com/
Redirect Chain
  • https://windows.roiverifyhub.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdlFMIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--0fca08aceada3da5b69cc4222d087447b1fc8611/windows_logo.png
  • https://visiqua-flipforms-production.s3.amazonaws.com/mdpme9llzoopn2jabngz6trrxxeg?response-content-disposition=inline%3B%20filename%3D%22windows_logo.png%22%3B%20filename%2A%3DUTF-8%27%27windows_l...
23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visiqua-flipforms-production.s3.amazonaws.com/mdpme9llzoopn2jabngz6trrxxeg?response-content-disposition=inline%3B%20filename%3D%22windows_logo.png%22%3B%20filename%2A%3DUTF-8%27%27windows_logo.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZGUYEECWN%2F20221012%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221012T232125Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9083eed69c4edda6d3f001d4afdd5d6f7d902e46e56032c70157ac500742f3f1
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
HTTP/1.1
Server
52.217.16.220 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b6f299e2527eeba0c855fddbb9a6cbfe833c7e1189366105bb7e5d7365c522bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 23:21:27 GMT
Last-Modified
Tue, 09 Aug 2022 11:32:42 GMT
Server
AmazonS3
x-amz-request-id
EMY1J4GA4SNAP8AA
ETag
"73d4f3a4a7bd7d9a6456585e38e3ee01"
Content-Type
image/png
Content-Disposition
inline; filename="windows_logo.png"; filename*=UTF-8''windows_logo.png
Accept-Ranges
bytes
Content-Length
23882
x-amz-id-2
ouoa091g/IbOkg96WTu7ANBjSTFWyhR7M20ohcsbzBpr8I3R6K7yj/w9+0cjSioNpSKFLVu7sJ4=

Redirect headers

date
Wed, 12 Oct 2022 23:21:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-qloaked-clientip
37.58.58.250
via
1.1 vegur
x-permitted-cross-domain-policies
none
content-length
598
x-xss-protection
1; mode=block
x-request-id
9a9654db-3a1e-4d24-8277-706f3907ce9b
x-runtime
0.007613
referrer-policy
strict-origin-when-cross-origin
server
Caddy, Qloaked
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
https://visiqua-flipforms-production.s3.amazonaws.com/mdpme9llzoopn2jabngz6trrxxeg?response-content-disposition=inline%3B%20filename%3D%22windows_logo.png%22%3B%20filename%2A%3DUTF-8%27%27windows_logo.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZGUYEECWN%2F20221012%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221012T232125Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9083eed69c4edda6d3f001d4afdd5d6f7d902e46e56032c70157ac500742f3f1
cache-control
max-age=300, private
jquery-1.3.2.min.js
jqueryjs.googlecode.com/files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://jqueryjs.googlecode.com/files/jquery-1.3.2.min.js
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::52 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
hmac-sha1.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/hmac-sha1.js
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373015d4e34dbf73ecb406228a102a191bf689ab1531ad0afa629e97b6a4a7bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 23:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15709737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1833
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-1332"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQN8rHGzFsmSTWOtpkBZ2dXep7gaX%2FNUzojbQQAYXu5Us2jFQsPgmHmFFXkVLo41LevaF2CzYaVBNvmIFhJEbYlDHRgeKtIjLMEJ%2BtLnhrfgeTwH239kh2QasWruqhF0Hq%2FSbFLRfbRJQpbGQ%2BuJ2MT4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7593925f1ee29969-FRA
expires
Mon, 02 Oct 2023 23:21:25 GMT
enc-base64.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/enc-base64.js
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e337112ff57db84347ffaaf07622bb6b2b8a74fef331897bc80bb10e8fb8eec2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 23:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6061095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
893
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-d0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyY0m7SA0MlxU7LB5XtqQlE3cf4vyS5nIjQPy31SVJqIENICCZJILzpADpkaUOy%2BIO0jDPW3YVD91rJp5RO9%2BRTeL3Gg0XM8oPK7Dun4m1MbNPYwmw0jgiyVQFWsDQASq5P2XqUbtW70SxJYP9c5Rvk0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7593925f6f2b9969-FRA
expires
Mon, 02 Oct 2023 23:21:25 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/assets/themes/theme1-3c2efee2d2cd465374eacf6bee61ec76580a4746e8795bf362b923ccca2bf1d4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b28bb10d1b574db881cdd742dbe4593c1344f78e3ba378350c51cbfcaec51da1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Oct 2022 23:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 23:19:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Oct 2022 23:21:25 GMT
gtm.js
www.googletagmanager.com/ 		121 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MQN8MQ
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
469395565369d8bc1f6b3867112736f2daf6171d6fdf15ee70423f293656300b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 23:21:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48493
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 21:52:49 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Oct 2022 23:21:25 GMT
af5ee6e1-073e-f239-0d14-b1007da075f4.js
create.lidstatic.com/campaign/ 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/af5ee6e1-073e-f239-0d14-b1007da075f4.js?snippet_version=2
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bef43d0996aec37902ee18b71198d3c0c6924d563de30b4d21b92d683327a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 23:21:25 GMT
x-amz-version-id
K4Z4OvvujpQr6Jm_kLo8EhzeQ6hvpCnT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
8M65DG7S9QVAVHES
age
66
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
QaYv+DuIuSEXBHtJdAEzZGr3KEXIiCdi9/GPc4DYxOM9RReKorneu1o72yFPVDZukA816PtNyA8=
last-modified
Fri, 27 May 2022 16:14:22 GMT
server
cloudflare
etag
W/"0e58abe50d8fa1dbf9bccb8ae21d1ef3"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
cf-ray
7593925fbaa05c20-FRA
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16656168856880.5959174293803922&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16656168856880.5959174293803922&invert_field_sensitivity=false
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16656168856880.5959174293803922&invert_field_sensitivity=false
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
H2
Server
2600:9000:2057:a600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d80f782c175ee34155d9df75ffb2ebeff7e968fa049ed143ccf65e517a5c1b9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 23:21:27 GMT
x-amz-version-id
to7EtxbNw4wTQ51GTUC55F9UIeZCxiGL
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 18:12:40 GMT
server
AmazonS3
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"ba4b583161aee0d60d41a21495f9f7f2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
l8bh2h4HwMXKwLuq-8Elj1FbTgay253L3TGIEPfNGCzuAfBMvDE9zA==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16656168856880.5959174293803922&invert_field_sensitivity=false
date
Wed, 12 Oct 2022 23:21:25 GMT
server
awselb/2.0
content-length
134
content-type
text/html
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Oct 2022 23:21:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26852
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
kWpzIPIZIZIPQu62Gp1SDfhAciLmVL5itLFtnt0tsqyX8i9fvICvR0KOdI5fq5wd0ETkh4fEtzX1okc30ttIiA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://windows.roiverifyhub.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 16:24:40 GMT
x-content-type-options
nosniff
age
111405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 16:24:40 GMT
/
jsonip.com/ 		112 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jsonip.com/
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c01::f03c:91ff:fe79:43b Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
438ba10e1e3c24e32b388d8f09a955ee334c321fe4146f13222e4b9a1633f454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 23:21:26 GMT
Strict-Transport-Security
max-age=31536000;
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
/
jsonip.com/ 		112 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jsonip.com/
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c01::f03c:91ff:fe79:43b Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
438ba10e1e3c24e32b388d8f09a955ee334c321fe4146f13222e4b9a1633f454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 23:21:26 GMT
Strict-Transport-Security
max-age=31536000;
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
1115942002528141
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1115942002528141?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c1bfe643c6f2d355d3703fcad6069fba461eb335c459543ffedc21cb3e17e5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Oct 2022 23:21:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
z5RLRoDowK4zKVRVcnx8ZKqCcIAG04JTOHqM6D56jjM15pbmj1mhXZ4SOaUqnBumYkttPSyL8wysD8pyT4lfDg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
GenerateToken
create.leadid.com/2.11.11/ 		36 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.11/GenerateToken?msn=1&pid=e5acd92e-dea3-4e85-9541-48218f2e3eec&_=268951508
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/af5ee6e1-073e-f239-0d14-b1007da075f4.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.230.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-230-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a41bf3a86d1bdbf889e66f1d1a1d8069d3294e7414d8ba568abc7e488a084d7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://windows.roiverifyhub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 12 Oct 2022 23:21:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L221PKRVH3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MQN8MQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cbd08da2b2ebd8690d11de49d06efdf3fa98915ec91ecfae8b5ac5e8ba89625c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 23:21:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77871
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 12 Oct 2022 23:21:25 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://windows.roiverifyhub.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:25:00 GMT
x-content-type-options
nosniff
age
14185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 19:25:00 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://windows.roiverifyhub.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:24:52 GMT
x-content-type-options
nosniff
age
14193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 19:24:52 GMT
collect
region1.google-analytics.com/g/ 		0
354 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L221PKRVH3&gtm=2oeaa0&_p=2030408356&cid=1075321041.1665616886&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665616885&sct=1&seg=0&dl=https%3A%2F%2Fwindows.roiverifyhub.com%2F&dt=Your%20Homes%20Windows&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L221PKRVH3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 23:21:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://windows.roiverifyhub.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1115942002528141&ev=PageView&dl=https%3A%2F%2Fwindows.roiverifyhub.com%2F&rl=&if=false&ts=1665616885945&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665616885944.40039628&it=1665616885732&coo=false&exp=a0&rqm=GET
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 12 Oct 2022 23:21:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 3C6F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7C7F6F26-EDA7-A075-EC32-7C6FA1E5EEA5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=AF5EE6E1-073E-F239-0D14-B1007DA075F4&lac=FF5884E6-790E-0E5B-578F-D2502BC2C800
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/af5ee6e1-073e-f239-0d14-b1007da075f4.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-67.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://windows.roiverifyhub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
10047
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 12 Oct 2022 21:07:36 GMT
ETag
W/"632b707f-dbb"
Last-Modified
Wed, 21 Sep 2022 20:13:51 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
ouFLbfonYON9CZUgA7emPTGjyuDr1GNZf8MY6kuTsTSVR7S3KH0K4g==
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.11.11/ 		0
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.11/SaveDom?msn=2&pid=e5acd92e-dea3-4e85-9541-48218f2e3eec&token=7C7F6F26-EDA7-A075-EC32-7C6FA1E5EEA5&_=268951509
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/af5ee6e1-073e-f239-0d14-b1007da075f4.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.230.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-230-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://windows.roiverifyhub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 12 Oct 2022 23:21:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.11/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.11/InitFormData?msn=3&pid=e5acd92e-dea3-4e85-9541-48218f2e3eec&token=7C7F6F26-EDA7-A075-EC32-7C6FA1E5EEA5&_=268951510
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/af5ee6e1-073e-f239-0d14-b1007da075f4.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.230.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-230-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://windows.roiverifyhub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 12 Oct 2022 23:21:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
deviceid.trueleadid.com/ Frame 5879 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=7C7F6F26-EDA7-A075-EC32-7C6FA1E5EEA5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=AF5EE6E1-073E-F239-0D14-B1007DA075F4&lac=FF5884E6-790E-0E5B-578F-D2502BC2C800
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=7C7F6F26-EDA7-A075-EC32-7C6FA1E5EEA5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=AF5EE6E1-073E-F239-0D14-B1007DA075F4&lac=FF5884E6-790E-0E5B-578F-D2502BC2C800
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.58.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-58-125.compute-1.amazonaws.com
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Wed, 12 Oct 2022 23:21:26 GMT
etag
W/"632c7ff9-1049"
expires
Thu, 13 Oct 2022 23:21:26 GMT
last-modified
Thu, 22 Sep 2022 15:32:09 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
2a00:c98:2030:a004:1::3
ip-api.com/json/ 		0
0
Snap
create.leadid.com/2.11.11/ 		0
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.11/Snap?msn=4&pid=e5acd92e-dea3-4e85-9541-48218f2e3eec&token=7C7F6F26-EDA7-A075-EC32-7C6FA1E5EEA5&_=268951511
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/af5ee6e1-073e-f239-0d14-b1007da075f4.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.230.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-230-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://windows.roiverifyhub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 12 Oct 2022 23:21:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
SaveDeviceId.js
create.leadid.com/2.11.11/ Frame 5879 		0
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.11/SaveDeviceId.js?lac=FF5884E6-790E-0E5B-578F-D2502BC2C800&lck=AF5EE6E1-073E-F239-0D14-B1007DA075F4&methods=48&token=7C7F6F26-EDA7-A075-EC32-7C6FA1E5EEA5&uuid=672e853c6a214465bffcd0871e879ad9
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=7C7F6F26-EDA7-A075-EC32-7C6FA1E5EEA5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.11&lck=AF5EE6E1-073E-F239-0D14-B1007DA075F4&lac=FF5884E6-790E-0E5B-578F-D2502BC2C800
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.230.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-230-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 23:21:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: windows.roiverifyhub.com
URL: https://windows.roiverifyhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
via
1.1 varnish
date
Wed, 12 Oct 2022 23:21:26 GMT
x-amz-request-id
KBVH2PMAKMG74HWE
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
c40g0/PEOypibNZhpK4f4SlPZCSnAXuxKGtJ+LI/kKMS0hiuLcfL6ykVCP/ylzTky574I1FuVPM=
x-served-by
cache-fra19126-FRA
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1665616887.916220,VS0,VE0
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1183
certs
api.trustedform.com/ 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16656168856880.5959174293803922&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.244.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-244-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
ac65ed91d5356871d3416315291b065da792e2719aaf9a9d8ad7fe048dddf510

Request headers

Referer
https://windows.roiverifyhub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 12 Oct 2022 23:21:27 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
NRJS-fd0df3b9067b5adad43
bam.nr-data.net/1/ 		49 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-fd0df3b9067b5adad43?a=491095843&v=1216.487a282&to=dF1ZREFeWQ1TSk0JWVpXGENGQ0METw%3D%3D&rst=2235&ck=1&ref=https://windows.roiverifyhub.com/&qt=3&ap=152&be=589&fe=2170&dc=983&perf=%7B%22timing%22:%7B%22of%22:1665616884715,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:62,%22c%22:62,%22s%22:74,%22ce%22:252,%22rq%22:252,%22rp%22:509,%22rpe%22:601,%22dl%22:512,%22di%22:983,%22ds%22:983,%22de%22:987,%22dc%22:2169,%22l%22:2169,%22le%22:2176%7D,%22navigation%22:%7B%7D%7D&fp=985&fcp=1128&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 23:21:27 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
75939267aa3f925b-FRA
trustedform-1.8.29.js
cdn.trustedform.com/ 		99 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.8.29.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16656168856880.5959174293803922&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de10e6e1737b7031c84053fb8500a554901034dac8169e816b2a9d19dea8e27c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
oPelQ0fGWdbo7iDIXPghW4XZAnyuy5Ov
content-encoding
gzip
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
date
Wed, 12 Oct 2022 23:21:27 GMT
last-modified
Mon, 03 Oct 2022 18:12:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
2
etag
W/"05c5bc479b5cc70fc03787ab4e8d8dec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ySLsx7l7YYjdTJQyNq-vQ-WAd9yCgnVJkTpqDhF-DyrKbTLL_qHgsw==
snapshot
api.trustedform.com/certs/335a7fc8803c43ad7c561430bc3e2f823597c944/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/335a7fc8803c43ad7c561430bc3e2f823597c944/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.244.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-244-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windows.roiverifyhub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 12 Oct 2022 23:21:27 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
mdpme9llzoopn2jabngz6trrxxeg
visiqua-flipforms-production.s3.amazonaws.com/
Redirect Chain
  • https://windows.roiverifyhub.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdlFMIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--0fca08aceada3da5b69cc4222d087447b1fc8611/windows_logo.png
  • https://visiqua-flipforms-production.s3.amazonaws.com/mdpme9llzoopn2jabngz6trrxxeg?response-content-disposition=inline%3B%20filename%3D%22windows_logo.png%22%3B%20filename%2A%3DUTF-8%27%27windows_l...
23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visiqua-flipforms-production.s3.amazonaws.com/mdpme9llzoopn2jabngz6trrxxeg?response-content-disposition=inline%3B%20filename%3D%22windows_logo.png%22%3B%20filename%2A%3DUTF-8%27%27windows_logo.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZGUYEECWN%2F20221012%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221012T232127Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=e96066892164d1db2312e73d22ea2d2cd76f44fe99a22bef9838f159d260b2c2
Protocol
HTTP/1.1
Server
52.217.16.220 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b6f299e2527eeba0c855fddbb9a6cbfe833c7e1189366105bb7e5d7365c522bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 23:21:28 GMT
Last-Modified
Tue, 09 Aug 2022 11:32:42 GMT
Server
AmazonS3
x-amz-request-id
76CZXEXG0ZNVVJSK
ETag
"73d4f3a4a7bd7d9a6456585e38e3ee01"
Content-Type
image/png
Content-Disposition
inline; filename="windows_logo.png"; filename*=UTF-8''windows_logo.png
Accept-Ranges
bytes
Content-Length
23882
x-amz-id-2
XMZZnmRouYBKYv/wQgGd6GVKYUBGJ4kDWBKHpJkQVMV/HBHHM5uTzIc0qlBThNRyoQkgg0ZbQP0=

Redirect headers

date
Wed, 12 Oct 2022 23:21:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-qloaked-clientip
37.58.58.250
via
1.1 vegur
x-permitted-cross-domain-policies
none
content-length
598
x-xss-protection
1; mode=block
x-request-id
f332cd2e-c2d6-44dd-8796-9d6d1cc19896
x-runtime
0.038112
referrer-policy
strict-origin-when-cross-origin
server
Caddy, Qloaked
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
https://visiqua-flipforms-production.s3.amazonaws.com/mdpme9llzoopn2jabngz6trrxxeg?response-content-disposition=inline%3B%20filename%3D%22windows_logo.png%22%3B%20filename%2A%3DUTF-8%27%27windows_logo.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZGUYEECWN%2F20221012%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221012T232127Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=e96066892164d1db2312e73d22ea2d2cd76f44fe99a22bef9838f159d260b2c2
cache-control
max-age=300, private
fingerprints
api.trustedform.com/certs/335a7fc8803c43ad7c561430bc3e2f823597c944/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/335a7fc8803c43ad7c561430bc3e2f823597c944/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.244.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-244-247.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windows.roiverifyhub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 12 Oct 2022 23:21:27 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
text/javascript
InitFormData
create.leadid.com/2.11.11/ 		0
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.11/InitFormData?msn=5&pid=e5acd92e-dea3-4e85-9541-48218f2e3eec&token=7C7F6F26-EDA7-A075-EC32-7C6FA1E5EEA5&_=268951512
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/af5ee6e1-073e-f239-0d14-b1007da075f4.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.230.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-230-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://windows.roiverifyhub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 12 Oct 2022 23:21:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1115942002528141&ev=Microdata&dl=https%3A%2F%2Fwindows.roiverifyhub.com%2F&rl=&if=false&ts=1665616887449&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Your%20Homes%20Windows%22%2C%22meta%3Adescription%22%3A%22Get%20the%20best%20prices%20and%20quotes%20for%20Window%20repairs%20or%20replacements%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665616885944.40039628&it=1665616885732&coo=false&es=automatic&tm=3&exp=a0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://windows.roiverifyhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 12 Oct 2022 23:21:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
Snap
create.leadid.com/2.11.11/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.11.11/Snap?msn=6&pid=e5acd92e-dea3-4e85-9541-48218f2e3eec&token=7C7F6F26-EDA7-A075-EC32-7C6FA1E5EEA5&_=268951513
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/af5ee6e1-073e-f239-0d14-b1007da075f4.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.230.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-230-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://windows.roiverifyhub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 12 Oct 2022 23:21:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ip-api.com
URL
http://ip-api.com/json/2a00:c98:2030:a004:1::3

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require function| moment function| sendRange object| Mailcheck object| $jscomp object| Rails boolean| _rails_loaded object| ActiveStorage function| $ function| jQuery object| jQuery112409134416889233743 object| Turbolinks object| bootstrap object| toastr object| dataLayer function| trustedFormCertUrlCallback function| fbq function| _fbq object| CryptoJS object| date number| timestamp string| encodedStringBtoA string| message string| secret object| encrypted string| request_sig boolean| emailValid boolean| phoneValid function| validateMonths function| removeLeadingZero string| dateFormat string| mask function| validateDateField undefined| html function| validateEmailAddress function| addErrorText function| removeErrorText function| addVerifyingText function| removeVerifyingText function| checkTwilio function| validateEmail function| validatePhone undefined| previousValue function| validateForm function| suggestionText function| submitForm object| LeadiDconfig object| LeadiD object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| label string| id boolean| sensitiveData object| defaultStyleFrame object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| regeneratorRuntime

8 Cookies

Domain/Path Name / Value
.roiverifyhub.com/ Name: _gcl_au
Value: 1.1.182560550.1665616886
.roiverifyhub.com/ Name: _ga_L221PKRVH3
Value: GS1.1.1665616885.1.0.1665616885.0.0.0
.roiverifyhub.com/ Name: _ga
Value: GA1.1.1075321041.1665616886
.roiverifyhub.com/ Name: _fbp
Value: fb.1.1665616885944.40039628
windows.roiverifyhub.com/ Name: leadid_token-FF5884E6-790E-0E5B-578F-D2502BC2C800-AF5EE6E1-073E-F239-0D14-B1007DA075F4
Value: 7C7F6F26-EDA7-A075-EC32-7C6FA1E5EEA5
.deviceid.trueleadid.com/ Name: uuid
Value: 672e853c6a214465bffcd0871e879ad9
.nr-data.net/ Name: JSESSIONID
Value: e21f5de1ed1284e4
windows.roiverifyhub.com/ Name: _project_session
Value: mYbp%2FNLnsbV704v8YJYLAQXQT0YLBKMWfRXUjEJ%2Bvs5hy4eN0%2BklS%2BqXVZNiB8tAU6ZgJvcer8getMCKtSXzrDNpja8ycSK1PPbd42XcRw9Qk0BqIOcaXP5GXyv0mTX7%2FUqi8zeGK7hf%2B4rCsaRdiSaYt6U2D7J9kro1ArRpz7TsVUGkIUwhl6JgpMQaVUjLAC5geFg7hJwgLapBFx4cNuJzkpELZ8kfmYUkI8LnUcGcO%2FFyWoqXT8wWER4Rm5%2FoVYkz0JNnQDQkrBCy7N1dxNb%2BssQrZNQTgIqy3wXHD%2Fm5m2c87ZH4wd5QzzX9OR5W2DE8AA%3D%3D--qrs3Rm3XTGBEJD4M--MWH%2FC32XqJDxFY34XDjE3Q%3D%3D

2 Console Messages

Source Level URL
Text
network error URL: https://jqueryjs.googlecode.com/files/jquery-1.3.2.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://windows.roiverifyhub.com/(Line 718)
Message:
Mixed Content: The page at 'https://windows.roiverifyhub.com/' was loaded over HTTPS, but requested an insecure resource 'http://ip-api.com/json/2a00:c98:2030:a004:1::3'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
bam.nr-data.net
cdn.trustedform.com
cdnjs.cloudflare.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
ip-api.com
jqueryjs.googlecode.com
js-agent.newrelic.com
jsonip.com
region1.google-analytics.com
visiqua-flipforms-production.s3.amazonaws.com
windows.roiverifyhub.com
www.facebook.com
www.googletagmanager.com
ip-api.com
13.32.23.67
151.101.130.137
162.247.241.14
18.214.230.128
2001:4860:4802:32::36
2600:3c01::f03c:91ff:fe79:43b
2600:9000:2057:a600:1c:7f1a:6680:93a1
2606:4700:10::ac43:29e5
2606:4700::6811:180e
2a00:1450:4001:801::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c06::52
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.120.230.5
34.197.244.247
52.217.16.220
54.85.58.125
373015d4e34dbf73ecb406228a102a191bf689ab1531ad0afa629e97b6a4a7bd
3c2efee2d2cd465374eacf6bee61ec76580a4746e8795bf362b923ccca2bf1d4
438ba10e1e3c24e32b388d8f09a955ee334c321fe4146f13222e4b9a1633f454
469395565369d8bc1f6b3867112736f2daf6171d6fdf15ee70423f293656300b
482ff04bb821bd0233eef3a66a4bd4ce872ab66a5f86169a4fed76f4d6019e2f
55c1bfe643c6f2d355d3703fcad6069fba461eb335c459543ffedc21cb3e17e5
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
9bef43d0996aec37902ee18b71198d3c0c6924d563de30b4d21b92d683327a46
a41bf3a86d1bdbf889e66f1d1a1d8069d3294e7414d8ba568abc7e488a084d7e
ac65ed91d5356871d3416315291b065da792e2719aaf9a9d8ad7fe048dddf510
b28bb10d1b574db881cdd742dbe4593c1344f78e3ba378350c51cbfcaec51da1
b6f299e2527eeba0c855fddbb9a6cbfe833c7e1189366105bb7e5d7365c522bd
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
ba4a9af22c0d9b4924384805889271a09d9d9fa354b3b9c3419d19f28a26bdd0
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c8e3caff800260c7271b53dbff9406c022f36c561407e42f3eaef37d11602d2a
cbd08da2b2ebd8690d11de49d06efdf3fa98915ec91ecfae8b5ac5e8ba89625c
d80f782c175ee34155d9df75ffb2ebeff7e968fa049ed143ccf65e517a5c1b9e
de10e6e1737b7031c84053fb8500a554901034dac8169e816b2a9d19dea8e27c
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e337112ff57db84347ffaaf07622bb6b2b8a74fef331897bc80bb10e8fb8eec2
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954