urlscan.io logo urlscan.io
SecurityTrails logo

windowsremodelconnection.com Open in urlscan Pro
13.226.26.117  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ezr12ze1r2zerze1r.html#paoapoa.html?od=1syoshort622cd19b9c0c5_vl_weekvl_1214.1i1josh.C0000rh9bbv...
Effective URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Submission: On March 12 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 1 countries across 27 domains to perform 68 HTTP transactions. The main IP is 13.226.26.117, located in United States and belongs to AMAZON-02, US. The main domain is windowsremodelconnection.com.
TLS certificate: Issued by Amazon on April 3rd 2021. Valid for: a year.
This is the only time windowsremodelconnection.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.218.183.130 16509 (AMAZON-02)
1 1 66.152.183.178 35916 (MULTA-ASN1)
1 209.236.123.153 30277 (DFW-DATAC...)
15 13.226.26.117 16509 (AMAZON-02)
4 2600:9000:21d... 16509 (AMAZON-02)
1 54.230.162.105 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 142.251.40.226 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 23.52.162.190 16625 (AKAMAI-AS)
1 151.101.65.2 54113 (FASTLY)
1 199.232.64.157 54113 (FASTLY)
1 2a04:4e42::729 54113 (FASTLY)
4 151.101.65.44 54113 (FASTLY)
2 2600:141b:500... 20940 (AKAMAI-ASN1)
2 34.201.179.84 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 3.230.50.184 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.244.42.67 13414 (TWITTER)
1 104.244.42.133 13414 (TWITTER)
2 64.202.112.223 22075 (AS-OUTBRAIN)
1 2607:f8b0:402... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2620:1ec:27::... 8075 (MICROSOFT...)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:141b:500... 20940 (AKAMAI-ASN1)
1 2 20.36.253.92 8075 (MICROSOFT...)
1 20.96.88.162 8075 (MICROSOFT...)
2 141.226.224.48 200478 (TABOOLA-AS)
68 33
1    52.218.183.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
1    66.152.183.178 (Los Angeles, United States)

ASN35916 (MULTA-ASN1, US)
PTR: dangerfolklore.com
ackulatchadies.org
1    209.236.123.153 (United States)

ASN30277 (DFW-DATACENTER, US)
PTR: 209.236.123.153
forwardbellbug.com
15    13.226.26.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-26-117.ewr53.r.cloudfront.net
windowsremodelconnection.com
4    2600:9000:21da:a200:e:1a42:df40:93a1 (United States)

ASN16509 (AMAZON-02, US)
modernize.com
1    54.230.162.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-105.ewr53.r.cloudfront.net
cdn.heapanalytics.com
2    2607:f8b0:4006:823::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:817::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
www.googleadservices.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    23.52.162.190 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    151.101.65.2 (United States)

ASN54113 (FASTLY, US)
a.quora.com
1    199.232.64.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
4    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    2600:141b:5000:69a::11a6 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
173bf104.akstat.io
2    34.201.179.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-179-84.compute-1.amazonaws.com
heapanalytics.com
1    2607:f8b0:4006:80d::200a (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    3.230.50.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-50-184.compute-1.amazonaws.com
q.quora.com
2    2607:f8b0:4006:823::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2606:4700::6812:bef (United States)

ASN13335 (CLOUDFLARENET, US)
geoip-js.com
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
2    64.202.112.223 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    2607:f8b0:4023:1407::9a (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:80e::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2620:1ec:27::cafe:2034 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2607:f8b0:4006:824::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:141b:5000:386::11a6 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
2    20.36.253.92 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
k.clarity.ms
2    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
15 windowsremodelconnection.com
windowsremodelconnection.com
229 KB
6 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 971
trc.taboola.com — Cisco Umbrella Rank: 562
trc-events.taboola.com — Cisco Umbrella Rank: 1670
27 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 916
c.clarity.ms — Cisco Umbrella Rank: 547
k.clarity.ms — Cisco Umbrella Rank: 2851
24 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 338
c.bing.com — Cisco Umbrella Rank: 193
13 KB
4 modernize.com
modernize.com — Cisco Umbrella Rank: 196173
21 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
763 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
3 KB
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 1897
tr.outbrain.com — Cisco Umbrella Rank: 1782
4 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
3 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 2997
heapanalytics.com — Cisco Umbrella Rank: 2623
43 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
499 B
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1140
c.go-mpulse.net — Cisco Umbrella Rank: 545
51 KB
2 quora.com
a.quora.com — Cisco Umbrella Rank: 6783
q.quora.com — Cisco Umbrella Rank: 2884
15 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
114 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 101
32 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
135 KB
1 akstat.io
173bf104.akstat.io — Cisco Umbrella Rank: 14751
211 B
1 gstatic.com
fonts.gstatic.com
31 KB
1 t.co
t.co — Cisco Umbrella Rank: 448
336 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 464
460 B
1 geoip-js.com
geoip-js.com — Cisco Umbrella Rank: 13617
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 3744
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 531
6 KB
1 forwardbellbug.com
forwardbellbug.com
467 B
1 ackulatchadies.org
ackulatchadies.org
479 B
1 amazonaws.com
azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
462 B
68 27
Domain Requested by
15 windowsremodelconnection.com forwardbellbug.com
windowsremodelconnection.com
4 modernize.com windowsremodelconnection.com
3 www.google.com windowsremodelconnection.com
3 cdn.taboola.com azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
cdn.taboola.com
3 bat.bing.com azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
bat.bing.com
windowsremodelconnection.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 trc-events.taboola.com browser.sentry-cdn.com
2 c.clarity.ms 1 redirects
2 www.facebook.com windowsremodelconnection.com
2 tr.outbrain.com amplify.outbrain.com
windowsremodelconnection.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 heapanalytics.com windowsremodelconnection.com
2 connect.facebook.net azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
connect.facebook.net
2 www.googleadservices.com www.googletagmanager.com
2 www.googletagmanager.com windowsremodelconnection.com
www.googletagmanager.com
1 k.clarity.ms browser.sentry-cdn.com
1 173bf104.akstat.io s.go-mpulse.net
1 c.bing.com 1 redirects
1 c.go-mpulse.net s.go-mpulse.net
1 www.clarity.ms bat.bing.com
1 fonts.gstatic.com fonts.googleapis.com
1 stats.g.doubleclick.net browser.sentry-cdn.com
1 t.co windowsremodelconnection.com
1 analytics.twitter.com static.ads-twitter.com
1 geoip-js.com browser.sentry-cdn.com
1 q.quora.com windowsremodelconnection.com
1 trc.taboola.com cdn.taboola.com
1 fonts.googleapis.com windowsremodelconnection.com
1 s.go-mpulse.net azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
1 browser.sentry-cdn.com www.googletagmanager.com
1 static.ads-twitter.com azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
1 a.quora.com azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
1 amplify.outbrain.com azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
1 cdn.heapanalytics.com windowsremodelconnection.com
1 forwardbellbug.com azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
1 ackulatchadies.org 1 redirects
1 azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
68 37

This site contains links to these domains. Also see Links.

Domain
s3.amazonaws.com
policies.google.com
modernize.com
Subject Issuer Validity Valid
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh
forwardbellbug.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-29 -
2023-01-13		 a year crt.sh
*.windowsremodelconnection.com
Amazon		 2021-04-03 -
2022-05-02		 a year crt.sh
modernize.com
Amazon		 2021-06-11 -
2022-07-10		 a year crt.sh
cdn.heapanalytics.com
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
quora.com
R3		 2022-03-02 -
2022-05-31		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
akstat.io
DigiCert SHA2 Secure Server CA		 2021-06-08 -
2022-06-13		 a year crt.sh
heapanalytics.com
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.quora.com
R3		 2022-03-01 -
2022-05-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-17 -
2022-07-16		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh

This page contains 2 frames:

Primary Page: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Frame ID: 5F3BA1EA3B30B30761964F9DA4A5F6CE
Requests: 66 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/FLMQ7-RXRAN-ZV6HC-RGFS8-7FQL4
Frame ID: 39F639187C820E2BD26B2BFA3DB4AE43
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Windows Remodel Connection

Page URL History Show full URLs

  1. https://azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ezr12ze1r2zerze1r.html Page URL
  2. http://ackulatchadies.org/paoapoa.html?od=1syoshort622cd19b9c0c5_vl_weekvl_1214.1i1josh.C0000rh9bbv1g8... HTTP 302
    https://forwardbellbug.com/176439175be5cf02800/__1_paoapoa__6a921fce20e81d8637641/yo121%7CM21unJj=%7Ch9... Page URL
  3. https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a92... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

68
Requests

99 %
HTTPS

47 %
IPv6

27
Domains

37
Subdomains

33
IPs

1
Countries

788 kB
Transfer

2065 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ezr12ze1r2zerze1r.html Page URL
  2. http://ackulatchadies.org/paoapoa.html?od=1syoshort622cd19b9c0c5_vl_weekvl_1214.1i1josh.C0000rh9bbv1g8804r_x11369.h9bbvMmNsN2M3LTNhODI2OW40k3tHY HTTP 302
    https://forwardbellbug.com/176439175be5cf02800/__1_paoapoa__6a921fce20e81d8637641/yo121%7CM21unJj=%7Ch9bbv%7C2cl7c7%7C3a8269n%7C67688%7C0000rh9bbv%7CC%7Cp3yxK2Wy%7CPC%7C1g0jtm4/p3yip2uipaD2ZwWwMQR5LwywZTZ1K3MfK3qyMJg2oS8kZwR0 Page URL
  3. https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://ackulatchadies.org/paoapoa.html?od=1syoshort622cd19b9c0c5_vl_weekvl_1214.1i1josh.C0000rh9bbv1g8804r_x11369.h9bbvMmNsN2M3LTNhODI2OW40k3tHY HTTP 302
  • https://forwardbellbug.com/176439175be5cf02800/__1_paoapoa__6a921fce20e81d8637641/yo121%7CM21unJj=%7Ch9bbv%7C2cl7c7%7C3a8269n%7C67688%7C0000rh9bbv%7CC%7Cp3yxK2Wy%7CPC%7C1g0jtm4/p3yip2uipaD2ZwWwMQR5LwywZTZ1K3MfK3qyMJg2oS8kZwR0
Request Chain 61
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1541BE0773E84ED38CE99ED6E7602520&RedC=c.clarity.ms&MXFR=1E9429EC9204608D35CB388996046ED1 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1541BE0773E84ED38CE99ED6E7602520&MUID=2CE5460BA3656662061E576EA2ED6735

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ezr12ze1r2zerze1r.html
azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ 		106 B
462 B 		Document
General
Check archive.org
Download Go to
Full URL
https://azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ezr12ze1r2zerze1r.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.183.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

x-amz-id-2
ddl/Fcp3q0/226KapO0leD7PfQnVUx+qsk1Nj0icWir7jM3ckOvqBmEL6VHWVFdHKTqN7FfB1DA=
x-amz-request-id
MAYBQ0XMCB2K2ST4
Date
Sat, 12 Mar 2022 18:58:33 GMT
Last-Modified
Sat, 12 Mar 2022 17:01:18 GMT
ETag
"8ff519d5219236a4c67f1ed6fb894b24"
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Content-Length
106
p3yip2uipaD2ZwWwMQR5LwywZTZ1K3MfK3qyMJg2oS8kZwR0
forwardbellbug.com/176439175be5cf02800/__1_paoapoa__6a921fce20e81d8637641/yo121%7CM21unJj=%7Ch9bbv%7C2cl7c7%7C3a8269n%7C67688%7C0000rh9bbv%7CC%7Cp3yxK2Wy%7CPC%7C1g0jtm4/
Redirect Chain
  • http://ackulatchadies.org/paoapoa.html?od=1syoshort622cd19b9c0c5_vl_weekvl_1214.1i1josh.C0000rh9bbv1g8804r_x11369.h9bbvMmNsN2M3LTNhODI2OW40k3tHY
  • https://forwardbellbug.com/176439175be5cf02800/__1_paoapoa__6a921fce20e81d8637641/yo121%7CM21unJj=%7Ch9bbv%7C2cl7c7%7C3a8269n%7C67688%7C0000rh9bbv%7CC%7Cp3yxK2Wy%7CPC%7C1g0jtm4/p3yip2uipaD2ZwWwMQR5...
193 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://forwardbellbug.com/176439175be5cf02800/__1_paoapoa__6a921fce20e81d8637641/yo121%7CM21unJj=%7Ch9bbv%7C2cl7c7%7C3a8269n%7C67688%7C0000rh9bbv%7CC%7Cp3yxK2Wy%7CPC%7C1g0jtm4/p3yip2uipaD2ZwWwMQR5LwywZTZ1K3MfK3qyMJg2oS8kZwR0
Requested by
Host: azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
URL: https://azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ezr12ze1r2zerze1r.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.236.123.153 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
209.236.123.153
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ezr12ze1r2zerze1r.html#paoapoa.html?od=1syoshort622cd19b9c0c5_vl_weekvl_1214.1i1josh.C0000rh9bbv1g8804r_x11369.h9bbvMmNsN2M3LTNhODI2OW40k3tHY

Response headers

Date
Sat, 12 Mar 2022 18:58:35 GMT
Server
Apache
Content-Length
193
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sat, 12 Mar 2022 18:58:33 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
Location
https://forwardbellbug.com/176439175be5cf02800/__1_paoapoa__6a921fce20e81d8637641/yo121|M21unJj=|h9bbv|2cl7c7|3a8269n|67688|0000rh9bbv|C|p3yxK2Wy|PC|1g0jtm4/p3yip2uipaD2ZwWwMQR5LwywZTZ1K3MfK3qyMJg2oS8kZwR0
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Primary Request /
windowsremodelconnection.com/1step/ 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Requested by
Host: forwardbellbug.com
URL: https://forwardbellbug.com/176439175be5cf02800/__1_paoapoa__6a921fce20e81d8637641/yo121%7CM21unJj=%7Ch9bbv%7C2cl7c7%7C3a8269n%7C67688%7C0000rh9bbv%7CC%7Cp3yxK2Wy%7CPC%7C1g0jtm4/p3yip2uipaD2ZwWwMQR5LwywZTZ1K3MfK3qyMJg2oS8kZwR0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12bcbf533122e22149093ee4466e089645dbb64eee2b61cd9666b6c0b71ec8b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://forwardbellbug.com/

Response headers

content-type
text/html
x-amz-id-2
UmmQZSNDBdSIa8BxaoJ5Mw0csdAEWUK3rNQ8PTQDHwpURFx+taTyM8S2B4FF0iHWaO9VIEsfLr4=
x-amz-request-id
GANF0BMYX2108VN1
date
Wed, 09 Mar 2022 06:32:52 GMT
cache-control
max-age=604800
last-modified
Wed, 02 Feb 2022 06:38:27 GMT
etag
W/"a65c91de5fdb7cec31404fa363a07439"
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
6LA7ewNcYCEpkq4Cu1aIP6EHMP4VeqCCFzM7-WKsJSoSXmehbyYPpQ==
age
303944
mod-footer.min.css
modernize.com/quote/resources/mod-site/styles/components/footer/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://modernize.com/quote/resources/mod-site/styles/components/footer/mod-footer.min.css
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:a200:e:1a42:df40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
456b38d823376bf941b3a1ae4850e43bb85cf25a04a2df6c719a9c867c99c7e0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:23:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77682
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-request-id
EVVJFMPXP186259S
x-xss-protection
1; mode=block
last-modified
Fri, 11 Mar 2022 21:23:39 GMT
server
AmazonS3
etag
W/"b92ddc2c89d65b86eb296fa37f1917d9"
vary
Accept-Encoding
content-type
text/css
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
cache-control
no-cache
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
Oaj3mK35QISlwV_A5piWNMnm1qiw0aEzK_59KSUi9UNnTE5efUG62Q==
x-amz-id-2
/vfIBw6iYKDahDH6mVzSV+VRCEdwh7IZnvAym+BKZByvRoNWN0nGcn57z990/A7QNjwaXFjkLKY=
bootstrap.grid-modal-forms.59781cc5.css
windowsremodelconnection.com/styles/vendor/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windowsremodelconnection.com/styles/vendor/bootstrap.grid-modal-forms.59781cc5.css
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5fd6b8cd7e8b0d35069896dcb2f720bc293c1680d1866f512ef2675a5c4b5f4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 08:28:46 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 06:38:28 GMT
server
AmazonS3
age
383391
etag
W/"59781cc571b388a99165f74f90980f04"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
x-amz-request-id
Y5JF1EWRWWAB3N4K
x-amz-cf-id
g-UwevYlqc2yxXjIUXiqKZJ7AItkCuLZ4pc5jCNvg71haFJ4mw8RAA==
x-amz-id-2
DGuTgbXDgOd9ZtEw29qPF4rxpFp+iGNgkDJv12JW5mnpPFIQ1t5TqASlF1VHNcPADOQhcEreVic=
1step.eaf6012e.css
windowsremodelconnection.com/styles/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windowsremodelconnection.com/styles/1step.eaf6012e.css
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91838e77891cdadabc73f55b9e3f3ed1af2b510684ee761f7d8a381edd5a09ee

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 07:54:34 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 06:38:28 GMT
server
AmazonS3
age
39842
etag
W/"a2307be44eb375bfc56fac6c0ffb92ca"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
x-amz-request-id
1XPJQ9SKG7SDXBN8
x-amz-cf-id
oIi3vVhSHg51ATYMO-AwPwEnTahepBHvJUmtrVYySzsUm7TAEv1rag==
x-amz-id-2
nTCAjnw9YiupIAhvripT4/C1C5t2DjBon4LcyHd02fDoQ0onxpI519g1x5jkPnIafkX7Y1pR+Ls=
mod-footer-component.min.js
modernize.com/quote/resources/mod-site/scripts/components/footer/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://modernize.com/quote/resources/mod-site/scripts/components/footer/mod-footer-component.min.js
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:a200:e:1a42:df40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4ae2fdc500d356b306604cf7a3779cec87a8558c57da282279fea5ad938da1a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:23:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77682
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-request-id
EVVHYCMCCJF1ZQNR
x-xss-protection
1; mode=block
last-modified
Fri, 11 Mar 2022 21:23:39 GMT
server
AmazonS3
etag
W/"0ff29578575187268f426d091a582b9c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
cache-control
no-cache
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
MzSHgYwt4bRRv52OUBwLoCkaYyp0Ly1lTKK1p7oT8yQS3--eIy3jbA==
x-amz-id-2
+hvYQivEDgjFS3RreEoltbf40NsPak1oyBoCvT9SgfsL/IMsMA0bXwnsdwEOq3g1JQoCtk3oz84=
jquery.e803109d.js
windowsremodelconnection.com/scripts/vendor/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsremodelconnection.com/scripts/vendor/jquery.e803109d.js
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd27d0ff99790df59dc0f6ac54c0a907e04ec314dfe8b4952b315ca1cb765522

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 09:07:32 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 06:38:28 GMT
server
AmazonS3
age
35464
etag
W/"a17cec477335501aee2506c3b2a77bce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
x-amz-request-id
JKQVJ94811F36W1H
x-amz-cf-id
DaFW4ChWQg7RHpB3pAH3ltzwawnU4JnNAggUZGuGuqFb0-uRl5Fl9Q==
x-amz-id-2
+VFdq7tnAPHA36f2YzVxG6XI+w0bF3zGdDL23jcwWnU238nCsjrbVJuIWWEHNo1JAX4d7Djl+T8=
mod-utils.min.js
modernize.com/quote/resources/mod-site/scripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://modernize.com/quote/resources/mod-site/scripts/mod-utils.min.js
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:a200:e:1a42:df40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0564d721a85a96093aaae558437aa2e1973c55bfda97349bb318a3319dc24d7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77691
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-request-id
Y95H5WZVZ6XCYKJY
x-xss-protection
1; mode=block
last-modified
Fri, 11 Mar 2022 21:23:39 GMT
server
AmazonS3
etag
W/"be651de7d0c09fbf3745345c8498713f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
cache-control
no-cache
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
NbUdsBC511w4LE0rLCi6DHORDeVkU2rJrLBVZrxAD7grWAPyfP2ecA==
x-amz-id-2
a1Ix9XdDxkOGKolPcRLjYAkPpNDXVzgVIFcWO9HgScuz3G5QYb167Umy5a9i0G0HS8Cc0EMpeo4=
bootstrap.modal.7fae37cc.js
windowsremodelconnection.com/scripts/vendor/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsremodelconnection.com/scripts/vendor/bootstrap.modal.7fae37cc.js
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddc1856b74e219b7dc3a7df5b2d4bfea214c518a2d630f55766ebaee30a23f51

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 07:39:00 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 06:38:28 GMT
server
AmazonS3
age
472777
etag
W/"7fae37cc91df66b2ebe3ccda773c4513"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
x-amz-request-id
92EK8JP7NC64RYG8
x-amz-cf-id
dLX5_KO7QHtLbEy8fXN76vCCdeOlaru5s00qeyjltd4LpCZ41k4OVQ==
x-amz-id-2
leCH+C00PXIPAiwwseXxk0AMep+VyYPlLjonPwqc0ovSYtNbK5cp96BMwMtKyCNqT9crHpMIRV0=
modal-pages.54f7ac52.js
windowsremodelconnection.com/scripts/vendor/mod-build/components/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsremodelconnection.com/scripts/vendor/mod-build/components/modal-pages.54f7ac52.js
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4958747ac4e2bbe143f4d9af16129fc1fc7e655a338d50a773ac86dcf5ab0e09

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 07:01:54 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 06:38:28 GMT
server
AmazonS3
age
388603
etag
W/"54f7ac526931d9e0f2c8ef6232798584"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
x-amz-request-id
ZYEZ7PCT9ZCP8GF9
x-amz-cf-id
EHQ0hIiqdmeHXSgsla76ZIzWoF79W-R7It14ZUvyqwAAdR-ji-8jaA==
x-amz-id-2
HXeK1YPA2MrFOaf2hEAq5YqRmQrc5cuFW2+QL7cW2PxTv1GWD+NLP5y1zCw1gpSau+pxItoe/Kk=
mod-form.min.js
modernize.com/quote/resources/mod-site/scripts/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://modernize.com/quote/resources/mod-site/scripts/mod-form.min.js
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:a200:e:1a42:df40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55c02383f6d2bcaa4f9771e2c00507b981fc0f173a0087562e3b979446ee0289
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 21:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77691
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-request-id
Y95YBN5FMS2K0CF9
x-xss-protection
1; mode=block
last-modified
Fri, 11 Mar 2022 21:23:39 GMT
server
AmazonS3
etag
W/"ed810358eecc7c33a37e1f30c9cbfd56"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
cache-control
no-cache
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
mzx3-T52bYeL3QJh5PqKJxjDH1w66_2t80CYr58Xn-xRbTciCCmQlw==
x-amz-id-2
MfjHPwPb0MRlWDJ6gxlnxLXHWPdwP686bZWyj2YaHRsz5Sk1TRA2+T2vgDvTRhKkF2nxE5NOyoU=
maxmind-geoip2.56f07b3d.js
windowsremodelconnection.com/scripts/vendor/mod-build/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsremodelconnection.com/scripts/vendor/mod-build/maxmind-geoip2.56f07b3d.js
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
128756bb951a63afce85b8e6a9568b1d1a6c6e66ac9fb632551a4fd54898d6f2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 06:30:17 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 06:38:28 GMT
server
AmazonS3
age
390500
etag
W/"56f07b3d96ae9cb815799472d4ed4606"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
x-amz-request-id
6XDGZS9948ZZ4M1K
x-amz-cf-id
1k1dVU9KfTh9unMXlI6qOUYsicCPqb_qUCj3qSJFTobCMsBMLdB4IA==
x-amz-id-2
+XF4OCuWS7FsHhxEXdlgvCfSY8vFH8/TZufdAG9S9/e3msudWQHPQ/g1iEnh3X6cLeyKWdotdPc=
1step.ec7c01ea.js
windowsremodelconnection.com/scripts/ 		476 B
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://windowsremodelconnection.com/scripts/1step.ec7c01ea.js
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9792d56ca9da6fbf1362b8e42e7463e41c54a63ceff328028256def305edbaa

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 07:54:34 GMT
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Feb 2022 06:38:28 GMT
server
AmazonS3
age
39843
etag
"ec7c01ea0ca68a77b205ba3daca43530"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
content-length
476
x-amz-request-id
1XPJQJ5N18NKW6CQ
x-amz-id-2
dUeaMBsYkyM5B3MNWJ6QOSSgUzfCcp/Ku5wcxv000bgQKi8baynvjkmZd4TwnCLMB003cMghjpQ=
x-amz-cf-id
YjSLq29e9GAuZZZNrBIHG45H3zemITu4PpZM9fGBYpTcdgSM6qZSwQ==
heap-3246578271.js
cdn.heapanalytics.com/js/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-3246578271.js
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-105.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
d18c396df69ec91924cba228596bdab5c398036a1595d8c3c758699d33599b0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 18:57:46 GMT
content-encoding
gzip
server
nginx
age
50
etag
W/"1ad95-lFBXsGT5lOTH4h6ifl9cLw"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 779925c9c68a6d4d8c35b729b0516a76.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
EWR53-C3
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
f2_2ZlPaTLkr6_KzPd6dT_QLqXMY-LZNBzFoAeCGyl0ah6PkP-LKwg==
gtm.js
www.googletagmanager.com/ 		208 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBC2FVC
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f0c3662ec76e95238350127282ed1e80444c46ca3d67092cf8eb782f93fc15df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 18:58:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73281
x-xss-protection
0
last-modified
Sat, 12 Mar 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Mar 2022 18:58:36 GMT
js
www.googletagmanager.com/gtag/ 		171 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2EC33XZG5H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBC2FVC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03577280b52d89dd62ec40d51da3ee6a661743d75a256a33176be63bd2ae5c23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 18:58:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64511
x-xss-protection
0
expires
Sat, 12 Mar 2022 18:58:36 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBC2FVC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
880
date
Sat, 12 Mar 2022 18:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 12 Mar 2022 20:43:56 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBC2FVC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
9cb0e1f9c2424fa8326d7aa035e1cc92073377c81cae82aa9eb8ce41eec4020e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 18:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14894
x-xss-protection
0
server
cafe
etag
12259963661394916584
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 12 Mar 2022 18:58:36 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
URL: https://azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ezr12ze1r2zerze1r.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 18:58:35 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D56DE6BCA4BF421381203DF31E156A0A Ref B: NYCEDGE0919 Ref C: 2022-03-12T18:58:36Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11333
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
URL: https://azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ezr12ze1r2zerze1r.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8e885457ba20624b6b2ce062f0c9f63adaa4e8b215cf068bdf701a6c819b9e5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26293
x-xss-protection
0
pragma
public
x-fb-debug
BIU2P15Sl1pL5OOV2Uti33MCIfP5QMfzbABbo97LoZgvlgBGl3AwbEgAtQBZs4zeY+KshLYVKcjUNrMXchcdWQ==
x-fb-trip-id
1512268381
x-frame-options
DENY
date
Sat, 12 Mar 2022 18:58:36 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
URL: https://azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ezr12ze1r2zerze1r.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 12 Mar 2022 18:58:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Feb 2022 12:30:38 GMT
Server
AkamaiNetStorage
ETag
"23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3150
Expires
Sat, 12 Mar 2022 19:18:36 GMT
qevents.js
a.quora.com/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.quora.com/qevents.js
Requested by
Host: azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
URL: https://azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ezr12ze1r2zerze1r.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a17920dcfc826778df74d849ce150d08fd10d94f35360dfd61f2028c39cb7fe

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
tZKyX.UEXB2gmjM754h9oTXfXycJ4zC.
content-encoding
gzip
etag
"18683a572c4b1341712e310970add868"
age
3064
x-cache
HIT, HIT
content-length
14008
x-amz-id-2
cjB6G+nO6sZ8lXFbbXEjj1FfD1veTI+F6wRQiXONjEr8OiSuEFK/oHKkOMKlQq8mOyQBwBD6PaI=
x-served-by
cache-iad-kcgs7200048-IAD, cache-ewr18146-EWR
last-modified
Wed, 09 Mar 2022 00:07:14 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1646784430/ctime:1646784429/gid:150037/gname:ezhang/md5:18683a572c4b1341712e310970add868/mode:33204/mtime:1646784429/uid:150037/uname:ezhang
x-timer
S1647111516.193970,VS0,VE0
date
Sat, 12 Mar 2022 18:58:36 GMT
vary
Accept-Encoding
x-amz-request-id
G965FQ9PVAY0Z85Z
via
1.1 varnish, 1.1 varnish
cache-control
max-age=7200
accept-ranges
bytes
content-type
text/plain
x-cache-hits
1, 763
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
URL: https://azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ezr12ze1r2zerze1r.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.64.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 18:58:36 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 01:07:27 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100035-IAD, cache-wdc5554-WDC
bundle.min.js
browser.sentry-cdn.com/5.11.0/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.11.0/bundle.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBC2FVC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
afa38d01b9859733fd204b0f77f80c1f654f01043ae5e1ad44d0a8da8b2ef71d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 18:58:36 GMT
content-encoding
gzip
last-modified
Wed, 08 Jan 2020 15:28:39 GMT
server
Fastly
age
2551706
etag
"020e4ac998a634d066ef49d7f9640ea8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
17046
expires
Sat, 11 Feb 2023 06:10:09 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1185273/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1185273/tfa.js
Requested by
Host: azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
URL: https://azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ezr12ze1r2zerze1r.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a70cbada117aff10c903e91f49b4bc7a55df6ad7b5061013a4d69283070c8e5a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
3fGaTdcZKkWqfwywMh8XV0uv318qMphW
content-encoding
gzip
etag
"1d990c3b9baa015d75b06e2b876480c1"
age
2
x-cache
HIT
x-amz-replication-status
PENDING
content-length
17364
x-amz-id-2
dUg8FevngnMb6VhS6mjo0ZmdYm5Lw7NgDWTlPv9qDGuUx0cxsd6OuncJyfJfGDEX9zuHbi2NDG8=
x-served-by
cache-ewr18180-EWR
last-modified
Sun, 06 Mar 2022 11:18:44 GMT
server
AmazonS3
x-timer
S1647111516.183421,VS0,VE1
date
Sat, 12 Mar 2022 18:58:36 GMT
vary
Accept-Encoding
x-amz-request-id
ZW3YWY49T1203CQY
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
43
x-cache-hits
1
FLMQ7-RXRAN-ZV6HC-RGFS8-7FQL4
s.go-mpulse.net/boomerang/ Frame 39F6 		205 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/FLMQ7-RXRAN-ZV6HC-RGFS8-7FQL4
Requested by
Host: azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
URL: https://azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com/ezr12ze1r2zerze1r.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:5000:69a::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 18:58:36 GMT
content-encoding
br
last-modified
Mon, 03 Jan 2022 19:16:23 GMT
x-n
S
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
telemetry
heapanalytics.com/api/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=3246578271&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=5&st=1647111516133&hv=4.17.0
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.179.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-179-84.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:36 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
logo-desktop.c48a41d6.png
windowsremodelconnection.com/images/1step/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windowsremodelconnection.com/images/1step/logo-desktop.c48a41d6.png
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/styles/1step.eaf6012e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74abe2e09f5412ad6fbdcb83a0eeb0493087fd5da989d9fe541e2c3516ebcbdb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/styles/1step.eaf6012e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 02:36:33 GMT
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Feb 2022 06:38:27 GMT
server
AmazonS3
age
58924
etag
"eca0d9efecf3d9476bf8cf6fdf9ae46a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
content-length
18505
x-amz-request-id
FBAXJTTPBC1RQYKB
x-amz-id-2
FeObu/wA6Xz6doHXwdzMn8q0g5gH0BLY6nJrMFLIb6tkFzHAEmZIuFYZFOYg6ILmTXTDC8HNJ+A=
x-amz-cf-id
sMHmEyD7QwQ3DoDf1ohzw7Ro0iTFSmO0tylwfP34aWHhIZCzVCbbVg==
desktop-bg.6a5a903e.jpg
windowsremodelconnection.com/images/1step/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windowsremodelconnection.com/images/1step/desktop-bg.6a5a903e.jpg
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/styles/1step.eaf6012e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47ee947b99e287c4ff87900143ed6db134998a32e883f8215016bc2298a8df73

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/styles/1step.eaf6012e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 08:04:22 GMT
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Feb 2022 06:38:27 GMT
server
AmazonS3
age
39255
etag
"8eaecdb7541501e5eaaf0d6aff0d2661"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
content-length
28058
x-amz-request-id
45TSBYBCTCESGSR9
x-amz-id-2
b/+2Bpe0F0RYCpQrWyeov2novox1boyQC9B1bYaIeXLRtDWIobIzekWSHiK3n2l8gQp6m+thK4I=
x-amz-cf-id
YDGooKBYEwsjx2iHGItGqxcC5gf4iXso7SjMyEbD7gO_7jlw4oK5Cg==
check.4fb3ed0b.svg
windowsremodelconnection.com/images/1step/ 		610 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windowsremodelconnection.com/images/1step/check.4fb3ed0b.svg
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/styles/1step.eaf6012e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f600ef6c8086bbf7b9829b75e0fc6f28e6a22ae2359d63c53aa8db766e60f1ee

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/styles/1step.eaf6012e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 09:47:16 GMT
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Feb 2022 06:38:27 GMT
server
AmazonS3
age
465081
etag
"4fb3ed0bed2f441534871faa9aadc25c"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
content-length
610
x-amz-request-id
MPTBV1S2H1P9YS72
x-amz-id-2
6qkKf+emoubjS6xH6jJtXSSbp2XOz7uvQLVn8US43bjf+D/7h1dAsojkIsHbuDB3x8J7ZsGXdEU=
x-amz-cf-id
YjH3MHlL8JaG8kGQW1Hj2X5XLUT9h3JIgnRP-IeQPMo9kSb6CfaQ-Q==
start-here.47dbecab.svg
windowsremodelconnection.com/images/1step/ 		77 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windowsremodelconnection.com/images/1step/start-here.47dbecab.svg
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/styles/1step.eaf6012e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c33d809d0225d39cd51c17b525a3b47cda9f643fb1efc40d0dc43f0ff9685f31

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/styles/1step.eaf6012e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 08:54:56 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 06:38:27 GMT
server
AmazonS3
age
36221
etag
W/"47dbecab437be4eead3d554ba330abdb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
x-amz-request-id
45TPKY7Q69XDXC5Q
x-amz-cf-id
Wlg1rKBIlxK7A5ia5QIiT4zpIUIrgb6-KdzjgLFhRKJoDG3MQ7C_Og==
x-amz-id-2
fh1yy5x9sr/ApPnEX//mip5+TchaQY3tXKU+JScPqJpBdafJoT+qa+OYLm2b1QgNhO/O03jB5qw=
bill-examp.957d5858.svg
windowsremodelconnection.com/images/1step/ 		78 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windowsremodelconnection.com/images/1step/bill-examp.957d5858.svg
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/styles/1step.eaf6012e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab1d5511333c3008dec40b36359493b32c8a2437658ab747ce1acb47ee9d5669

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/styles/1step.eaf6012e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 06:49:55 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 06:38:27 GMT
server
AmazonS3
age
302922
etag
W/"957d58587b1bd4af60ce78eb62386b88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
x-amz-request-id
REXJVGKPNMYCF3Z3
x-amz-cf-id
91uA7miy2xZj7JmBrgqBswM9ga1bWsmJ0MBnG4xWz9V3YVU3aZMQRg==
x-amz-id-2
Y9Ayk8Ej5RuYMBB00qjWj70iCoHuhtYjO/FoX1tHvoPVFhOdLfmySD7JSCVIQRGjrfybN6E6m+I=
featured-logos.69b3b7b5.svg
windowsremodelconnection.com/images/1step/ 		85 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://windowsremodelconnection.com/images/1step/featured-logos.69b3b7b5.svg
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/styles/1step.eaf6012e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a3f04d67c8d7af1b255a2187e4bc9dea090e4ad2a37af3a8a3bb13a76aa05a0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/styles/1step.eaf6012e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 05 Mar 2022 20:35:10 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 06:38:27 GMT
server
AmazonS3
age
599007
etag
W/"69b3b7b5c705f2bd4d31885d8e11167d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
x-amz-request-id
M9NC6K61W2D7QVZT
x-amz-cf-id
VsEsvWAN3BULpCs8xdwXS5Ikoezws5rnNGBKUDL2b09LYPhLKRl5Mw==
x-amz-id-2
uXZfJS3evVJs0UFkYSOS9waBxSv4u7wMmcujAcGHn5NyX0ObGX6mY/EzHCj1AsMSzuMqv+TDmvw=
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b3c0a7708a4701b54b83b6ab406b72957c26f4650542b7593fa9ef5d367236c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Mar 2022 17:45:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 12 Mar 2022 18:58:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Mar 2022 18:58:36 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=790993409&t=pageview&_s=1&dl=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641&dr=https%3A%2F%2Fforwardbellbug.com%2F&ul=en-us&de=UTF-8&dt=Windows%20Remodel%20Connection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=464229100&gjid=1251009276&cid=1741736157.1647111516&tid=UA-1587741-41&_gid=1211178797.1647111516&_r=1&gtm=2wg370TBC2FVC&z=679076429
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://windowsremodelconnection.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://windowsremodelconnection.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
25007399.js
bat.bing.com/p/action/ 		786 B
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25007399.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
1d0d4e92bfa287d448031a08015c23a611c8947e6e80eecbaf539190aab3a8e9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:35 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2474221D372344AC8980E7FA5AE6CE83 Ref B: NYCEDGE0919 Ref C: 2022-03-12T18:58:36Z
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
649
0
bat.bing.com/action/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25007399&Ver=2&mid=d27ac4b2-baf1-4e16-97eb-3a1feab80cc7&sid=6bdd67c0a23611ecb30bd91595167ac5&vid=6bdd6d70a23611ec81d1f50a2926aa67&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Windows%20Remodel%20Connection&p=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641&r=https%3A%2F%2Fforwardbellbug.com%2F&lt=654&evt=pageLoad&msclkid=N&sv=1&rn=982403
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 459B5071A518499A9C83D49E55AB0425 Ref B: NYCEDGE0919 Ref C: 2022-03-12T18:58:36Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1185273/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1185273/trc/3/json?tim=1647111516335&data=%7B%22id%22%3A479%2C%22ii%22%3A%22%2F1step%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1647111516328%2C%22cv%22%3A%2220220306-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641%22%2C%22e%22%3A%22https%3A%2F%2Fforwardbellbug.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dmodernize-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1647111516334%2C%22ref%22%3A%22https%3A%2F%2Fforwardbellbug.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A67%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1185273/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ab5c66132fda2c11cda5ae94b7d7c6b5893cbc87a6842adad83d011cdd2ccd43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
31
date
Sat, 12 Mar 2022 18:58:36 GMT
content-encoding
gzip
server
nginx
x-timer
S1647111516.353587,VS0,VE31
x-served-by
cache-ewr18180-EWR
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2EC33XZG5H&gtm=2oe370&_p=790993409&sr=1600x1200&ul=en-us&cid=1741736157.1647111516&_s=1&dl=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641&dr=https%3A%2F%2Fforwardbellbug.com%2F&dt=Windows%20Remodel%20Connection&sid=1647111516&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2EC33XZG5H&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://windowsremodelconnection.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
904448433032174
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/904448433032174?v=2.9.55&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2544d9c1c0584414e3df45dd029971d8a5a934a300c6c2bbaac0d6c1e937485a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89849
x-xss-protection
0
pragma
public
x-fb-debug
Ns2KURzvAdvyyKWHyAANg/i3gKZMyvFYhu0F6iFb36588U7cB8TcJcT5BrZxSdEzZ0uaGnHzNyJSdJkAfCAGzA==
x-frame-options
DENY
date
Sat, 12 Mar 2022 18:58:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBC2FVC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
08b70144f153af7323a62a35287885ebfebd273e6fa3fee006aae0f3920845b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 18:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17280
x-xss-protection
0
server
cafe
etag
15052708501691636370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 12 Mar 2022 18:58:36 GMT
h
heapanalytics.com/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=3246578271&u=8518182122023118&v=1935960145614308&s=5409855355162124&b=web&tv=4.0&z=0&h=%2F1step%2F&q=%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641&d=windowsremodelconnection.com&t=Windows%20Remodel%20Connection&r=https%3A%2F%2Fforwardbellbug.com%2F&k=src&k=Aff2365&k=pub_id&k=1248926197&k=sub_id&k=690395&k=sub2_id&k=__1_paoapoa__6a921fce20e81d8637641&k=timestamp&k=1647111515947&ts=1647111516384&st=1647111516386
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.179.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-179-84.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:36 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
pixel
q.quora.com/_/ad/b173cecaccc54c0ebe2a971dfcf44b51/ 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/b173cecaccc54c0ebe2a971dfcf44b51/pixel?j=1&u=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641&tag=ViewContent&ts=1647111516389
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.50.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-50-184.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 12 Mar 2022 18:58:36 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Q-Stat
,95e04da8743aa1c2f5325e47f202b0e9,10.0.0.219,58022,96.9.246.196,,15068262361,1,1647111516.489,0.002,,.,0,0,0.004,0.004,-,0,0,197,194,97,10,34729,,,,,,-,
Content-Type
image/gif
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/81673213/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/81673213/?random=1647111516391&cv=9&fst=1647111516391&num=1&label=-kmeCMTt8H0Q6a-5hQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641&ref=https%3A%2F%2Fforwardbellbug.com%2F&tiba=Windows%20Remodel%20Connection&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f31b498bb511c03a8f12bb9c2e7faf48c5e9c072692d9ae1ff73a707396203ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1134
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
me
geoip-js.com/geoip/v2.1/city/ 		1005 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip-js.com/geoip/v2.1/city/me?referrer=https%3A%2F%2Fwindowsremodelconnection.com
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.11.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abec0e7f1dfde964d4bc17f56f1e22a4a88ec35c880fd276aa1f20158f41a19c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 18:58:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/vnd.maxmind.com-city+json; charset=UTF-8; version=2.1
access-control-allow-origin
*
cf-ray
6eaec321fb6ad15b-BUF
content-length
1005
adsct
analytics.twitter.com/i/ 		31 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nwcwy&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4264a145-3b00-4f8e-8117-3ff68f6bd566&tw_document_href=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
5
date
Sat, 12 Mar 2022 18:58:36 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
be6627000148d79095dde129cdcdfc4d516758489557ac9b47f2cc8f6d72f3cc
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nwcwy&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4264a145-3b00-4f8e-8117-3ff68f6bd566&tw_document_href=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
6
date
Sat, 12 Mar 2022 18:58:35 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
caaaafe3ccea9df6438e0026656b31d35a8f9da62656608481ff2d1b0be3bf49
content-length
43
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00ff5730eb3c13483fc9eed3360d531234
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 12 Mar 2022 18:58:36 GMT
content-encoding
gzip
X-TraceId
adc3751e4e3702c3887035370d99ba7a
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00ff5730eb3c13483fc9eed3360d531234&obApiVersion=1.0&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641&optOut=false&bust=06563841396878878
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 12 Mar 2022 18:58:36 GMT
Cache-Control
no-cache
X-TraceId
2a431317eee5a368632a9e915f0bcafc
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
collect
stats.g.doubleclick.net/j/ 		2 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1587741-41&cid=1741736157.1647111516&jid=464229100&gjid=1251009276&_gid=1211178797.1647111516&_u=YEBAAEAAAAAAAC~&z=2083389529
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.11.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1407::9a Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://windowsremodelconnection.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 12 Mar 2022 18:58:36 GMT
content-type
text/plain
access-control-allow-origin
https://windowsremodelconnection.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
icomoon.ed114261.ttf
windowsremodelconnection.com/fonts/icomoon-instantquote/fonts/ 		4 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://windowsremodelconnection.com/fonts/icomoon-instantquote/fonts/icomoon.ed114261.ttf?li1eyf
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/styles/1step.eaf6012e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-117.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3f0236f6661d3f023032614a0911c23803a2a1381a916ffbede8c0b31effa72

Request headers

Referer
https://windowsremodelconnection.com/styles/1step.eaf6012e.css
Origin
https://windowsremodelconnection.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 10:46:11 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 06:38:27 GMT
server
AmazonS3
age
29546
etag
W/"5f09166fca952a1c7933ca63352b18ca"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/font-sfnt
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
x-amz-request-id
SF8RRDY3ZFJP5P8W
x-amz-cf-id
O0gKDLG_wwowmyhtJOcSewRRb2nkG1j7PpM5nBZSptsGn8YEBOPJhA==
x-amz-id-2
4YYQ/q2npJHI5/w5OgF2idNsiULKYMlpqdwUhSX0Nd4Z3zkKviZSCyIeF9ochqFdVHTSO07rfQk=
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://windowsremodelconnection.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 14:45:22 GMT
x-content-type-options
nosniff
age
360794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Mar 2023 14:45:22 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1185273/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2047
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
ya9YfHL2+h7kfbONwfwrmcSkc/1ucChMhuGuDG4Zdj9fLgY5e1BCrs/R9pQhKCogrzb/5nl7Dm4=
x-served-by
cache-ewr18180-EWR
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1647111517.519330,VS0,VE0
date
Sat, 12 Mar 2022 18:58:36 GMT
vary
Accept-Encoding
x-amz-request-id
590MJKFTE581ZB2H
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
46
x-cache-hits
6693
eid.js
cdn.taboola.com/scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1185273/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
17662
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
3dZW8+QHNVAjgs44KIsfEgaFMfU+rOpzAHa/0tfaLZzPrzE2yuwCSIDR/TnHWlPTvdWDjHKtcq0=
x-served-by
cache-ewr18180-EWR
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1647111517.519389,VS0,VE0
date
Sat, 12 Mar 2022 18:58:36 GMT
vary
Accept-Encoding
x-amz-request-id
E0S08ACXVTAWQV5S
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
46
x-cache-hits
52942
clarity.js
www.clarity.ms/eus2-e/s/0.6.31/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-e/s/0.6.31/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/25007399.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2034 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 18:58:35 GMT
content-encoding
br
etag
"1d8314040aa9d00"
last-modified
Sun, 06 Mar 2022 09:55:04 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0XO0sYgAAAAAhRs0eWcswSp0dF98knNcpREZXMzBFREdFMDUxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
content-length
22925
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1059658553/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1059658553/?random=1647111516499&cv=9&fst=1647111516499&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641&ref=https%3A%2F%2Fforwardbellbug.com%2F&tiba=Windows%20Remodel%20Connection&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ed205aa75db541d37dc86be97db359a44fc7fa2bb3329cd65dbdab352d60696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1076
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=904448433032174&ev=PageView&dl=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641&rl=https%3A%2F%2Fforwardbellbug.com%2F&if=false&ts=1647111516527&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1647111516522.928114336&it=1647111516372&coo=false&rqm=GET
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 18:58:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sat, 12 Mar 2022 18:58:36 GMT
/
www.google.com/pagead/1p-user-list/81673213/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/81673213/?random=1647111516391&cv=9&fst=1647108000000&num=1&label=-kmeCMTt8H0Q6a-5hQM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&frm=0&url=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641&ref=https%3A%2F%2Fforwardbellbug.com%2F&tiba=Windows%20Remodel%20Connection&async=1&fmt=3&is_vtc=1&random=1510232913&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.json
c.go-mpulse.net/api/ Frame 39F6 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=FLMQ7-RXRAN-ZV6HC-RGFS8-7FQL4&d=windowsremodelconnection.com&t=5490372&v=1.720.0&if=&sl=0&si=ff4d2c55-4842-4cb7-ac8d-e9c844ac99dd-r8nbdo&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/FLMQ7-RXRAN-ZV6HC-RGFS8-7FQL4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:5000:386::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e1206367bcdb8715ef120eeecca5aefc2347cd41316c4e3145a7d2d2d90e3856

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 12 Mar 2022 18:58:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1099
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1587741-41&cid=1741736157.1647111516&jid=464229100&_u=YEBAAEAAAAAAAC~&z=1183639776
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1059658553/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1059658553/?random=1647111516499&cv=9&fst=1647108000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641&ref=https%3A%2F%2Fforwardbellbug.com%2F&tiba=Windows%20Remodel%20Connection&fmt=3&is_vtc=1&random=2417378126&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: windowsremodelconnection.com
URL: https://windowsremodelconnection.com/1step/?SRC=Aff2365&Pub_ID=1248926197&Sub_ID=690395&Sub2_ID=__1_paoapoa__6a921fce20e81d8637641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1541BE0773E84ED38CE99ED6E7602520&RedC=c.clarity.ms&MXFR=1E9429EC9204608D35CB388996046ED1
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1541BE0773E84ED38CE99ED6E7602520&MUID=2CE5460BA3656662061E576EA2ED6735
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1541BE0773E84ED38CE99ED6E7602520&MUID=2CE5460BA3656662061E576EA2ED6735
Protocol
H2
Server
20.36.253.92 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:36 GMT
last-modified
Wed, 02 Mar 2022 18:00:41 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"eee28e6e5f2ed81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 177FEC48E9584742ABCF02065C9024FE Ref B: NYCEDGE0919 Ref C: 2022-03-12T18:58:36Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1541BE0773E84ED38CE99ED6E7602520&MUID=2CE5460BA3656662061E576EA2ED6735
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
/
173bf104.akstat.io/ 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://173bf104.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/FLMQ7-RXRAN-ZV6HC-RGFS8-7FQL4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:5000:69a::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://windowsremodelconnection.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 18:58:36 GMT
content-type
image/gif
access-control-allow-origin
https://windowsremodelconnection.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Sat, 12 Mar 2022 18:58:36 GMT
collect
k.clarity.ms/ 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.11.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://windowsremodelconnection.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://windowsremodelconnection.com
date
Sat, 12 Mar 2022 18:58:36 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
unip
trc-events.taboola.com/1185273/log/3/ 		0
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1185273/log/3/unip?en=pre_d_eng_tb&tos=1612&scd=67&ssd=1&est=1647111516331&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1647111517944&vi=1647111516328&ri=8d64bc7b89f9038b8a9b59dc4042c091&sd=v2_9b10db0bc2d8f4e5e31904242f6225ab_7d03db1e-afb6-41fe-9318-1fda69bf6c3d-tuct92672dc_1647111516_1647111516_CMCJ4hwQ-atIGKjh_Pv3LyABKAEw4QE4kaQOQLnxD0j4rtsDUMEFWABgAGjb_5X0ga2ul6YBcAE&ui=7d03db1e-afb6-41fe-9318-1fda69bf6c3d-tuct92672dc&ref=https%3A%2F%2Fforwardbellbug.com%2F&cv=20220306-2-RELEASE&item-url=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.11.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://windowsremodelconnection.com
pragma
no-cache
date
Sat, 12 Mar 2022 18:58:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=904448433032174&ev=Microdata&dl=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641&rl=https%3A%2F%2Fforwardbellbug.com%2F&if=false&ts=1647111518031&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Windows%20Remodel%20Connection%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.55&r=stable&ec=1&o=30&fbp=fb.1.1647111516522.928114336&it=1647111516372&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 18:58:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Sat, 12 Mar 2022 18:58:38 GMT
unip
trc-events.taboola.com/1185273/log/3/ 		0
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1185273/log/3/unip?en=pre_d_eng_tb&tos=4614&scd=67&ssd=1&est=1647111516331&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1647111520945&vi=1647111516328&ri=8d64bc7b89f9038b8a9b59dc4042c091&sd=v2_9b10db0bc2d8f4e5e31904242f6225ab_7d03db1e-afb6-41fe-9318-1fda69bf6c3d-tuct92672dc_1647111516_1647111516_CMCJ4hwQ-atIGKjh_Pv3LyABKAEw4QE4kaQOQLnxD0j4rtsDUMEFWABgAGjb_5X0ga2ul6YBcAE&ui=7d03db1e-afb6-41fe-9318-1fda69bf6c3d-tuct92672dc&ref=https%3A%2F%2Fforwardbellbug.com%2F&cv=20220306-2-RELEASE&item-url=https%3A%2F%2Fwindowsremodelconnection.com%2F1step%2F%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.11.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://windowsremodelconnection.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://windowsremodelconnection.com
pragma
no-cache
date
Sat, 12 Mar 2022 18:58:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored string| hash object| heapIsDevEnv string| gtm_container_ID boolean| isQSPage object| heap object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| setCookie function| getParam object| gclid undefined| gclsrc object| uetq function| fbq function| _fbq function| obApi function| qp function| twq object| _tfa object| BOOMR number| BOOMR_lstart function| loadDeferredStyles function| raf function| _typeof object| Footer function| $ function| jQuery object| modUtils function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| modForm object| geoip2 object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push object| ueto_f5821e9c97 object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| twttr object| Sentry object| __SENTRY__ function| onYouTubeIframeAPIReady object| google_conversion_id object| google_custom_params object| google_remarketing_only object| qevents function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| isNonTyp object| BOOMR_mq function| clarity object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| __trcWarn number| BOOMR_configt object| _bmrEvents number| BOOMR_onload

30 Cookies

Domain/Path Name / Value
.taboola.com/modernize-network/ Name: taboola_session_id
Value: v2_9b10db0bc2d8f4e5e31904242f6225ab_7d03db1e-afb6-41fe-9318-1fda69bf6c3d-tuct92672dc_1647111516_1647111516_CMCJ4hwQ-atIGKjh_Pv3LyABKAEw4QE4kaQOQLnxD0j4rtsDUMEFWABgAGjb_5X0ga2ul6YBcAE
forwardbellbug.com/ Name: uid10857
Value: 1248926197-20220312135835-5ba594ac5bc6e9596d6fa4a004c16cab-
.windowsremodelconnection.com/ Name: _gcl_au
Value: 1.1.668799539.1647111516
.windowsremodelconnection.com/ Name: _hp2_props.3246578271
Value: %7B%22src%22%3A%22Aff2365%22%2C%22pub_id%22%3A%221248926197%22%2C%22sub_id%22%3A%22690395%22%2C%22sub2_id%22%3A%22__1_paoapoa__6a921fce20e81d8637641%22%2C%22timestamp%22%3A1647111515947%7D
.bing.com/ Name: MUID
Value: 2CE5460BA3656662061E576EA2ED6735
.bat.bing.com/ Name: MR
Value: 0
.windowsremodelconnection.com/ Name: _gid
Value: GA1.2.1211178797.1647111516
.windowsremodelconnection.com/ Name: _gat_UA-1587741-41
Value: 1
.windowsremodelconnection.com/ Name: _uetsid
Value: 6bdd67c0a23611ecb30bd91595167ac5
.windowsremodelconnection.com/ Name: _uetvid
Value: 6bdd6d70a23611ec81d1f50a2926aa67
.windowsremodelconnection.com/ Name: _ga_2EC33XZG5H
Value: GS1.1.1647111516.1.0.1647111516.0
.windowsremodelconnection.com/ Name: _ga
Value: GA1.1.1741736157.1647111516
.windowsremodelconnection.com/ Name: _hp2_id.3246578271
Value: %7B%22userId%22%3A%228518182122023118%22%2C%22pageviewId%22%3A%221935960145614308%22%2C%22sessionId%22%3A%225409855355162124%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.taboola.com/ Name: t_gid
Value: 7d03db1e-afb6-41fe-9318-1fda69bf6c3d-tuct92672dc
.windowsremodelconnection.com/ Name: _hp2_ses_props.3246578271
Value: %7B%22r%22%3A%22https%3A%2F%2Fforwardbellbug.com%2F%22%2C%22ts%22%3A1647111516384%2C%22d%22%3A%22windowsremodelconnection.com%22%2C%22h%22%3A%22%2F1step%2F%22%2C%22q%22%3A%22%3FSRC%3DAff2365%26Pub_ID%3D1248926197%26Sub_ID%3D690395%26Sub2_ID%3D__1_paoapoa__6a921fce20e81d8637641%22%7D
.windowsremodelconnection.com/ Name: _fbp
Value: fb.1.1647111516522.928114336
.t.co/ Name: muc_ads
Value: 72f8ec26-c675-4e0f-8b2f-43e1a5879400
windowsremodelconnection.com/ Name: outbrain_cid_fetch
Value: true
.twitter.com/ Name: personalization_id
Value: "v1_xEOfSOZVe+pLnbuF+9HtOQ=="
.doubleclick.net/ Name: IDE
Value: AHWqTUmK4MTKCA24PvcwqWCLlno2R3F41nr-2vwo-Bnb1FITz6Vv-7YBkrYC3ItY
.facebook.com/ Name: fr
Value: 0ZDRxDlba4CKWDltT..BiLO1c...1.0.BiLO1c.
.windowsremodelconnection.com/ Name: _clck
Value: 1j60wat|1|ezp|0
.windowsremodelconnection.com/ Name: RT
Value: "z=1&dm=windowsremodelconnection.com&si=a0d7607f-6b7d-4f9e-9c69-2a3d955eaac4&ss=l0o7o3cq&sl=1&tt=vi&bcn=%2F%2F173bf104.akstat.io%2F&ld=vm"
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2CE5460BA3656662061E576EA2ED6735
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2CE5460BA3656662061E576EA2ED6735
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.windowsremodelconnection.com/ Name: _clsk
Value: 1eg4yh4|1647111516991|1|1|k.clarity.ms/collect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

173bf104.akstat.io
a.quora.com
ackulatchadies.org
amplify.outbrain.com
analytics.twitter.com
azetrzatrazezaeezrezrzer.s3.us-west-2.amazonaws.com
bat.bing.com
browser.sentry-cdn.com
c.bing.com
c.clarity.ms
c.go-mpulse.net
cdn.heapanalytics.com
cdn.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forwardbellbug.com
geoip-js.com
googleads.g.doubleclick.net
heapanalytics.com
k.clarity.ms
modernize.com
q.quora.com
s.go-mpulse.net
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
windowsremodelconnection.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.244.42.133
104.244.42.67
13.226.26.117
141.226.224.48
142.251.40.226
151.101.65.2
151.101.65.44
199.232.64.157
20.36.253.92
20.96.88.162
209.236.123.153
23.52.162.190
2600:141b:5000:386::11a6
2600:141b:5000:69a::11a6
2600:9000:21da:a200:e:1a42:df40:93a1
2606:4700::6812:bef
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2003
2607:f8b0:4006:817::200e
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::2008
2607:f8b0:4006:824::2004
2607:f8b0:4023:1407::9a
2620:1ec:27::cafe:2034
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::729
3.230.50.184
34.201.179.84
52.218.183.130
54.230.162.105
64.202.112.223
66.152.183.178
03577280b52d89dd62ec40d51da3ee6a661743d75a256a33176be63bd2ae5c23
08b70144f153af7323a62a35287885ebfebd273e6fa3fee006aae0f3920845b5
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
128756bb951a63afce85b8e6a9568b1d1a6c6e66ac9fb632551a4fd54898d6f2
12bcbf533122e22149093ee4466e089645dbb64eee2b61cd9666b6c0b71ec8b1
1b3c0a7708a4701b54b83b6ab406b72957c26f4650542b7593fa9ef5d367236c
1d0d4e92bfa287d448031a08015c23a611c8947e6e80eecbaf539190aab3a8e9
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
2544d9c1c0584414e3df45dd029971d8a5a934a300c6c2bbaac0d6c1e937485a
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
456b38d823376bf941b3a1ae4850e43bb85cf25a04a2df6c719a9c867c99c7e0
47ee947b99e287c4ff87900143ed6db134998a32e883f8215016bc2298a8df73
4958747ac4e2bbe143f4d9af16129fc1fc7e655a338d50a773ac86dcf5ab0e09
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c02383f6d2bcaa4f9771e2c00507b981fc0f173a0087562e3b979446ee0289
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6a17920dcfc826778df74d849ce150d08fd10d94f35360dfd61f2028c39cb7fe
6ed205aa75db541d37dc86be97db359a44fc7fa2bb3329cd65dbdab352d60696
74abe2e09f5412ad6fbdcb83a0eeb0493087fd5da989d9fe541e2c3516ebcbdb
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8a3f04d67c8d7af1b255a2187e4bc9dea090e4ad2a37af3a8a3bb13a76aa05a0
8e885457ba20624b6b2ce062f0c9f63adaa4e8b215cf068bdf701a6c819b9e5d
91838e77891cdadabc73f55b9e3f3ed1af2b510684ee761f7d8a381edd5a09ee
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cb0e1f9c2424fa8326d7aa035e1cc92073377c81cae82aa9eb8ce41eec4020e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a70cbada117aff10c903e91f49b4bc7a55df6ad7b5061013a4d69283070c8e5a
ab1d5511333c3008dec40b36359493b32c8a2437658ab747ce1acb47ee9d5669
ab5c66132fda2c11cda5ae94b7d7c6b5893cbc87a6842adad83d011cdd2ccd43
abec0e7f1dfde964d4bc17f56f1e22a4a88ec35c880fd276aa1f20158f41a19c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afa38d01b9859733fd204b0f77f80c1f654f01043ae5e1ad44d0a8da8b2ef71d
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b3f0236f6661d3f023032614a0911c23803a2a1381a916ffbede8c0b31effa72
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd27d0ff99790df59dc0f6ac54c0a907e04ec314dfe8b4952b315ca1cb765522
c33d809d0225d39cd51c17b525a3b47cda9f643fb1efc40d0dc43f0ff9685f31
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c9792d56ca9da6fbf1362b8e42e7463e41c54a63ceff328028256def305edbaa
d18c396df69ec91924cba228596bdab5c398036a1595d8c3c758699d33599b0d
d4ae2fdc500d356b306604cf7a3779cec87a8558c57da282279fea5ad938da1a
ddc1856b74e219b7dc3a7df5b2d4bfea214c518a2d630f55766ebaee30a23f51
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0564d721a85a96093aaae558437aa2e1973c55bfda97349bb318a3319dc24d7
e1206367bcdb8715ef120eeecca5aefc2347cd41316c4e3145a7d2d2d90e3856
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fd6b8cd7e8b0d35069896dcb2f720bc293c1680d1866f512ef2675a5c4b5f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c3662ec76e95238350127282ed1e80444c46ca3d67092cf8eb782f93fc15df
f31b498bb511c03a8f12bb9c2e7faf48c5e9c072692d9ae1ff73a707396203ad
f600ef6c8086bbf7b9829b75e0fc6f28e6a22ae2359d63c53aa8db766e60f1ee