qualitywindowsdirect.com Open in urlscan Pro
198.154.88.118 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://objects-us-east-1.dream.io/renerenebelingaudlahomebsatstajdr/iisodo59helps9igjjii.html
Effective URL:
https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b...
Submission Tags: @phish_report
Submission: On December 10 via api (December 10th 2023, 5:40:17 pm UTC) from FI — Scanned from US

Summary HTTP 87 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 1 countries across 20 domains to perform 87 HTTP transactions. The main IP is 198.154.88.118, located in Los Angeles, United States and belongs to 24SHELLS, US. The main domain is qualitywindowsdirect.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 13th 2023. Valid for: a year.

This is the only time qualitywindowsdirect.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
1	2607:f298:5:e... 2607:f298:5:ee00::33	26347 (DREAMHOST-AS) (DREAMHOST-AS)
1 1	216.107.139.115 216.107.139.115	21769 (AS-COLOAM) (AS-COLOAM)
1 1	18.210.241.9 18.210.241.9	14618 (AMAZON-AES) (AMAZON-AES)
23	198.154.88.118 198.154.88.118	55081 (24SHELLS) (24SHELLS)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2600:141b:1c0... 2600:141b:1c00:2391::14a9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	3.222.162.167 3.222.162.167	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:25c... 2600:9000:25c8:2000:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
3	34.192.154.63 34.192.154.63	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.224.208.146 13.224.208.146	16509 (AMAZON-02) (AMAZON-02)
87	20

1 2607:f298:5:ee00::33 (United States)

ASN26347 (DREAMHOST-AS, US)

objects-us-east-1.dream.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.107.139.115 (New York, United States) 1 redirects

ASN21769 (AS-COLOAM, US)
PTR: 115.128.107.216-rdns.colocationamerica.com

www.dt2dt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.241.9 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-241-9.compute-1.amazonaws.com

www.edgetrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 198.154.88.118 (Los Angeles, United States)

ASN55081 (24SHELLS, US)
PTR: corporate.abilitybusinesscomputing.com

qualitywindowsdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hits.ecdashboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.130 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:1c00:2391::14a9 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn-4.convertexperiments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.222.162.167 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-162-167.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25c8:2000:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.192.154.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-154-63.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.208.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-208-146.phl50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	qualitywindowsdirect.com qualitywindowsdirect.com	554 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	249 KB
5	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 27972 cdn.trustedform.com — Cisco Umbrella Rank: 32256	37 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	301 B
4	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	leadid.com create.leadid.com — Cisco Umbrella Rank: 17342	2 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 152	823 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	4 KB
3	ecdashboard.com hits.ecdashboard.com	8 KB
2	convertexperiments.com cdn-4.convertexperiments.com — Cisco Umbrella Rank: 8877 logs.convertexperiments.com Failed 1004597.metrics.convertexperiments.com Failed	132 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	174 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	37 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	50 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340	60 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 30995	39 KB
1	edgetrk.com 1 redirects www.edgetrk.com	2 KB
1	dt2dt.com 1 redirects www.dt2dt.com	364 B
1	dream.io objects-us-east-1.dream.io — Cisco Umbrella Rank: 680376	544 B
0	trueleadid.com Failed deviceid.trueleadid.com Failed
87	20

	Domain	Requested by
20	qualitywindowsdirect.com	qualitywindowsdirect.com cdn-4.convertexperiments.com
6	connect.facebook.net	qualitywindowsdirect.com connect.facebook.net
4	www.facebook.com	qualitywindowsdirect.com
4	bat.bing.com	qualitywindowsdirect.com bat.bing.com
3	create.leadid.com	create.lidstatic.com
3	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
3	hits.ecdashboard.com	qualitywindowsdirect.com
2	www.google.com	qualitywindowsdirect.com
2	cdn.trustedform.com	qualitywindowsdirect.com api.trustedform.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	cdn-4.convertexperiments.com	qualitywindowsdirect.com
2	www.googletagmanager.com	qualitywindowsdirect.com
2	www.googleadservices.com	qualitywindowsdirect.com
2	cdn.jsdelivr.net	qualitywindowsdirect.com
2	ajax.googleapis.com	qualitywindowsdirect.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	create.lidstatic.com	qualitywindowsdirect.com
1	www.edgetrk.com	1 redirects
1	www.dt2dt.com	1 redirects
1	objects-us-east-1.dream.io
0	1004597.metrics.convertexperiments.com Failed	cdn-4.convertexperiments.com
0	logs.convertexperiments.com Failed	cdn-4.convertexperiments.com
0	deviceid.trueleadid.com Failed	d2m2wsoho8qq12.cloudfront.net
87	25

This site contains no links.

Subject Issuer	Validity	Valid
*.objects-us-east-1.dream.io USERTrust RSA Domain Validation Secure Server CA	`2023-03-30` - `2024-04-06`	a year	crt.sh
qualitywindowsdirect.com Go Daddy Secure Certificate Authority - G2	`2023-04-13` - `2024-05-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.convertexperiments.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-09` - `2024-11-09`	a year	crt.sh
*.ecdashboard.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-23` - `2024-02-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-19` - `2023-12-18`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-08-21` - `2024-09-17`	a year	crt.sh
*.trustedform.com Amazon RSA 2048 M03	`2023-08-11` - `2024-09-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Frame ID: 5372470F3411A9F5CB0F0A7F67DC155F
Requests: 86 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F8EF5BD8-E4C6-6B3F-B4BE-DACC997D5345&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4
Frame ID: 072F8AA145D25F33504450D8FDCE765F
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=F8EF5BD8-E4C6-6B3F-B4BE-DACC997D5345&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4
Frame ID: 3FBB7AB3A83F484DBB54422279CE9379
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Renewal By Andersen - Window Replacement

Page URL History Show full URLs

https://objects-us-east-1.dream.io/renerenebelingaudlahomebsatstajdr/iisodo59helps9igjjii.html Page URL
https://www.dt2dt.com/xDfN8QtV2_GhBE8fWQ8zNhbndYpotTj1rKAH5ilOLvTiDJ7JXjjpVXpTLJPMaNcwoe_gw1rzHHAR... HTTP 302
https://www.edgetrk.com/aff_c?offer_id=992&aff_id=1871&aff_sub=822733&aff_sub2=747287181 HTTP 302
https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=... Page URL
https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

87
Requests

71 %
HTTPS

67 %
IPv6

20
Domains

25
Subdomains

20
IPs

1
Countries

1374 kB
Transfer

3464 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://objects-us-east-1.dream.io/renerenebelingaudlahomebsatstajdr/iisodo59helps9igjjii.html Page URL
https://www.dt2dt.com/xDfN8QtV2_GhBE8fWQ8zNhbndYpotTj1rKAH5ilOLvTiDJ7JXjjpVXpTLJPMaNcwoe_gw1rzHHARftn8NLSBkW5Cd-3zrF2xKsN0Zr3rF_M~ HTTP 302
https://www.edgetrk.com/aff_c?offer_id=992&aff_id=1871&aff_sub=822733&aff_sub2=747287181 HTTP 302
https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051 Page URL
https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://www.dt2dt.com/xDfN8QtV2_GhBE8fWQ8zNhbndYpotTj1rKAH5ilOLvTiDJ7JXjjpVXpTLJPMaNcwoe_gw1rzHHARftn8NLSBkW5Cd-3zrF2xKsN0Zr3rF_M~ HTTP 302
https://www.edgetrk.com/aff_c?offer_id=992&aff_id=1871&aff_sub=822733&aff_sub2=747287181 HTTP 302
https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Request Chain 25

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17022300145500.8273589516385833&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17022300145500.8273589516385833&invert_field_sensitivity=false

87 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK iisodo59helps9igjjii.html Show response
objects-us-east-1.dream.io/renerenebelingaudlahomebsatstajdr/ 226 B
544 B 219ms
74ms Document
text/html 2607:f298:5:ee00::33
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://objects-us-east-1.dream.io/renerenebelingaudlahomebsatstajdr/iisodo59helps9igjjii.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f298:5:ee00::33 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
Software: /
Resource Hash: c1c2f60ff81b61b395b73add97dda6bed242aeb6eb8201dba2993c692bd574b6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 226
content-type: text/html
date: Sun, 10 Dec 2023 17:40:12 GMT
etag: "61bd24324c47a102ebc23445584a3a25"
last-modified: Sun, 10 Dec 2023 00:57:06 GMT
x-amz-request-id: tx00000225daaec5d8ad2c3-006575f7fc-2524511fc-us-east-1-iad1
x-rgw-object-type: Normal

GET
H2

200

rbaw40-200.aspx Show response
qualitywindowsdirect.com/
Redirect Chain

https://www.dt2dt.com/xDfN8QtV2_GhBE8fWQ8zNhbndYpotTj1rKAH5ilOLvTiDJ7JXjjpVXpTLJPMaNcwoe_gw1rzHHARftn8NLSBkW5Cd-3zrF2xKsN0Zr3rF_M~
https://www.edgetrk.com/aff_c?offer_id=992&aff_id=1871&aff_sub=822733&aff_sub2=747287181
https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

38 KB
13 KB

792ms
317ms

Document
text/html

198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2c391d6fe93c30d44048aa3ad9820fcfe5ef34c70dda6e4598c9077f4817a39b

Request headers

Referer: https://objects-us-east-1.dream.io/renerenebelingaudlahomebsatstajdr/iisodo59helps9igjjii.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 13070
content-type: text/html; charset=utf-8
date: Sun, 10 Dec 2023 17:40:12 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 339
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 10 Dec 2023 17:40:12 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 1029122a14f683eb789b2814e12051
X-Request-Id: 20a3e563aa180e8cc0de400bc17f845a
X-Robots-Tag: noindex, nofollow

GET
H2 200 stylewiz.min.css
qualitywindowsdirect.com/css/ 14 KB
3 KB 294ms
288ms Stylesheet
text/css 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://qualitywindowsdirect.com/css/stylewiz.min.css?v=3
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb011432c5afd993d82ac08722927e02282d37fcf8bb98be3d645b98dab00cbf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
content-encoding: gzip
last-modified: Mon, 20 Nov 2023 14:14:16 GMT
server: Microsoft-IIS/10.0
etag: "02c25d8bb1bda1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3243

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.0/ 85 KB
30 KB 219ms
45ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30433
x-xss-protection: 0
last-modified: Wed, 17 May 2023 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:02:31 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 211ms
37ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qualitywindowsdirect.com/
Origin: https://qualitywindowsdirect.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 10 Dec 2023 17:40:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 15753255
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
x-served-by: cache-fra-eddf8230097-FRA, cache-ewr18150-EWR
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazy_load.min.js Show response
qualitywindowsdirect.com/scripts/ 443 B
477 B 167ms
163ms Script
application/javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://qualitywindowsdirect.com/scripts/lazy_load.min.js
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0811891616a17255b9aec069d53ae29d5dc0a507f8b476dac05fb7d6bfb9b3a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
content-encoding: gzip
last-modified: Fri, 11 Aug 2023 20:53:52 GMT
server: Microsoft-IIS/10.0
etag: "c6fcb4ef95ccd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 354

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 50 KB
19 KB 276ms
104ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

16b4cf2b9a4908b20dff3b6c586bc3209fdf4bf53ea4f1fa2827cbffe4ceb070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18842
x-xss-protection: 0
server: cafe
etag: 9826982868918577658
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 17:40:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 213ms
81ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M50V1ZE013

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca9400fd9544d1f2f3691c3f93c61f3c135cbd7f4b7531ce3fd8374d81ae4938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88792
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 17:40:14 GMT

GET
H2 200 1004702-1004597.js Show response
cdn-4.convertexperiments.com/js/ 220 KB
66 KB 240ms
86ms Script
application/javascript 2600:141b:1c00:2391::14a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-4.convertexperiments.com/js/1004702-1004597.js
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2391::14a9 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3a1759c10db69de3a1b49bb51f697bbce177390c449c3244c416d45d81ff7bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 10 Dec 2023 17:40:14 GMT
content-encoding: gzip
cache-control: public, max-age=300
content-type: application/javascript
vary: Accept-Encoding
expires: Sun, 10 Dec 2023 17:45:14 GMT

GET
H2 200 FP.js Show response
hits.ecdashboard.com/JS/ 14 KB
4 KB 871ms
336ms Script
application/javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://hits.ecdashboard.com/JS/FP.js
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 07d81e29da2b847c60281b9e084fe58ddf894ba5c6a60f395adf10aa4ad3d405

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 13:44:40 GMT
server: Microsoft-IIS/10.0
etag: "0d44a5c7cad91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800
accept-ranges: bytes
content-length: 3840

GET
H2 200 LOGO-rba-horiz.webp
qualitywindowsdirect.com/images/ 66 KB
66 KB 298ms
294ms Image
image/webp 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualitywindowsdirect.com/images/LOGO-rba-horiz.webp
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 86da4f4a409902ef36f13e0bf3015dd1ef15ed8cb994417e0e16d6cb877519e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
last-modified: Mon, 20 Nov 2023 14:14:18 GMT
server: Microsoft-IIS/10.0
etag: "a4e96bd9bb1bda1:0"
x-powered-by: ASP.NET
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 67766

GET
H2 200 wizard-hero-bogo.webp
qualitywindowsdirect.com/img/ 93 KB
93 KB 434ms
430ms Image
image/webp 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualitywindowsdirect.com/img/wizard-hero-bogo.webp
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b3c1617ee4bc9f12cfdb077cd6f6204a9ce0730ba20ee6af9de4d26f7e5115c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
last-modified: Mon, 20 Nov 2023 14:14:20 GMT
server: Microsoft-IIS/10.0
etag: "1791b1dabb1bda1:0"
x-powered-by: ASP.NET
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 94798

GET
H2 200 WebResource.axd Show response
qualitywindowsdirect.com/ 23 KB
6 KB 299ms
298ms Script
application/x-javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://qualitywindowsdirect.com/WebResource.axd?d=2aV1WIu0IZzg-OkuH8Z47LQqy5hIFL1v3qo4pfEcl5KN-qSfqwdgdIoQX-X_uPRM1t14zHMWIepO3a0LODDLew8DqRK_EFY6Y6XoeT7yBjU1&t=638285921964787378
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
content-encoding: gzip
last-modified: Sat, 26 Aug 2023 00:29:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
content-length: 6007
expires: Mon, 09 Dec 2024 00:04:55 GMT

GET
H2 200 WebResource.axd Show response
qualitywindowsdirect.com/ 26 KB
7 KB 128ms
128ms Script
application/x-javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://qualitywindowsdirect.com/WebResource.axd?d=R05Ui2250bMqjj7iRx7vu1WP_gYCyIUr-a1Jy0wUxrMeEMp92IB5iNfATMzT8nGuLcRENY__p-lNXVakKqv072LLqfcDyA5L_8ymzXgpIyg1&t=638285921964787378
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
content-encoding: gzip
last-modified: Sat, 26 Aug 2023 00:29:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
content-length: 7228
expires: Mon, 09 Dec 2024 00:04:55 GMT

GET
H2 200 loader-4stepc-1.png
qualitywindowsdirect.com/images/ 9 KB
9 KB 200ms
200ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualitywindowsdirect.com/images/loader-4stepc-1.png
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: affeabc6c91c8b24f2ca14ee22d3bebeaa0f21532819a8f839665ac14f0b076c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
last-modified: Thu, 13 Apr 2023 19:10:51 GMT
server: Microsoft-IIS/10.0
etag: "f67ef2a93b6ed91:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 9154

GET
H2 200 loader-4stepc-2.png
qualitywindowsdirect.com/images/ 8 KB
8 KB 170ms
169ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualitywindowsdirect.com/images/loader-4stepc-2.png
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 70ed9ad8db98c0ab2e416f6784e5b32ab619dc391e7285168e54a38cfdefad43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
last-modified: Thu, 13 Apr 2023 19:10:51 GMT
server: Microsoft-IIS/10.0
etag: "c65aaa3b6ed91:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 8452

GET
H2 200 loader-4stepc-3.png
qualitywindowsdirect.com/images/ 8 KB
8 KB 170ms
169ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualitywindowsdirect.com/images/loader-4stepc-3.png
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1d80d663dae3b6ffb88b990ac3c10442647699e1d43fa8fd0f2987ac3c30a5b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
last-modified: Thu, 13 Apr 2023 19:10:52 GMT
server: Microsoft-IIS/10.0
etag: "4ed31faa3b6ed91:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 7710

GET
H2 200 loader-4stepc-4.png
qualitywindowsdirect.com/images/ 7 KB
7 KB 167ms
164ms Image
image/png 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualitywindowsdirect.com/images/loader-4stepc-4.png
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4b2fa0831336d38214955b2eed34b56fc88401f7b8d9adf759a2bad4e9e2cafc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
last-modified: Thu, 13 Apr 2023 19:10:52 GMT
server: Microsoft-IIS/10.0
etag: "13a737aa3b6ed91:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 6920

GET
H2 200 logo-footer.webp
qualitywindowsdirect.com/img/ 10 KB
10 KB 168ms
165ms Image
image/webp 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualitywindowsdirect.com/img/logo-footer.webp
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: df71d382d4cc0edd5c8e58b83442e5c5e4046407098ecd1eb034c6dad122729b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
last-modified: Mon, 20 Nov 2023 18:03:42 GMT
server: Microsoft-IIS/10.0
etag: "567e4e5db1bda1:0"
x-powered-by: ASP.NET
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 10128

GET
H2 200 scripts5.min.js Show response
qualitywindowsdirect.com/scripts/ 1021 B
612 B 209ms
207ms Script
application/javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://qualitywindowsdirect.com/scripts/scripts5.min.js
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 87fa7ad386402eb066b9b17a38c357d13fd870be51679d81c2dc20955bfde341

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
content-encoding: gzip
last-modified: Sun, 06 Aug 2023 12:27:37 GMT
server: Microsoft-IIS/10.0
etag: "9deb6a6261c8d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 506

GET
H2 200 Functions.min.js Show response
qualitywindowsdirect.com/scripts/ 4 KB
1 KB 171ms
170ms Script
application/javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://qualitywindowsdirect.com/scripts/Functions.min.js?ver=4987
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4145eb38affc9b3335b672593a320382b893366710c4e9457c1e1cd06ba0916e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2023 18:33:21 GMT
server: Microsoft-IIS/10.0
etag: "802e9ef7a6cfd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 1134

GET
H2 200 phone.min.js Show response
qualitywindowsdirect.com/scripts/ 339 B
417 B 210ms
208ms Script
application/javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://qualitywindowsdirect.com/scripts/phone.min.js
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca5e1cf2ee31713ad1f338bf645cbfa525e828f673a32a0a6564e25bcf3c8656

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
content-encoding: gzip
last-modified: Sun, 06 Aug 2023 12:27:41 GMT
server: Microsoft-IIS/10.0
etag: "f75d96461c8d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 312

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/874974045/ 2 KB
2 KB 211ms
72ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874974045/?random=1702230013992&cv=9&fst=1702230013992&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&ref=https%3A%2F%2Fobjects-us-east-1.dream.io%2F&tiba=Renewal%20By%20Andersen%20-%20Window%20Replacement&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

356220d7c15be343d5351e1dbcade41f6c811baeed5f32bede56cfc53cac250d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 17:40:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1437
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 183ms
51ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 10 Dec 2023 17:40:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: kFLBr9Bkr4kAKMCpliaDUi40TX8C4W5ASJeBNRGNC8muqxQFdEha1x3BX+SQ9Hp3T2FKPyxMhger4JBOaeySCA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 eb4a05a4-8a53-c2b0-b337-640a489815f4.js
create.lidstatic.com/campaign/ 123 KB
39 KB 331ms
180ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:14 GMT
x-amz-version-id: pOl5.3fz5xVkwWJTirFZl9EVsyEBI010
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 12 Nov 2021 01:28:04 GMT
server: cloudflare
x-amz-request-id: MYYS04BJC90408VA
etag: W/"23f60186afbe149fd3f5b271d1d5c40d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 83374597fc83c47f-EWR
x-amz-id-2: v3HsMUbK4YXnqn5mCVH9+a4BZMmj0cB1/wqKvlWcZhs+lKT4AmlmN2XCQkPWRomJY7xMemsM85YXWlfn0PlVIw==

GET
H2

200

bootstrap.js
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17022300145500.8273589516385833&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17022300145500.8273589516385833&invert_field_sensitivity=false

8 KB
4 KB

295ms
69ms

Script
application/javascript

2600:9000:25c8:2000:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17022300145500.8273589516385833&invert_field_sensitivity=false
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Server: 2600:9000:25c8:2000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:16 GMT
x-amz-version-id: D_l7Wi1wOYgTC52uzRMI5HnwJykAKtLr
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 19:52:40 GMT
server: AmazonS3
via: 1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
etag: W/"e11406d1e7ba652ddbe0623e1207c210"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: QRmPwod-5VSxisbyLdtVNcLBykslxTCQwlVsgaHDe3SWw4uxGP0jFQ==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17022300145500.8273589516385833&invert_field_sensitivity=false
date: Sun, 10 Dec 2023 17:40:14 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 204ms
62ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 10 Dec 2023 17:40:13 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC9C10D5A0EB410DA6C4AFFBF14371EC Ref B: PHL30EDGE0116 Ref C: 2023-12-10T17:40:14Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 204 Track.aspx
hits.ecdashboard.com/ 0
110 B 309ms
309ms Image
text/html 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hits.ecdashboard.com/Track.aspx?EVTID=1547&ECCMP=6198%7C%7C1871%7C%7C822733%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C&ECUID=1702230014943.182%7C%7C12/10/2023%207%3A40%3A14&AMT=0&cvid=&cvprm1=&cvprm2=&ECURL=https%3A//objects-us-east-1.dream.io/%7C%7Chttps%3A//qualitywindowsdirect.com/rbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&ECSUP=%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C0%7C%7C&rnd=1702230014864.337&FH=true&CurURL=https%3A//qualitywindowsdirect.com/rbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&PT=Renewal%20By%20Andersen%20-%20Window%20Replacement&res=1600x1200&bws=Netscape
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 17:40:14 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
cache-control: no-cache, no-store
expires: -1

GET
H2 200 wizard-bg.webp
qualitywindowsdirect.com/img/ 238 KB
239 KB 225ms
225ms Image
image/webp 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualitywindowsdirect.com/img/wizard-bg.webp
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/css/stylewiz.min.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/css/stylewiz.min.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:13 GMT
last-modified: Mon, 20 Nov 2023 14:14:20 GMT
server: Microsoft-IIS/10.0
etag: "1eceecdabb1bda1:0"
x-powered-by: ASP.NET
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 244172

GET
H2 200 /
www.google.com/pagead/1p-user-list/874974045/ 42 B
455 B 349ms
70ms Image
image/gif 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/874974045/?random=1702230013992&cv=9&fst=1702227600000&num=1&guid=ON&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&ref=https%3A%2F%2Fobjects-us-east-1.dream.io%2F&tiba=Renewal%20By%20Andersen%20-%20Window%20Replacement&fmt=3&is_vtc=1&cid=CAQSGwDICaaN9rvlCPxHFUiMFZBDM07aJ1Nykm3t7Q&random=1478471016&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 17:40:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 56111058.js
bat.bing.com/p/action/ 0
118 B 80ms
79ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56111058.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 10 Dec 2023 17:40:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CFFB5DDA606D4B5288FDF2A94E26C0B8 Ref B: PHL30EDGE0116 Ref C: 2023-12-10T17:40:14Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 104ms
104ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56111058&Ver=2&mid=5c010c1f-581b-4c27-944a-a287ec2d2b39&sid=2d1326d0978311eea6f4f73a0c27a17c&vid=2d1362e0978311ee8d04ef89263e3876&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Renewal%20By%20Andersen%20-%20Window%20Replacement&p=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&r=https%3A%2F%2Fobjects-us-east-1.dream.io%2F&lt=2452&evt=pageLoad&sv=1&rn=851775

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 10 Dec 2023 17:40:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C750C614865A4BF6883F66D02FA08E21 Ref B: PHL30EDGE0116 Ref C: 2023-12-10T17:40:14Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 448499548883718
connect.facebook.net/signals/config/ 140 KB
36 KB 62ms
61ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/448499548883718?v=2.9.138&r=stable&domain=qualitywindowsdirect.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 10 Dec 2023 17:40:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37033
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 9fMXHZUzhbW2kPgs9qaZjga/eSPtl3njaQxVX4hMN7zYFOeEaUH7UNlVVr5AcjXpC7tTqQDuP27EBNp6mq7btA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
260 B 251ms
101ms Ping
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M50V1ZE013&gtm=45je3bt0v890954899&_p=1702230014000&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=502209459.1702230015&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702230014&sct=1&seg=0&dl=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&dr=https%3A%2F%2Fobjects-us-east-1.dream.io%2F&dt=Renewal%20By%20Andersen%20-%20Window%20Replacement&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2774
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M50V1ZE013
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 17:40:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qualitywindowsdirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 252ms
102ms Ping
text/plain 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M50V1ZE013&cid=502209459.1702230015&gtm=45je3bt0v890954899&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M50V1ZE013
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 17:40:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qualitywindowsdirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Primary Request rbaw40-200.aspx Show response
qualitywindowsdirect.com/ 38 KB
13 KB 526ms
525ms Document
text/html 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Requested by: Host: cdn-4.convertexperiments.com
URL: https://cdn-4.convertexperiments.com/js/1004702-1004597.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2c391d6fe93c30d44048aa3ad9820fcfe5ef34c70dda6e4598c9077f4817a39b

Request headers

Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 13070
content-type: text/html; charset=utf-8
date: Sun, 10 Dec 2023 17:40:14 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H3 200 814236116561669
connect.facebook.net/signals/config/ 133 KB
35 KB 39ms
39ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/814236116561669?v=2.9.138&r=stable&domain=qualitywindowsdirect.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 10 Dec 2023 17:40:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35311
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: NKZ8tSHHU6nLiu3gVK68JpfLfA7hRE1vGgS4fD/cl+AkHu/feQlEtw2nh/y2CwyqUcJyfUbZ/S0JDwgRTn7u5Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 GenerateToken
create.leadid.com/2.11.9/ 36 B
659 B 204ms
97ms XHR
text/plain 34.192.154.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=0c98694c-e7e5-4b9c-9e17-c55fe3f210b1&_=138398643

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.192.154.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-154-63.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://qualitywindowsdirect.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 10 Dec 2023 17:40:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 183ms
87ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=448499548883718&ev=PageView&dl=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&rl=https%3A%2F%2Fobjects-us-east-1.dream.io%2F&if=false&ts=1702230015072&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702230015068.368717549&cs_est=true&ler=other&it=1702230014796&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 10 Dec 2023 17:40:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 182ms
87ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=814236116561669&ev=PageView&dl=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&rl=https%3A%2F%2Fobjects-us-east-1.dream.io%2F&if=false&ts=1702230015076&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702230015068.368717549&ler=other&it=1702230014796&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 10 Dec 2023 17:40:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 201 certs
api.trustedform.com/ 475 B
686 B 216ms
90ms XHR
application/json 3.222.162.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17022300145500.8273589516385833&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.222.162.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-162-167.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://qualitywindowsdirect.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 17:40:15 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 072F 3 KB
2 KB 179ms
47ms Document
text/html 13.224.208.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F8EF5BD8-E4C6-6B3F-B4BE-DACC997D5345&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.208.146 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-208-146.phl50.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://qualitywindowsdirect.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Age: 16415
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 10 Dec 2023 13:07:08 GMT
ETag: W/"653c2b77-dbb"
Last-Modified: Fri, 27 Oct 2023 21:28:23 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: tu_60onkNochX6zlu3z1t0igih6cE5cYc0UZmliCOsXdq1gIxAKyCQ==
X-Amz-Cf-Pop: PHL50-C1
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom
create.leadid.com/2.11.9/ 0
623 B 41ms
40ms XHR
text/plain 34.192.154.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=0c98694c-e7e5-4b9c-9e17-c55fe3f210b1&token=F8EF5BD8-E4C6-6B3F-B4BE-DACC997D5345&_=138398644

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.192.154.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-154-63.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://qualitywindowsdirect.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 10 Dec 2023 17:40:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData
create.leadid.com/2.11.9/ 0
623 B 87ms
86ms XHR
text/plain 34.192.154.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=0c98694c-e7e5-4b9c-9e17-c55fe3f210b1&token=F8EF5BD8-E4C6-6B3F-B4BE-DACC997D5345&_=138398645

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/eb4a05a4-8a53-c2b0-b337-640a489815f4.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.192.154.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-154-63.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://qualitywindowsdirect.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 10 Dec 2023 17:40:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 trustedform-1.9.4.js
cdn.trustedform.com/ 84 KB
33 KB 43ms
43ms Script
application/javascript 2600:9000:25c8:2000:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17022300145500.8273589516385833&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:2000:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: gtnb1Uxu8qLJRc.iYT4wVelhc0u4qkAi
content-encoding: gzip
via: 1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
date: Sun, 10 Dec 2023 17:40:03 GMT
last-modified: Wed, 08 Nov 2023 19:52:40 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 13
etag: W/"f46641519eee44fe450f02ae72e64a74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: APtz-4YfppRO7Kpj_Bjb6Un9AKz6NDq6M8DjBks2tSU4yv0OeftB7g==

GET iframe.html
deviceid.trueleadid.com/ Frame 3FBB 0
0

POST snapshot
api.trustedform.com/certs/f01da013d2837113fd6c22d6cc4bcca1757d4d9d/ 0
0

POST
H2 204 fingerprints
api.trustedform.com/certs/f01da013d2837113fd6c22d6cc4bcca1757d4d9d/ 0
159 B 94ms
89ms XHR
text/plain 3.222.162.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f01da013d2837113fd6c22d6cc4bcca1757d4d9d/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.222.162.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-162-167.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://qualitywindowsdirect.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 10 Dec 2023 17:40:15 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET LOGO-rba-horiz.webp
qualitywindowsdirect.com/images/ 0
0

GET wizard-hero-bogo.webp
qualitywindowsdirect.com/img/ 0
0

GET loader-4stepc-1.png
qualitywindowsdirect.com/images/ 0
0

GET loader-4stepc-2.png
qualitywindowsdirect.com/images/ 0
0

GET loader-4stepc-3.png
qualitywindowsdirect.com/images/ 0
0

GET loader-4stepc-4.png
qualitywindowsdirect.com/images/ 0
0

GET logo-footer.webp
qualitywindowsdirect.com/img/ 0
0

GET
H2 204 0
bat.bing.com/action/ 0
122 B 50ms
48ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 10 Dec 2023 17:40:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7DF93B4DDB1840AEBE9EB6CEC7840704 Ref B: PHL30EDGE0116 Ref C: 2023-12-10T17:40:15Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: text/javascript

POST 0
bat.bing.com/actionp/ 0
0

GET
H2 200 stylewiz.min.css
qualitywindowsdirect.com/css/ 14 KB
3 KB 929ms
925ms Stylesheet
text/css 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://qualitywindowsdirect.com/css/stylewiz.min.css?v=3
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb011432c5afd993d82ac08722927e02282d37fcf8bb98be3d645b98dab00cbf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:14 GMT
content-encoding: gzip
last-modified: Mon, 20 Nov 2023 14:14:16 GMT
server: Microsoft-IIS/10.0
etag: "02c25d8bb1bda1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 3243

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.0/ 85 KB
30 KB 38ms
35ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30433
x-xss-protection: 0
last-modified: Wed, 17 May 2023 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 09:02:31 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 38ms
35ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qualitywindowsdirect.com/
Origin: https://qualitywindowsdirect.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 10 Dec 2023 17:40:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 15753257
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
x-served-by: cache-fra-eddf8230097-FRA, cache-ewr18150-EWR
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET lazy_load.min.js
qualitywindowsdirect.com/scripts/ 0
0

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 50 KB
18 KB 94ms
92ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

16b4cf2b9a4908b20dff3b6c586bc3209fdf4bf53ea4f1fa2827cbffe4ceb070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18842
x-xss-protection: 0
server: cafe
etag: 9826982868918577658
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 17:40:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 74ms
70ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M50V1ZE013

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b96356617678412f5930ab0f6a7a830d2258b5b6bd843c5ba06fde8c212e2be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88736
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 17:40:16 GMT

GET
H2 200 1004702-1004597.js Show response
cdn-4.convertexperiments.com/js/ 220 KB
66 KB 73ms
69ms Script
application/javascript 2600:141b:1c00:2391::14a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-4.convertexperiments.com/js/1004702-1004597.js
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2391::14a9 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3a1759c10db69de3a1b49bb51f697bbce177390c449c3244c416d45d81ff7bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 10 Dec 2023 17:40:16 GMT
content-encoding: gzip
cache-control: public, max-age=300
content-type: application/javascript
vary: Accept-Encoding
expires: Sun, 10 Dec 2023 17:45:16 GMT

GET
H2 200 FP.js Show response
hits.ecdashboard.com/JS/ 14 KB
4 KB 135ms
133ms Script
application/javascript 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://hits.ecdashboard.com/JS/FP.js
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 07d81e29da2b847c60281b9e084fe58ddf894ba5c6a60f395adf10aa4ad3d405

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:14 GMT
content-encoding: gzip
last-modified: Wed, 09 Aug 2023 13:44:40 GMT
server: Microsoft-IIS/10.0
etag: "0d44a5c7cad91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800
accept-ranges: bytes
content-length: 3840

GET
H2 200 LOGO-rba-horiz.webp
qualitywindowsdirect.com/images/ 66 KB
66 KB 1026ms
1025ms Image
image/webp 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualitywindowsdirect.com/images/LOGO-rba-horiz.webp
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 86da4f4a409902ef36f13e0bf3015dd1ef15ed8cb994417e0e16d6cb877519e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:14 GMT
last-modified: Mon, 20 Nov 2023 14:14:18 GMT
server: Microsoft-IIS/10.0
etag: "a4e96bd9bb1bda1:0"
x-powered-by: ASP.NET
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 67766

GET
H2 200 wizard-hero-bogo.webp
qualitywindowsdirect.com/img/ 13 KB
0 1433ms
1432ms Image
image/webp 198.154.88.118
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualitywindowsdirect.com/img/wizard-hero-bogo.webp
Requested by: Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.154.88.118 Los Angeles, United States, ASN55081 (24SHELLS, US),
Reverse DNS: corporate.abilitybusinesscomputing.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:40:14 GMT
last-modified: Mon, 20 Nov 2023 14:14:20 GMT
server: Microsoft-IIS/10.0
etag: "1791b1dabb1bda1:0"
x-powered-by: ASP.NET
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 94798

GET WebResource.axd
qualitywindowsdirect.com/ 0
0

GET loader-4stepc-1.png
qualitywindowsdirect.com/images/ 0
0

GET loader-4stepc-2.png
qualitywindowsdirect.com/images/ 0
0

GET loader-4stepc-3.png
qualitywindowsdirect.com/images/ 0
0

GET loader-4stepc-4.png
qualitywindowsdirect.com/images/ 0
0

GET logo-footer.webp
qualitywindowsdirect.com/img/ 0
0

GET scripts5.min.js
qualitywindowsdirect.com/scripts/ 0
0

GET Functions.min.js
qualitywindowsdirect.com/scripts/ 0
0

GET phone.min.js
qualitywindowsdirect.com/scripts/ 0
0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/874974045/ 3 KB
2 KB 68ms
65ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874974045/?random=1702230016528&cv=9&fst=1702230016528&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&ref=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&tiba=Renewal%20By%20Andersen%20-%20Window%20Replacement&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

728d18bd2890543a3feaa923f275ca4f14a30ab48f198471eb1c97bcba0bcfac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 17:40:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1432
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
53 KB 48ms
47ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 10 Dec 2023 17:40:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Xzh6WUJsH8iOdKxDz+WnRGsPSmtqWHS1ntvQ1jurK/tOSkJZicJImb/N2+X+HDmoWHXQ+8yxRBDCdaeKIc89yA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET wizard-bg.webp
qualitywindowsdirect.com/img/ 0
0

GET
H2 200 /
www.google.com/pagead/1p-user-list/874974045/ 42 B
108 B 105ms
92ms Image
image/gif 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/874974045/?random=1702230016528&cv=9&fst=1702227600000&num=1&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&ref=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&tiba=Renewal%20By%20Andersen%20-%20Window%20Replacement&fmt=3&is_vtc=1&cid=CAQSKQDICaaNnYYmLxGocAXV1iwKZxoT_j__uqgD07gkpO_gbAebttrzRG4D&random=2398888459&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 17:40:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 448499548883718 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 80ms
80ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/448499548883718?v=2.9.138&r=stable&domain=qualitywindowsdirect.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ec21de9bc5d8ee801c18ef3bd5f9e153d38054c714ba79d94aa1296c153808

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 10 Dec 2023 17:40:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37033
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 9fMXHZUzhbW2kPgs9qaZjga/eSPtl3njaQxVX4hMN7zYFOeEaUH7UNlVVr5AcjXpC7tTqQDuP27EBNp6mq7btA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST log
logs.convertexperiments.com/ 0
0

POST /
1004597.metrics.convertexperiments.com/log-rep/ 0
0

GET
H3 200 814236116561669 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 65ms
64ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/814236116561669?v=2.9.138&r=stable&domain=qualitywindowsdirect.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90c8329e91fb5bee5df69e8746dc8114c45fce7e3e0d15e342a5655934e80829

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 10 Dec 2023 17:40:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35311
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: NKZ8tSHHU6nLiu3gVK68JpfLfA7hRE1vGgS4fD/cl+AkHu/feQlEtw2nh/y2CwyqUcJyfUbZ/S0JDwgRTn7u5Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 109ms
108ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=448499548883718&ev=PageView&dl=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&rl=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&if=false&ts=1702230016903&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702230015068.368717549&cs_est=true&ler=other&it=1702230016626&coo=false&rqm=GET

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 10 Dec 2023 17:40:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 109ms
109ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=814236116561669&ev=PageView&dl=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&rl=https%3A%2F%2Fqualitywindowsdirect.com%2Frbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051&if=false&ts=1702230016905&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702230015068.368717549&ler=other&it=1702230016626&coo=false&rqm=GET

Requested by

Host: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/rbaw40-200.aspx?ctcampaign=6198&ctsource=0&ctkwd=1871&ecadid=822733&Offerid=1029122a14f683eb789b2814e12051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qualitywindowsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 10 Dec 2023 17:40:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=F8EF5BD8-E4C6-6B3F-B4BE-DACC997D5345&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=EB4A05A4-8A53-C2B0-B337-640A489815F4&lac=D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4

Domain: api.trustedform.com
URL: https://api.trustedform.com/certs/f01da013d2837113fd6c22d6cc4bcca1757d4d9d/snapshot

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/images/LOGO-rba-horiz.webp

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/img/wizard-hero-bogo.webp

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/images/loader-4stepc-1.png

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/images/loader-4stepc-2.png

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/images/loader-4stepc-3.png

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/images/loader-4stepc-4.png

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/img/logo-footer.webp

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=56111058&Ver=2&mid=5c010c1f-581b-4c27-944a-a287ec2d2b39&sid=2d1326d0978311eea6f4f73a0c27a17c&vid=2d1362e0978311ee8d04ef89263e3876&vids=1&msclkid=N&evt=pageHide

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/scripts/lazy_load.min.js

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/WebResource.axd?d=2aV1WIu0IZzg-OkuH8Z47LQqy5hIFL1v3qo4pfEcl5KN-qSfqwdgdIoQX-X_uPRM1t14zHMWIepO3a0LODDLew8DqRK_EFY6Y6XoeT7yBjU1&t=638285921964787378

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/WebResource.axd?d=R05Ui2250bMqjj7iRx7vu1WP_gYCyIUr-a1Jy0wUxrMeEMp92IB5iNfATMzT8nGuLcRENY__p-lNXVakKqv072LLqfcDyA5L_8ymzXgpIyg1&t=638285921964787378

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/images/loader-4stepc-1.png

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/images/loader-4stepc-2.png

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/images/loader-4stepc-3.png

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/images/loader-4stepc-4.png

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/img/logo-footer.webp

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/scripts/scripts5.min.js

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/scripts/Functions.min.js?ver=4987

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/scripts/phone.min.js

Domain: qualitywindowsdirect.com
URL: https://qualitywindowsdirect.com/img/wizard-bg.webp

Domain: logs.convertexperiments.com
URL: https://logs.convertexperiments.com/log

Domain: 1004597.metrics.convertexperiments.com
URL: https://1004597.metrics.convertexperiments.com/log-rep/

Verdicts & Comments Add Verdict or Comment

Malicious task.url
Submitted on December 10th 2023, 5:40:37 pm UTC — From United States

Threats: Social Engineering Phishing Spearphishing
Comment: RUSSIAN SPYWARE: https://objects-us-east-1.dream.io/renerenebelingaudlahomebsatstajdr/iisodo59helps9igjjii.html sent by RUSSIAN MALNET using harvested emails and MALICIOUS websites: https://objects-us-east-1.dream.io https://www.dt2dt.com https://www.edgetrk.com https://qualitywindowsdirect.com https://bit.ly https://serendipitydatesplace.ru https://loverswithsecrets.com https://jukatamare.info https://flirtfinessezone.ru https://himpulnat.info https://storage.googleapis.com http://ip0.me

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dt2dt.com/	1969-12-31 23:59:59	Name: uid10803 Value: 747287181-20231210124012-a48bcd54f2056b5201fef5dc218774d0-
www.edgetrk.com/	1970-01-20 17:35:08	Name: enc_aff_session_992 Value: ENC03e755d49137cbc31cbf5402ce40a6420b769617a3cb2ab795e40df9ff93c17eade72819d00b16e1f16d22be5d66ffbd76a5a57c596c33af016569d27ca023e1088e26ac11adf245ef353b98215ad5c5ce43440cbe438886a21a924e03d54a85f66e5214a6e083abde992be4ff2e2bde9931887d29a2a1348073d43756e449b9e987c361852ba2434a9dd7f4f9424aa4f82ef8f8e25f9b5adba8a0850baf4c67652a02226d
www.edgetrk.com/	1970-01-21 02:26:30	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjAiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuNzEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
qualitywindowsdirect.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ygt02car33mevac1ukiuvo3h
.qualitywindowsdirect.com/	1970-01-20 18:16:54	Name: EC_UID Value: 1702230014943.182%7C%7C12/10/2023%207%3A40%3A14
.qualitywindowsdirect.com/	1970-01-20 18:16:54	Name: EC_CMP Value: 6198%7C%7C1871%7C%7C822733%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.qualitywindowsdirect.com/	1970-01-20 18:16:54	Name: EC_SUP Value: %7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C0%7C%7C
.qualitywindowsdirect.com/	1970-01-20 18:16:54	Name: EC_URL Value: https%3A//objects-us-east-1.dream.io/%7C%7Chttps%3A//qualitywindowsdirect.com/rbaw40-200.aspx%3Fctcampaign%3D6198%26ctsource%3D0%26ctkwd%3D1871%26ecadid%3D822733%26Offerid%3D1029122a14f683eb789b2814e12051
.qualitywindowsdirect.com/	1970-01-20 16:51:56	Name: _uetsid Value: 2d1326d0978311eea6f4f73a0c27a17c
.qualitywindowsdirect.com/	1970-01-21 02:12:06	Name: _uetvid Value: 2d1362e0978311ee8d04ef89263e3876
.bing.com/	1970-01-21 02:12:06	Name: MUID Value: 3ECBD03003E46FFD362AC3D302266E02
.bat.bing.com/	1970-01-20 17:00:34	Name: MR Value: 0
.qualitywindowsdirect.com/	1970-01-21 02:26:30	Name: _ga_M50V1ZE013 Value: GS1.1.1702230014.1.0.1702230014.60.0.0
.qualitywindowsdirect.com/	1970-01-21 02:26:30	Name: _ga Value: GA1.1.502209459.1702230015
.qualitywindowsdirect.com/	1970-01-20 16:50:30	Name: _conv_sptest Value: 100420250%3A100454103
.qualitywindowsdirect.com/	1970-01-20 21:09:42	Name: _conv_r Value: s%3Aobjects-us-east-1.dream.iom%3Areferralt%3A*c%3A
.qualitywindowsdirect.com/	1970-01-20 19:00:06	Name: _fbp Value: fb.1.1702230015068.368717549
qualitywindowsdirect.com/	1969-12-31 23:59:59	Name: leadid_token-D0C27C32-8ED1-8E02-9C8A-1F9AB10100C4-EB4A05A4-8A53-C2B0-B337-640A489815F4 Value: F8EF5BD8-E4C6-6B3F-B4BE-DACC997D5345
.doubleclick.net/	1970-01-21 02:26:30	Name: IDE Value: AHWqTUkF3xpL3-_uO5-fgrQGCqtQ_81BbCasM5JV1UMHeHdUHMEkPoic1hm-Ip5h
.qualitywindowsdirect.com/	1970-01-20 21:13:18	Name: _conv_v Value: vi%3A1sc%3A1cs%3A1702230015fs%3A1702230015pv%3A1*exp%3A%7B100420250.%7Bv.100454103-g.%7B%7D%7D%7D
.qualitywindowsdirect.com/	1970-01-20 16:50:31	Name: _conv_s Value: si%3A1sh%3A1702230014925-0.8519735760565397pv%3A1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1004597.metrics.convertexperiments.com
ajax.googleapis.com
analytics.google.com
api.trustedform.com
bat.bing.com
cdn-4.convertexperiments.com
cdn.jsdelivr.net
cdn.trustedform.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
googleads.g.doubleclick.net
hits.ecdashboard.com
logs.convertexperiments.com
objects-us-east-1.dream.io
qualitywindowsdirect.com
stats.g.doubleclick.net
www.dt2dt.com
www.edgetrk.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
1004597.metrics.convertexperiments.com
api.trustedform.com
bat.bing.com
deviceid.trueleadid.com
logs.convertexperiments.com
qualitywindowsdirect.com
13.224.208.146
142.251.40.130
18.210.241.9
198.154.88.118
216.107.139.115
2600:141b:1c00:2391::14a9
2600:9000:25c8:2000:1c:7f1a:6680:93a1
2606:4700:10::6816:27b6
2607:f298:5:ee00::33
2607:f8b0:4004:c06::9c
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2004
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81f::200a
2607:f8b0:4006:822::2002
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:400::485
3.222.162.167
34.192.154.63
07d81e29da2b847c60281b9e084fe58ddf894ba5c6a60f395adf10aa4ad3d405
0811891616a17255b9aec069d53ae29d5dc0a507f8b476dac05fb7d6bfb9b3a7
16b4cf2b9a4908b20dff3b6c586bc3209fdf4bf53ea4f1fa2827cbffe4ceb070
1d80d663dae3b6ffb88b990ac3c10442647699e1d43fa8fd0f2987ac3c30a5b3
2c391d6fe93c30d44048aa3ad9820fcfe5ef34c70dda6e4598c9077f4817a39b
356220d7c15be343d5351e1dbcade41f6c811baeed5f32bede56cfc53cac250d
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4145eb38affc9b3335b672593a320382b893366710c4e9457c1e1cd06ba0916e
4b2fa0831336d38214955b2eed34b56fc88401f7b8d9adf759a2bad4e9e2cafc
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6b96356617678412f5930ab0f6a7a830d2258b5b6bd843c5ba06fde8c212e2be
70ed9ad8db98c0ab2e416f6784e5b32ab619dc391e7285168e54a38cfdefad43
728d18bd2890543a3feaa923f275ca4f14a30ab48f198471eb1c97bcba0bcfac
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
83ec21de9bc5d8ee801c18ef3bd5f9e153d38054c714ba79d94aa1296c153808
86da4f4a409902ef36f13e0bf3015dd1ef15ed8cb994417e0e16d6cb877519e8
87fa7ad386402eb066b9b17a38c357d13fd870be51679d81c2dc20955bfde341
90c8329e91fb5bee5df69e8746dc8114c45fce7e3e0d15e342a5655934e80829
affeabc6c91c8b24f2ca14ee22d3bebeaa0f21532819a8f839665ac14f0b076c
b3c1617ee4bc9f12cfdb077cd6f6204a9ce0730ba20ee6af9de4d26f7e5115c5
c1c2f60ff81b61b395b73add97dda6bed242aeb6eb8201dba2993c692bd574b6
ca5e1cf2ee31713ad1f338bf645cbfa525e828f673a32a0a6564e25bcf3c8656
ca9400fd9544d1f2f3691c3f93c61f3c135cbd7f4b7531ce3fd8374d81ae4938
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
df71d382d4cc0edd5c8e58b83442e5c5e4046407098ecd1eb034c6dad122729b
e3a1759c10db69de3a1b49bb51f697bbce177390c449c3244c416d45d81ff7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
fb011432c5afd993d82ac08722927e02282d37fcf8bb98be3d645b98dab00cbf

qualitywindowsdirect.com Open in urlscan Pro 198.154.88.118 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

71 %HTTPS

67 %IPv6

20 Domains

25 Subdomains

20 IPs

1 Countries

1374 kBTransfer

3464 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

qualitywindowsdirect.com Open in urlscan Pro
198.154.88.118 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

71 %
HTTPS

67 %
IPv6

20
Domains

25
Subdomains

20
IPs

1
Countries

1374 kB
Transfer

3464 kB
Size

21
Cookies

87 HTTP transactions
1 data transactions