URL: https://windowsavingsnow.com/
Submission Tags: phishingrod
Submission: On September 20 via api from DE — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 47 HTTP transactions. The main IP is 35.212.127.214, located in Washington, United States and belongs to GOOGLE, US. The main domain is windowsavingsnow.com.
TLS certificate: Issued by R10 on September 20th 2024. Valid for: 3 months.
This is the only time windowsavingsnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
31 windowsavingsnow.com
windowsavingsnow.com
2 MB
4 gstatic.com
fonts.gstatic.com
32 KB
3 leadshook.io
windowsavingsusa.leadshook.io
10 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
72 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 74
13 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
1 leadshook.com
www.leadshook.com
0 lucrordesign.com Failed
lucrordesign.com Failed
47 9
Domain Requested by
31 windowsavingsnow.com windowsavingsnow.com
4 fonts.gstatic.com fonts.googleapis.com
3 windowsavingsusa.leadshook.io 1 redirects windowsavingsnow.com
windowsavingsusa.leadshook.io
2 www.facebook.com windowsavingsnow.com
2 connect.facebook.net windowsavingsnow.com
connect.facebook.net
2 www.youtube.com windowsavingsusa.leadshook.io
www.youtube.com
2 fonts.googleapis.com windowsavingsnow.com
1 www.leadshook.com windowsavingsusa.leadshook.io
0 lucrordesign.com Failed windowsavingsnow.com
47 9

This site contains no links.

Subject Issuer Validity Valid
*.windowsavingsnow.com
R10
2024-09-20 -
2024-12-19
3 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
leadshook.io
Amazon RSA 2048 M03
2024-09-07 -
2025-10-07
a year crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
www.leadshook.com
WE1
2024-08-10 -
2024-11-08
3 months crt.sh
*.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-06-29 -
2024-09-27
3 months crt.sh

This page contains 2 frames:

Primary Page: https://windowsavingsnow.com/
Frame ID: 5311438D2BDF3D7AC315DF53A80E030F
Requests: 57 HTTP requests in this frame

Frame: https://www.leadshook.com/
Frame ID: CD90E4120144691C40E125FF6C5F972E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Window Savings Now – Useful Money Saving Tips

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /revslider/[/\w-]+/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

9
IPs

2
Countries

2500 kB
Transfer

4098 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0 HTTP 302
  • https://www.leadshook.com/

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
windowsavingsnow.com/
61 KB
13 KB
Document
General
Full URL
https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a60731c638d5b96d0b763b20db5e4f92cb10c3bdb968f1ec10c8d2744b46e552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 20 Sep 2024 08:01:54 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://windowsavingsnow.com/wp-json/>; rel="https://api.w.org/" <https://windowsavingsnow.com/wp-json/wp/v2/pages/19>; rel="alternate"; title="JSON"; type="application/json" <https://windowsavingsnow.com/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-content-type-options
nosniff
x-httpd-modphp
1
x-proxy-cache
HIT
x-xss-protection
1; mode=block
siteground-optimizer-combined-css-b0d5c47991eebf09df065bbaa22a447a.css
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/
731 KB
90 KB
Stylesheet
General
Full URL
https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-b0d5c47991eebf09df065bbaa22a447a.css
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9ca17dedd4289cd00b26e17bf0136213b75b4d4ab8df36dc32d4cbf98b0d37ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"657118f7-b6d75"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 07 Dec 2023 00:59:35 GMT
server
nginx
vary
Accept-Encoding
css
fonts.googleapis.com/
7 KB
950 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.6.2
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
609795016110cd4bcf69fae138e9d4548f26745cdce9e620b44eab056612fbf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 20 Sep 2024 08:01:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Sep 2024 08:01:55 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 20 Sep 2024 06:15:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery.min.js
windowsavingsnow.com/wp-includes/js/jquery/
86 KB
29 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"654c2f6a-15601"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 09 Nov 2023 01:01:30 GMT
server
nginx
vary
Accept-Encoding
jquery-migrate.min.js
windowsavingsnow.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"64d45631-3509"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 10 Aug 2023 03:14:57 GMT
server
nginx
vary
Accept-Encoding
jquery.bind-first-0.2.3.min.js
windowsavingsnow.com/wp-content/plugins/pixelyoursite/dist/scripts/
1 KB
872 B
Script
General
Full URL
https://windowsavingsnow.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.6.2
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66e0bc46-525"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 21:38:14 GMT
server
nginx
vary
Accept-Encoding
js.cookie-2.1.3.min.js
windowsavingsnow.com/wp-content/plugins/pixelyoursite/dist/scripts/
2 KB
1 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66e0bc46-6ad"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 21:38:14 GMT
server
nginx
vary
Accept-Encoding
truncated
/
48 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5441d0bfff5794dc114cc7d764978d26338cc48446870753e7c495819acf851f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
pys.min.js
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/
46 KB
11 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/pys.min.js?ver=9.7.2
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
caa9e2cd9d5c81e779c287925e26e844d516df2c05fffdbaf463777c7a2f2bc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66e0bc46-b9c8"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 21:38:14 GMT
server
nginx
vary
Accept-Encoding
dummy.png
windowsavingsnow.com/wp-content/plugins/revslider/public/assets/assets/
68 B
295 B
Image
General
Full URL
https://windowsavingsnow.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

cache-control
max-age=31536000
etag
"654c2f9a-44"
expires
Sat, 20 Sep 2025 08:01:55 GMT
accept-ranges
bytes
content-length
68
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/png
last-modified
Thu, 09 Nov 2023 01:02:18 GMT
server
nginx
x-proxy-cache-info
DT:1
js_embed
windowsavingsusa.leadshook.io/s/
13 KB
5 KB
Script
General
Full URL
https://windowsavingsusa.leadshook.io/s/js_embed
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.117.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-117-60.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
619200d6ce7cf5b58fe9c607f06836137dce007469c4d8574f6aaa1b69d43983

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-cache-status
MISS
content-encoding
gzip
etag
W/"328a-kilhtShLIxkNTeFhYn0+KH/jX84"
date
Fri, 20 Sep 2024 08:01:56 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
server
nginx/1.19.9
vary
Accept-Encoding
css
fonts.googleapis.com/
3 KB
745 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:500%7CRoboto:400&display=swap
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dbba5941450352d6df0f749ed70108d2a77edf5ab78053177e2966a2b9bac2bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 20 Sep 2024 08:01:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Sep 2024 08:01:55 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 20 Sep 2024 08:01:55 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
autoptimize_single_e52b266e19f4c113b1bcd856a1aaba1a.php
windowsavingsnow.com/wp-content/cache/autoptimize/
4 KB
1 KB
Stylesheet
General
Full URL
https://windowsavingsnow.com/wp-content/cache/autoptimize/autoptimize_single_e52b266e19f4c113b1bcd856a1aaba1a.php?ver=4.6.3
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9b343c672c1975b52088012950ecbe6f29387495e4744cda55bfb0612fefb4e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

host-header
8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp
1
cache-control
max-age=30672000, public, immutable, public, immutable
content-encoding
br
x-content-type-options
nosniff
expires
Tue, 09 Sep 2025 13:32:53 GMT
x-proxy-cache
HIT
date
Fri, 20 Sep 2024 08:01:55 GMT
x-xss-protection
1; mode=block
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Thu, 09 Nov 2023 05:57:45 GMT
autoptimize_single_3b5eb357a7e927f175a2626a6bdda3ba.php
windowsavingsnow.com/wp-content/cache/autoptimize/
11 KB
2 KB
Stylesheet
General
Full URL
https://windowsavingsnow.com/wp-content/cache/autoptimize/autoptimize_single_3b5eb357a7e927f175a2626a6bdda3ba.php?ver=4.6.3
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5ffada885f24af216daffac4548148cf1da5e2f17602b774b0e7b49816959655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

host-header
8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp
1
cache-control
max-age=30672000, public, immutable, public, immutable
content-encoding
br
x-content-type-options
nosniff
expires
Tue, 09 Sep 2025 13:32:53 GMT
x-proxy-cache
HIT
date
Fri, 20 Sep 2024 08:01:55 GMT
x-xss-protection
1; mode=block
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Thu, 09 Nov 2023 05:57:45 GMT
autoptimize_single_08f3fa5cd7040c88c7ddf43deadde2a9.php
windowsavingsnow.com/wp-content/cache/autoptimize/
50 KB
9 KB
Stylesheet
General
Full URL
https://windowsavingsnow.com/wp-content/cache/autoptimize/autoptimize_single_08f3fa5cd7040c88c7ddf43deadde2a9.php?ver=6.6.18
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b1655222f37a4b7752bdc17ae54d3f71a46b6cde71cf2d39dffdea624259eaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

host-header
8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp
1
cache-control
max-age=30672000, public, immutable, public, immutable
content-encoding
br
x-content-type-options
nosniff
expires
Tue, 09 Sep 2025 13:32:53 GMT
x-proxy-cache
HIT
date
Fri, 20 Sep 2024 08:01:55 GMT
x-xss-protection
1; mode=block
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Thu, 09 Nov 2023 05:57:45 GMT
hooks.min.js
windowsavingsnow.com/wp-includes/js/dist/
4 KB
2 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"660ddbf4-10d3"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Wed, 03 Apr 2024 22:45:08 GMT
server
nginx
vary
Accept-Encoding
i18n.min.js
windowsavingsnow.com/wp-includes/js/dist/
9 KB
4 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"660ddbf4-23b5"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Wed, 03 Apr 2024 22:45:08 GMT
server
nginx
vary
Accept-Encoding
swv.min.js
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/
11 KB
3 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/swv.min.js?ver=5.9.8
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
927c9ce0161edc8d3140c9273e00746d54698c9799a7546c87160752ed4378f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66e0bc3d-2cb8"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 21:38:05 GMT
server
nginx
vary
Accept-Encoding
contact-form-7.min.js
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/
13 KB
4 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/contact-form-7.min.js?ver=5.9.8
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4c1c7e7c690b1cf795404eeed97f8eb2195af97822643ab72f07b370ec2ec1eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66e0bc3d-33e2"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 21:38:05 GMT
server
nginx
vary
Accept-Encoding
rbtools.min.js
windowsavingsnow.com/wp-content/plugins/revslider/public/assets/js/
161 KB
58 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.18
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"654c2f9a-285db"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 09 Nov 2023 01:02:18 GMT
server
nginx
vary
Accept-Encoding
rs6.min.js
windowsavingsnow.com/wp-content/plugins/revslider/public/assets/js/
401 KB
98 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.18
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44350f3c434ddd70b17e6b0f49398c24efa091ab58e1ab12700acd15962f4374

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"654c2f9a-64229"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 09 Nov 2023 01:02:18 GMT
server
nginx
vary
Accept-Encoding
lazysizes.min.js
windowsavingsnow.com/wp-content/plugins/sg-cachepress/assets/js/
8 KB
4 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-content/plugins/sg-cachepress/assets/js/lazysizes.min.js?ver=7.6.4
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb34d2ee2a93fd11b734c124a6fc661339585c63382d08eb31bf921b66519eac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66e0bc49-1ed0"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 21:38:17 GMT
server
nginx
vary
Accept-Encoding
xtra.min.js
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/
19 KB
6 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/xtra.min.js?ver=4.3.6
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
313b31e0386c1b7afb16ad7bd2e78b526a04afe24cf6a12a9a4c1b1a3704d743

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"613a3112-4b87"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 09 Sep 2021 16:06:42 GMT
server
nginx
vary
Accept-Encoding
codevz-plus.min.js
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/
46 KB
13 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/codevz-plus.min.js?ver=4.6.3
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
61435b83c2bc471f9424dc10147ad5895333494efc4971f91cbf3b383cb5ed81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65710da8-b8ce"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 07 Dec 2023 00:11:20 GMT
server
nginx
vary
Accept-Encoding
codevz-plus-share.min.js
windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/
1 KB
768 B
Script
General
Full URL
https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/codevz-plus-share.min.js?ver=4.6.3
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
28b9f17b585b3722b4fc4883a2bb4e6c1ffc2be41e45081cbe3752bd752d02a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65710da8-439"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 07 Dec 2023 00:11:20 GMT
server
nginx
vary
Accept-Encoding
js_composer_front.min.js
windowsavingsnow.com/wp-content/plugins/js_composer/assets/js/dist/
20 KB
6 KB
Script
General
Full URL
https://windowsavingsnow.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.1
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
86835a4ef093c7fc3c6d6f1433b669b286b4fb3074f2f15c2a95825269308323

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6529194b-5115"
expires
Sat, 20 Sep 2025 08:01:55 GMT
date
Fri, 20 Sep 2024 08:01:55 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Fri, 13 Oct 2023 10:17:47 GMT
server
nginx
vary
Accept-Encoding
autoptimize_single_4ea2256a97f2591ad1483ff4c844d781.php
windowsavingsnow.com/wp-content/cache/autoptimize/
858 B
693 B
Script
General
Full URL
https://windowsavingsnow.com/wp-content/cache/autoptimize/autoptimize_single_4ea2256a97f2591ad1483ff4c844d781.php?ver=4.6.3
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9af4bd98020876246a68d45aac13621a096dd7a50e224c789bd8d16c8dbd8a03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

host-header
8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp
1
cache-control
max-age=30672000, public, immutable, public, immutable
content-encoding
br
x-content-type-options
nosniff
expires
Tue, 09 Sep 2025 13:32:53 GMT
x-proxy-cache
HIT
date
Fri, 20 Sep 2024 08:01:55 GMT
x-xss-protection
1; mode=block
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Thu, 09 Nov 2023 05:57:45 GMT
autoptimize_single_6621eb7fa9d6bbc5c05c8c5c694150a2.php
windowsavingsnow.com/wp-content/cache/autoptimize/
413 B
553 B
Script
General
Full URL
https://windowsavingsnow.com/wp-content/cache/autoptimize/autoptimize_single_6621eb7fa9d6bbc5c05c8c5c694150a2.php?ver=4.6.3
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
09f28ca8b7607acdc148f7fd33b4f5092a1da03659c047f4bf163a93696ae3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

host-header
8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp
1
cache-control
max-age=30672000, public, immutable, public, immutable
content-encoding
br
x-content-type-options
nosniff
expires
Tue, 09 Sep 2025 13:32:53 GMT
x-proxy-cache
HIT
date
Fri, 20 Sep 2024 08:01:55 GMT
x-xss-protection
1; mode=block
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Thu, 09 Nov 2023 05:57:45 GMT
truncated
/
0
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
truncated
/
88 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4f0091d654925b99652679bd060c889704aa70aebd07e1322acda3d38014f02

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
88 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0696bb3df09627caefc874274365ad085818ea01a24cacadd90064b78ed64aa4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
416 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ed0d520e5505edd3862515a661448e740ce6446332f07e6046b190f12860485

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://windowsavingsnow.com
Referer
https://fonts.googleapis.com/

Response headers

age
242827
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 12:34:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 12:34:48 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://windowsavingsnow.com
Referer
https://fonts.googleapis.com/

Response headers

age
484309
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Sep 2025 17:30:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Sep 2024 17:30:06 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
truncated
/
92 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
477f2c7acf54b2994c85f1a07720eb99f56979f5b134efb37a9ef84713c0e318

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
92 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4b22a674c4b9431ebe3fd474ef353534ada4bfc252d4a3236c2d6c964754f9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
92 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
316a853bb4ac612ad41aedf4ba8958156b7e64295f2d0b2ede3c20a910928dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
123 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9eaba4ee4769286a5a60125fda070144c81cf2f3f24f23e4eece81d8dfeeb672

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
row-bg.jpg
lucrordesign.com/chris/wp-content/uploads/sites/46/2020/01/
0
0

pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://windowsavingsnow.com
Referer
https://fonts.googleapis.com/

Response headers

age
245857
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 11:44:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 11:44:18 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
truncated
/
94 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a96c1a0a8b1c2a8eab8adfa21634b7f2c4226f6bc5322df1ab7efc4f1f1af7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
truncated
/
134 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e0e01dda8d3f5b788b163f271c217454a491571e0b2ee16869756e88d2d6050

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
css_embed
windowsavingsusa.leadshook.io/s/
10 KB
3 KB
Stylesheet
General
Full URL
https://windowsavingsusa.leadshook.io/s/css_embed
Requested by
Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/s/js_embed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.117.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-117-60.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
714d997f5eed6b02bea38b10af05a323e7e5460382f36f8c3b908be2c47f9e2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

x-cache-status
MISS
content-encoding
gzip
etag
W/"29ed-BQKBSmYUFUVm/bRY6L+Du4V9nQI"
date
Fri, 20 Sep 2024 08:01:56 GMT
content-type
text/css; charset=utf-8
x-powered-by
Express
server
nginx/1.19.9
vary
Accept-Encoding
/
www.leadshook.com/ Frame CD90
Redirect Chain
  • https://windowsavingsusa.leadshook.io/survey/lLDMEUqwAYH8YIPv5ydngZlU0iN6tFO03Dmvkdcv?embed=true&index=0
  • https://www.leadshook.com/
0
0
Document
General
Full URL
https://www.leadshook.com/
Requested by
Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/s/js_embed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:966c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://windowsavingsnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
62461
cache-control
public, max-age=0, s-maxage=2592000
cdn-cache-control
max-age=2592000
cf-cache-status
HIT
cf-ray
8c604a58cdd3bb50-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 20 Sep 2024 08:01:56 GMT
last-modified
Thu, 19 Sep 2024 14:13:42 GMT
server
cloudflare
vary
Accept-Encoding
x-flying-press-cache
HIT
x-flying-press-source
Web Server

Redirect headers

date
Fri, 20 Sep 2024 08:01:56 GMT
location
https://www.leadshook.com
server
nginx/1.19.9
x-cache-status
MISS
x-powered-by
Express
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: windowsavingsusa.leadshook.io
URL: https://windowsavingsusa.leadshook.io/s/js_embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c72baa546b07c7eb296c3b83867d1dc7105a9e78722916e4fdbb84bd25fe664
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Fri, 20 Sep 2024 08:01:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date
Fri, 20 Sep 2024 08:01:56 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
www-widgetapi.js
www.youtube.com/s/player/a9d81eca/www-widgetapi.vflset/
32 KB
11 KB
Script
General
Full URL
https://www.youtube.com/s/player/a9d81eca/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27eb1b9a227db9b8b8dd07c09160caadb713fcf58cb80a6fd5eea7ccc7c68bd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

content-encoding
br
age
6617
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sat, 20 Sep 2025 06:11:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Sep 2024 06:11:39 GMT
last-modified
Wed, 18 Sep 2024 04:15:59 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10743
x-xss-protection
0
server
sffe
loader.gif
windowsavingsnow.com/wp-content/plugins/revslider/public/assets/assets/
2 KB
3 KB
Image
General
Full URL
https://windowsavingsnow.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/wp-content/cache/autoptimize/autoptimize_single_08f3fa5cd7040c88c7ddf43deadde2a9.php?ver=6.6.18
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/wp-content/cache/autoptimize/autoptimize_single_08f3fa5cd7040c88c7ddf43deadde2a9.php?ver=6.6.18

Response headers

cache-control
max-age=31536000
etag
"654c2f9a-9f1"
expires
Sat, 20 Sep 2025 08:01:56 GMT
accept-ranges
bytes
content-length
2545
date
Fri, 20 Sep 2024 08:01:56 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/gif
last-modified
Thu, 09 Nov 2023 01:02:18 GMT
server
nginx
x-proxy-cache-info
DT:1
portfolio2.jpg
windowsavingsnow.com/wp-content/uploads/2021/09/
310 KB
310 KB
Image
General
Full URL
https://windowsavingsnow.com/wp-content/uploads/2021/09/portfolio2.jpg
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ab9400a816d15900855f00f4dbb936346538a5713b06b4e23d2c2ad2404974e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

cache-control
max-age=31536000
etag
"6139b1f7-4d786"
expires
Sat, 20 Sep 2025 08:01:56 GMT
accept-ranges
bytes
content-length
317318
date
Fri, 20 Sep 2024 08:01:56 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/webp
last-modified
Thu, 09 Sep 2021 07:04:23 GMT
server
nginx
x-proxy-cache-info
DT:1
admin-ajax.php
windowsavingsnow.com/wp-admin/
1 B
384 B
XHR
General
Full URL
https://windowsavingsnow.com/wp-admin/admin-ajax.php?action=pys_get_pbid
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://windowsavingsnow.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

host-header
6b7412fb82ca5edfd0917e3957f05d89
x-robots-tag
noindex
cache-control
no-cache, must-revalidate, max-age=0
x-proxy-cache-info
0 NC:000000 UP:
x-content-type-options
nosniff, nosniff
referrer-policy
strict-origin-when-cross-origin
expires
Wed, 11 Jan 1984 05:00:00 GMT
x-proxy-cache
MISS
content-length
1
date
Fri, 20 Sep 2024 08:01:57 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
x-httpd-modphp
1
server
nginx
x-frame-options
SAMEORIGIN
fbevents.js
connect.facebook.net/en_US/
225 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/wp-content/uploads/siteground-optimizer-assets/pys.min.js?ver=9.7.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Fri, 20 Sep 2024 08:01:57 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4671, tp=13, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
JLSGMrXjEhJEGsFl62M3OjLQXqHB7tJU7mGobTy5IoiAJeXzQvH6NfVUDM52jYXmiPjCJobgo8rjPViUrwKDLQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
58953
x-xss-protection
0
origin-agent-cluster
?0
345912956288246
connect.facebook.net/signals/config/
72 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/345912956288246?v=2.9.167&r=stable&domain=windowsavingsnow.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d129120fd866fab6abb59fcec7656bff3fce99109e81020330e5ef8d5965bce
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Fri, 20 Sep 2024 08:01:57 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=66, mss=1232, tbw=67311, tp=66, tpl=0, uplat=362, ullat=0
pragma
public
x-fb-debug
3Rmwbfm+OrybACq7HosY/wt/1/FWAc2glsotrQFNLJ03jaR04+oB4FW/4RrmnmQ5503eh8TO/Eiqagl4W5amXw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
Window-Savings-Now.png
windowsavingsnow.com/wp-content/uploads/2021/09/
83 KB
83 KB
Image
General
Full URL
https://windowsavingsnow.com/wp-content/uploads/2021/09/Window-Savings-Now.png
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f4d9eb584be3bd82a980f5f35ab8e10d4803f53c80fda95912c778d4a566577c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

cache-control
max-age=31536000
etag
"61306d46-14b36"
expires
Sat, 20 Sep 2025 08:01:57 GMT
accept-ranges
bytes
content-length
84790
date
Fri, 20 Sep 2024 08:01:57 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/webp
last-modified
Thu, 02 Sep 2021 06:20:54 GMT
server
nginx
x-proxy-cache-info
DT:1
carrycot-1888587_1920.jpg
windowsavingsnow.com/wp-content/uploads/2021/09/
1 MB
1 MB
Image
General
Full URL
https://windowsavingsnow.com/wp-content/uploads/2021/09/carrycot-1888587_1920.jpg
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f56eec219c331da765c35568a9a8c420bee5121da53e4a69d10b3a61c882f22c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

cache-control
max-age=31536000
etag
"612f4eae-1205aa"
expires
Sat, 20 Sep 2025 08:01:57 GMT
accept-ranges
bytes
content-length
1181098
date
Fri, 20 Sep 2024 08:01:57 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/webp
last-modified
Wed, 01 Sep 2021 09:58:06 GMT
server
nginx
x-proxy-cache-info
DT:1
pexels-waldemar-brandt-2290609-2048x1365.jpg
windowsavingsnow.com/wp-content/uploads/2021/09/
455 KB
455 KB
Image
General
Full URL
https://windowsavingsnow.com/wp-content/uploads/2021/09/pexels-waldemar-brandt-2290609-2048x1365.jpg
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b771b570e60c8e50333e424783ca6cfa7b00b044ad6a169ee6b71f2760bf1c4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

cache-control
max-age=31536000
etag
"612f4e95-71a42"
expires
Sat, 20 Sep 2025 08:01:57 GMT
accept-ranges
bytes
content-length
465474
date
Fri, 20 Sep 2024 08:01:57 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/webp
last-modified
Wed, 01 Sep 2021 09:57:41 GMT
server
nginx
x-proxy-cache-info
DT:1
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=345912956288246&ev=PageView&dl=https%3A%2F%2Fwindowsavingsnow.com%2F&rl=&if=false&ts=1726819317649&cd[page_title]=Home&cd[post_type]=page&cd[post_id]=19&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=windowsavingsnow.com%2F&sw=1600&sh=1200&v=2.9.167&r=stable&a=dvpixelyoursite&ec=0&o=12318&fbp=fb.1.1726819316916.1887098622&cs_est=true&ler=empty&cdl=API_unavailable&it=1726819317164&coo=false&rqm=GET
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2806, tp=-1, tpl=-1, uplat=93, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 20 Sep 2024 08:01:57 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=345912956288246&ev=PageView&dl=https%3A%2F%2Fwindowsavingsnow.com%2F&rl=&if=false&ts=1726819317649&cd[page_title]=Home&cd[post_type]=page&cd[post_id]=19&cd[plugin]=PixelYourSite&cd[user_role]=guest&cd[event_url]=windowsavingsnow.com%2F&sw=1600&sh=1200&v=2.9.167&r=stable&a=dvpixelyoursite&ec=0&o=12318&fbp=fb.1.1726819316916.1887098622&cs_est=true&ler=empty&cdl=API_unavailable&it=1726819317164&coo=false&rqm=FGET
Requested by
Host: windowsavingsnow.com
URL: https://windowsavingsnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416632494423463474"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 08:01:57 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
JM4J7YZD8xWr6jfYUv8wmQpZ1oJzSDS+ARjjvQWPXdeIz2AuuKZJfBkI6m9PnV3mcQz81cSuVK3XeH+K9Aykqw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416632494423463474", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3124, tp=-1, tpl=-1, uplat=149, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=6.6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://windowsavingsnow.com
Referer
https://fonts.googleapis.com/

Response headers

age
245226
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 11:54:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 11:54:52 GMT
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
cropped-Window-Savings-Now-32x32.png
windowsavingsnow.com/wp-content/uploads/2021/09/
658 B
887 B
Other
General
Full URL
https://windowsavingsnow.com/wp-content/uploads/2021/09/cropped-Window-Savings-Now-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.127.214 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.127.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3d327171edb41db1649f5125306753c883aaf05fcf05540f9af3b961bff54607

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://windowsavingsnow.com/

Response headers

cache-control
max-age=31536000
etag
"61306e72-292"
expires
Sat, 20 Sep 2025 08:02:00 GMT
accept-ranges
bytes
content-length
658
date
Fri, 20 Sep 2024 08:02:00 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/webp
last-modified
Thu, 02 Sep 2021 06:25:54 GMT
server
nginx
x-proxy-cache-info
DT:1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lucrordesign.com
URL
https://lucrordesign.com/chris/wp-content/uploads/sites/46/2020/01/row-bg.jpg?id=1303

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| jQuery object| pysOptions function| setREVStartSize number| RSIW number| RSIH object| RS_MODULES function| revslider_showDoubleJqueryError object| wp function| sprintf function| vsprintf function| tpj object| revapi1 function| Cookies function| pys_generate_token function| getBundlePriceOnSingleProduct function| getPixelBySlag function| getUrlParameter function| getCookieYes boolean| firstVisit object| pys function| attrUnescape function| parseAttributes function| getViewport function| addEvent number| mobileBreakpoint function| resize object| CSSModal object| LH object| quizzes object| swv object| wpcf7 object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID string| RSBrowser object| T boolean| _rs_desktop object| lazySizes object| Codevz object| Codevz_Plus function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_ttaToggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox function| fbq function| _fbq

14 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: EhNVCSVGdHk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 9uri15teoSw
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgRQ%3D%3D
windowsavingsusa.leadshook.io/ Name: AWSALBTGCORS
Value: qsqjETWPSBmqvWdzutTKaEzHbu3l9CUolaLKA/dSWP9QMpZB25FzkRNc+XlOeqZl3czKt/0d2S4DrXcziDCbQVlLvNYTdZqHcif/5MVkv6K4z9DsAhK9UVQzJJLhij/RUA6rm1E+HObh5mIvzki0K9udKZViXzrJZ7gHkosSqji8L49z7TTJMCoPLc9gGRziZRJ+EXTneLdMXGk+1KYD1xj/hTIr9Y5xni4Pg2EpO2Q6hTNc/8FtA2ELb4KQocI/gipXOEs=
windowsavingsusa.leadshook.io/ Name: AWSALBCORS
Value: prDbc5/6C8WiKfrEJcxbjmMFQHwTb9xpiO9TPiPou7gaSpwwgoS5c0rvp1p88JMprk3bVCH9aNJqjEk0p9bJeqCxiIYn4h6tnfphsRb89iSYL0lBEnlNRYicL4wU
windowsavingsnow.com/ Name: pys_session_limit
Value: true
windowsavingsnow.com/ Name: pys_start_session
Value: true
windowsavingsnow.com/ Name: pys_first_visit
Value: true
windowsavingsnow.com/ Name: pysTrafficSource
Value: direct
windowsavingsnow.com/ Name: pys_landing_page
Value: https://windowsavingsnow.com/
windowsavingsnow.com/ Name: last_pysTrafficSource
Value: direct
windowsavingsnow.com/ Name: last_pys_landing_page
Value: https://windowsavingsnow.com/
windowsavingsnow.com/ Name: _fbp
Value: fb.1.1726819316916.1887098622
.windowsavingsnow.com/ Name: _fbp
Value: fb.1.1726819316916.1887098622

2 Console Messages

Source Level URL
Text
security warning URL: https://windowsavingsnow.com/
Message:
Mixed Content: The page at 'https://windowsavingsnow.com/' was loaded over HTTPS, but requested an insecure element 'http://windowsavingsnow.com/wp-content/uploads/2021/09/Window-Savings-Now.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://windowsavingsnow.com/
Message:
Mixed Content: The page at 'https://windowsavingsnow.com/' was loaded over HTTPS, but requested an insecure element 'http://windowsavingsnow.com/wp-content/uploads/2021/09/Window-Savings-Now.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
lucrordesign.com
windowsavingsnow.com
windowsavingsusa.leadshook.io
www.facebook.com
www.leadshook.com
www.youtube.com
lucrordesign.com
2606:4700::6810:966c
2a00:1450:4001:801::2003
2a00:1450:4001:811::200e
2a00:1450:4001:82f::200a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.211.117.60
34.198.236.243
35.212.127.214
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
0696bb3df09627caefc874274365ad085818ea01a24cacadd90064b78ed64aa4
09f28ca8b7607acdc148f7fd33b4f5092a1da03659c047f4bf163a93696ae3ee
0ed0d520e5505edd3862515a661448e740ce6446332f07e6046b190f12860485
1e0e01dda8d3f5b788b163f271c217454a491571e0b2ee16869756e88d2d6050
27eb1b9a227db9b8b8dd07c09160caadb713fcf58cb80a6fd5eea7ccc7c68bd4
28b9f17b585b3722b4fc4883a2bb4e6c1ffc2be41e45081cbe3752bd752d02a4
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
313b31e0386c1b7afb16ad7bd2e78b526a04afe24cf6a12a9a4c1b1a3704d743
316a853bb4ac612ad41aedf4ba8958156b7e64295f2d0b2ede3c20a910928dff
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
3d327171edb41db1649f5125306753c883aaf05fcf05540f9af3b961bff54607
44350f3c434ddd70b17e6b0f49398c24efa091ab58e1ab12700acd15962f4374
477f2c7acf54b2994c85f1a07720eb99f56979f5b134efb37a9ef84713c0e318
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
4c1c7e7c690b1cf795404eeed97f8eb2195af97822643ab72f07b370ec2ec1eb
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5441d0bfff5794dc114cc7d764978d26338cc48446870753e7c495819acf851f
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
5ffada885f24af216daffac4548148cf1da5e2f17602b774b0e7b49816959655
609795016110cd4bcf69fae138e9d4548f26745cdce9e620b44eab056612fbf0
61435b83c2bc471f9424dc10147ad5895333494efc4971f91cbf3b383cb5ed81
619200d6ce7cf5b58fe9c607f06836137dce007469c4d8574f6aaa1b69d43983
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
714d997f5eed6b02bea38b10af05a323e7e5460382f36f8c3b908be2c47f9e2b
7d129120fd866fab6abb59fcec7656bff3fce99109e81020330e5ef8d5965bce
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
86835a4ef093c7fc3c6d6f1433b669b286b4fb3074f2f15c2a95825269308323
8a96c1a0a8b1c2a8eab8adfa21634b7f2c4226f6bc5322df1ab7efc4f1f1af7f
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
927c9ce0161edc8d3140c9273e00746d54698c9799a7546c87160752ed4378f8
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9af4bd98020876246a68d45aac13621a096dd7a50e224c789bd8d16c8dbd8a03
9b343c672c1975b52088012950ecbe6f29387495e4744cda55bfb0612fefb4e3
9c72baa546b07c7eb296c3b83867d1dc7105a9e78722916e4fdbb84bd25fe664
9ca17dedd4289cd00b26e17bf0136213b75b4d4ab8df36dc32d4cbf98b0d37ee
9eaba4ee4769286a5a60125fda070144c81cf2f3f24f23e4eece81d8dfeeb672
a4f0091d654925b99652679bd060c889704aa70aebd07e1322acda3d38014f02
a60731c638d5b96d0b763b20db5e4f92cb10c3bdb968f1ec10c8d2744b46e552
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab9400a816d15900855f00f4dbb936346538a5713b06b4e23d2c2ad2404974e8
b1655222f37a4b7752bdc17ae54d3f71a46b6cde71cf2d39dffdea624259eaf7
b771b570e60c8e50333e424783ca6cfa7b00b044ad6a169ee6b71f2760bf1c4b
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094
caa9e2cd9d5c81e779c287925e26e844d516df2c05fffdbaf463777c7a2f2bc8
cb34d2ee2a93fd11b734c124a6fc661339585c63382d08eb31bf921b66519eac
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
dbba5941450352d6df0f749ed70108d2a77edf5ab78053177e2966a2b9bac2bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b22a674c4b9431ebe3fd474ef353534ada4bfc252d4a3236c2d6c964754f9d
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f4d9eb584be3bd82a980f5f35ab8e10d4803f53c80fda95912c778d4a566577c
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f56eec219c331da765c35568a9a8c420bee5121da53e4a69d10b3a61c882f22c